urlscan.io logo urlscan.io
SecurityTrails logo

www.nweshow.tk Open in urlscan Pro
2a00:1450:4001:81a::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gift-way.com/sold
Effective URL: http://www.nweshow.tk/
Submission: On December 04 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 16 domains to perform 41 HTTP transactions. The main IP is 2a00:1450:4001:81a::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE - Google LLC, US. The main domain is www.nweshow.tk.
This is the only time www.nweshow.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 160.153.129.33 26496 (AS-26496-...)
4 151.101.112.193 54113 (FASTLY)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 185.225.208.133 13213 (UK2NET-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 67.202.94.86 32748 (STEADFAST)
41 16
5    160.153.129.33 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-160-153-129-33.ip.secureserver.net
gift-way.com
4    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
i.imgur.com
2    2606:4700:30::6818:7b80 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
good-morning.cc
4    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
3    2a00:1450:4001:81a::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.nweshow.tk
2    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2606:4700:30::6818:7be7 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ccute.cc
1    2606:4700:30::681f:5d3c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
eveningg.cc
1    2606:4700:30::681c:24a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
meaningg.cc
1    2606:4700:30::6818:674c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hobe.cc
3    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
6    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
1    185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)
widgets.amung.us
1    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
Domain Requested by
5 gift-way.com 1 redirects gift-way.com
www.nweshow.tk
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 fonts.googleapis.com gift-way.com
www.nweshow.tk
4 i.imgur.com gift-way.com
www.nweshow.tk
3 fonts.gstatic.com www.nweshow.tk
3 www.nweshow.tk gift-way.com
www.nweshow.tk
2 pagead2.googlesyndication.com www.nweshow.tk
pagead2.googlesyndication.com
2 good-morning.cc gift-way.com
www.nweshow.tk
1 whos.amung.us widgets.amung.us
1 www.googletagservices.com pagead2.googlesyndication.com
1 widgets.amung.us www.nweshow.tk
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 hobe.cc gift-way.com
www.nweshow.tk
1 meaningg.cc gift-way.com
www.nweshow.tk
1 eveningg.cc gift-way.com
www.nweshow.tk
1 ccute.cc gift-way.com
www.nweshow.tk
41 17

This site contains links to these domains. Also see Links.

Domain
voiod.blogspot.com
www.blogger.com
Subject Issuer Validity Valid
*.imgur.com
DigiCert SHA2 Secure Server CA		 2018-12-14 -
2020-02-12		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-02 -
2020-10-09		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://www.nweshow.tk/
Frame ID: 31300612E321A72C774C0BF4739BEA01
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/zrt_lookup.html
Frame ID: 686814D49E1E5C831796745C7CC5552D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7106676341842215&output=html&h=50&slotname=3896273942&adk=1350358917&adf=2079008609&w=220&lmt=1575468480&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=220x50&url=http%3A%2F%2Fwww.nweshow.tk%2F&flash=0&wgl=1&adsid=NT&dt=1575475355521&bpp=12&bdt=406&fdt=77&idt=78&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&correlator=3154625023211&frm=20&pv=2&ga_vid=707168418.1575475356&ga_sid=1575475356&ga_hid=1299829739&ga_fc=0&iag=0&icsg=47659&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=690&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011%2C423550201&oid=3&pg_h=1200&pvsid=2364654552863834&ref=http%3A%2F%2Fgift-way.com%2Fsold%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=u8xUcwIpm1&p=http%3A//www.nweshow.tk&dtd=92
Frame ID: 5E8C52ABB032BF2537B86A0ED7DCCC5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7106676341842215&output=html&h=200&slotname=4795025287&adk=4385963&adf=1209158807&w=200&lmt=1575468480&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=200x200&url=http%3A%2F%2Fwww.nweshow.tk%2F&flash=0&wgl=1&adsid=NT&dt=1575475355534&bpp=6&bdt=419&fdt=104&idt=104&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=220x50&correlator=3154625023211&frm=20&pv=1&ga_vid=707168418.1575475356&ga_sid=1575475356&ga_hid=1299829739&ga_fc=0&iag=0&icsg=178731&dssz=16&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=700&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011%2C423550201&oid=3&pg_h=1200&pvsid=2364654552863834&ref=http%3A%2F%2Fgift-way.com%2Fsold%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ef0WY77u5F&p=http%3A//www.nweshow.tk&dtd=106
Frame ID: 2B4C4FC6EA00D3F0CB883631A27A3507
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7106676341842215&output=html&adk=1812271804&adf=3025194257&lmt=1575468480&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Fwww.nweshow.tk%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1575475355562&bpp=6&bdt=447&fdt=84&idt=84&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=220x50%2C200x200&nras=1&correlator=3154625023211&frm=20&pv=1&ga_vid=707168418.1575475356&ga_sid=1575475356&ga_hid=1299829739&ga_fc=0&iag=0&icsg=178731&dssz=16&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011%2C423550201&oid=3&pg_h=1200&pvsid=2364654552863834&ref=http%3A%2F%2Fgift-way.com%2Fsold%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&dtd=88
Frame ID: D4571926BC3DA9F0BAF3B29853D38621
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gift-way.com/sold HTTP 301
    http://gift-way.com/sold/ Page URL
  2. http://www.nweshow.tk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

41
Requests

56 %
HTTPS

73 %
IPv6

16
Domains

17
Subdomains

16
IPs

2
Countries

952 kB
Transfer

1237 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gift-way.com/sold HTTP 301
    http://gift-way.com/sold/ Page URL
  2. http://www.nweshow.tk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://gift-way.com/sold HTTP 301
  • http://gift-way.com/sold/
Request Chain 14
  • http://fonts.googleapis.com/earlyaccess/notonaskharabic.css HTTP 307
  • https://fonts.googleapis.com/earlyaccess/notonaskharabic.css

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
gift-way.com/sold/
Redirect Chain
  • http://gift-way.com/sold
  • http://gift-way.com/sold/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://gift-way.com/sold/
Protocol
HTTP/1.1
Server
160.153.129.33 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-160-153-129-33.ip.secureserver.net
Software
Apache / PHP/7.2.20
Resource Hash
c4e25c1f78668c8ac54eab1ab6cdd397c54be20bf38931d6b24a011c95c659e5

Request headers

Host
gift-way.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 16:02:34 GMT
Server
Apache
X-Powered-By
PHP/7.2.20
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
1423
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 04 Dec 2019 16:02:34 GMT
Server
Apache
Location
http://gift-way.com/sold/
Content-Length
233
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
style.css
gift-way.com/sold/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://gift-way.com/sold/css/style.css
Requested by
Host: gift-way.com
URL: http://gift-way.com/sold/
Protocol
HTTP/1.1
Server
160.153.129.33 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-160-153-129-33.ip.secureserver.net
Software
Apache /
Resource Hash
e4754b9dcda821f85b36ea190fd12d7dffb274dad623911d865271743b010b52

Request headers

Referer
http://gift-way.com/sold/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 16:02:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Nov 2019 23:05:27 GMT
Server
Apache
ETag
"9cc00f4-a87-5976aa230fbc0-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
902
fGo7eS2.png
i.imgur.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/fGo7eS2.png
Requested by
Host: gift-way.com
URL: http://gift-way.com/sold/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash

Request headers

Referer
http://gift-way.com/sold/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:34 GMT
age
1616421
x-cache
HIT, HIT
status
200
content-length
2749
x-served-by
cache-bwi5144-BWI, cache-hhn4081-HHN
last-modified
Fri, 15 Nov 2019 23:02:13 GMT
server
cat factory 1.0
x-timer
S1575475355.649358,VS0,VE1
etag
"78c7c453e353f2eb67e16869163e0600"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
arrow.gif
gift-way.com/sold/img/ 		452 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gift-way.com/sold/img/arrow.gif
Requested by
Host: gift-way.com
URL: http://gift-way.com/sold/
Protocol
HTTP/1.1
Server
160.153.129.33 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-160-153-129-33.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
http://gift-way.com/sold/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 16:02:34 GMT
Last-Modified
Mon, 15 Oct 2018 01:16:28 GMT
Server
Apache
ETag
"9cc023f-1c4-5783a2fbe7300"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
452
1919-9.jpg
ccute.cc/wp-content/uploads/2018/07/ 		0
0
6697.jpg
eveningg.cc/wp-content/uploads/2018/12/ 		0
0
1503.jpg
meaningg.cc/wp-content/uploads/2018/07/ 		0
0
5208.jpg
good-morning.cc/wp-content/uploads/2019/08/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://good-morning.cc/wp-content/uploads/2019/08/5208.jpg
Requested by
Host: gift-way.com
URL: http://gift-way.com/sold/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7b80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://gift-way.com/sold/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 16:02:35 GMT
CF-Cache-Status
MISS
Last-Modified
Wed, 28 Aug 2019 15:16:15 GMT
Server
cloudflare
ETag
"5d669abf-18c0c"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
53ff016679afcbb0-VIE
Content-Length
101388
Expires
Thu, 31 Dec 2037 23:55:55 GMT
3497-2.jpg
hobe.cc/wp-content/uploads/2018/06/ 		0
0
i9gv3aY.jpg
i.imgur.com/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/i9gv3aY.jpg
Requested by
Host: gift-way.com
URL: http://gift-way.com/sold/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash

Request headers

Referer
http://gift-way.com/sold/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:34 GMT
age
1655303
x-cache
HIT, HIT
status
200
content-length
42574
x-served-by
cache-bwi5143-BWI, cache-hhn4081-HHN
last-modified
Fri, 15 Nov 2019 12:14:11 GMT
server
cat factory 1.0
x-timer
S1575475355.649392,VS0,VE1
etag
"2074ef94b77aa57d849c7c4f5f4aff6e"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
notonaskharabic.css
fonts.googleapis.com/earlyaccess/ 		1 KB
654 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/earlyaccess/notonaskharabic.css
Requested by
Host: gift-way.com
URL: http://gift-way.com/sold/
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://gift-way.com/sold/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 16:02:34 GMT
Content-Encoding
gzip
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Transfer-Encoding
chunked
Timing-Allow-Origin
*
X-XSS-Protection
0
Expires
Wed, 04 Dec 2019 16:02:34 GMT
css
fonts.googleapis.com/ 		857 B
460 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web
Requested by
Host: gift-way.com
URL: http://gift-way.com/sold/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://gift-way.com/sold/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 04 Dec 2019 16:02:34 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 04 Dec 2019 16:02:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 04 Dec 2019 16:02:34 GMT
Primary Request /
www.nweshow.tk/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.nweshow.tk/
Requested by
Host: gift-way.com
URL: http://gift-way.com/sold/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
cd32a92aae1def4975df6ef5f0abc1b3cccada0a9e256b21dee99d3e7e155c75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.nweshow.tk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://gift-way.com/sold/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://gift-way.com/sold/

Response headers

Content-Type
text/html; charset=UTF-8
Expires
Wed, 04 Dec 2019 16:02:35 GMT
Date
Wed, 04 Dec 2019 16:02:35 GMT
Cache-Control
private, max-age=0
Last-Modified
Wed, 04 Dec 2019 14:08:00 GMT
ETag
W/"586bcad37bd108aa3497b0eddd6414efea9ee9e27fa55f3add9ee49eb3a68a80"
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Length
3579
Server
GSE
style.css
www.nweshow.tk/css/ 		0
0
history-stealer.js
www.nweshow.tk/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.nweshow.tk/history-stealer.js
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Dec 2019 16:02:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
GSE
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
1437
X-XSS-Protection
1; mode=block
Expires
Mon, 01 Jan 1990 00:00:00 GMT
notonaskharabic.css
fonts.googleapis.com/earlyaccess/
Redirect Chain
  • http://fonts.googleapis.com/earlyaccess/notonaskharabic.css
  • https://fonts.googleapis.com/earlyaccess/notonaskharabic.css
1 KB
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/notonaskharabic.css
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
fb75e66c87398c07afdb37c8a22e06974a646a57d875351737a9a4c614eeb5b7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:35 GMT
content-encoding
br
server
ESF
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 04 Dec 2019 16:02:35 GMT

Redirect headers

Location
https://fonts.googleapis.com/earlyaccess/notonaskharabic.css
Non-Authoritative-Reason
HSTS
fGo7eS2.png
i.imgur.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/fGo7eS2.png
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
2dc647adbc0ba841baac99353c7bb2bf3c17f4afc73bf1576bdabdd58403b7b0

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:36 GMT
age
1616423
x-cache
HIT, HIT
status
200
content-length
2749
x-served-by
cache-bwi5144-BWI, cache-hhn4081-HHN
last-modified
Fri, 15 Nov 2019 23:02:13 GMT
server
cat factory 1.0
x-timer
S1575475357.879456,VS0,VE0
etag
"78c7c453e353f2eb67e16869163e0600"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 2
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		103 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
bb912b8f4783240b152e04c67453f292c205bf4ca79067c67d1758716e259ad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37564
x-xss-protection
0
server
cafe
etag
15514047598264491999
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 04 Dec 2019 16:02:35 GMT
arrow.gif
gift-way.com/sold/img/ 		452 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gift-way.com/sold/img/arrow.gif
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
HTTP/1.1
Server
160.153.129.33 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-160-153-129-33.ip.secureserver.net
Software
Apache /
Resource Hash
009e8c75d6bc907eea24f4c38d0b5fe7fcdd1166c17513348e73d88eb96311a8

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 16:02:36 GMT
Last-Modified
Mon, 15 Oct 2018 01:16:28 GMT
Server
Apache
ETag
"9cc023f-1c4-5783a2fbe7300"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
452
1919-9.jpg
ccute.cc/wp-content/uploads/2018/07/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccute.cc/wp-content/uploads/2018/07/1919-9.jpg
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7be7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6874eb15f58461f740c8d1a0f458ba69e35be48a4241d37668e0bf9850136db2

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:35 GMT
cf-cache-status
HIT
last-modified
Thu, 05 Jul 2018 08:42:30 GMT
server
cloudflare
age
0
etag
"5b3dd9f6-c88c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
53ff016bd85dcbbc-VIE
content-length
51340
expires
Thu, 31 Dec 2037 23:55:55 GMT
6697.jpg
eveningg.cc/wp-content/uploads/2018/12/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eveningg.cc/wp-content/uploads/2018/12/6697.jpg
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5d3c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c0a48c99dc9e7bb325852881ffc59908119a1baaa052b5c17ba615b712e7ab

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:35 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Dec 2018 16:27:14 GMT
server
cloudflare
age
0
etag
"5c094de2-2dd18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
53ff016bdd43cbc4-VIE
content-length
187672
expires
Thu, 31 Dec 2037 23:55:55 GMT
1503.jpg
meaningg.cc/wp-content/uploads/2018/07/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meaningg.cc/wp-content/uploads/2018/07/1503.jpg
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:24a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6836f108e95429453237924d7aacf91cac5bb536ce876369f72cbc3fec9c7541

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:35 GMT
cf-cache-status
HIT
last-modified
Mon, 30 Jul 2018 16:33:30 GMT
server
cloudflare
age
0
etag
"5b5f3dda-71ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
53ff016bd87459be-VIE
content-length
29166
expires
Thu, 31 Dec 2037 23:55:55 GMT
5208.jpg
good-morning.cc/wp-content/uploads/2019/08/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://good-morning.cc/wp-content/uploads/2019/08/5208.jpg
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7b80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb10d63c9d4def4045096a22f125112e80ce1443a5da9ce9368f0ae02b8e8df

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 16:02:35 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 28 Aug 2019 15:16:15 GMT
Server
cloudflare
Age
1
ETag
"5d669abf-18c0c"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
53ff016bdafacbb0-VIE
Content-Length
101388
Expires
Thu, 31 Dec 2037 23:55:55 GMT
3497-2.jpg
hobe.cc/wp-content/uploads/2018/06/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hobe.cc/wp-content/uploads/2018/06/3497-2.jpg
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:674c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a4174512020e443f8c3270a6de99bf0c0f49ec761f54f5f49eda3922c7939a

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:35 GMT
cf-cache-status
HIT
last-modified
Sat, 30 Jun 2018 12:14:43 GMT
server
cloudflare
age
0
etag
"5b377433-90da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
53ff016bdc1e5970-VIE
content-length
37082
expires
Thu, 31 Dec 2037 23:55:55 GMT
i9gv3aY.jpg
i.imgur.com/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/i9gv3aY.jpg
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
69a2880ace74c8bac4b520b07ed434d70d02c0a66147a68852bc19d6c7c35f0c

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:36 GMT
age
1655305
x-cache
HIT, HIT
status
200
content-length
42574
x-served-by
cache-bwi5143-BWI, cache-hhn4081-HHN
last-modified
Fri, 15 Nov 2019 12:14:11 GMT
server
cat factory 1.0
x-timer
S1575475357.880946,VS0,VE0
etag
"2074ef94b77aa57d849c7c4f5f4aff6e"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 2
cookienotice.js
www.nweshow.tk/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.nweshow.tk/js/cookienotice.js
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 16:02:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 15:16:37 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
Content-Length
2026
X-XSS-Protection
0
Expires
Wed, 11 Dec 2019 16:02:35 GMT
css
fonts.googleapis.com/ 		857 B
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
44bb15364de8e73c877878ddd34ccf9ef610bf4761eedbb997838f1db9333694
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 04 Dec 2019 16:02:35 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 04 Dec 2019 16:02:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 04 Dec 2019 16:02:35 GMT
style.css
www.nweshow.tk/css/ 		0
0
NotoNaskhArabic-Bold.woff2
fonts.gstatic.com/ea/notonaskharabic/v4/ 		88 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/notonaskharabic/v4/NotoNaskhArabic-Bold.woff2
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bd42606afa64c7c05083e99a36d99069cfa681359ac133c2622c269e9a235fc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/earlyaccess/notonaskharabic.css
Origin
http://www.nweshow.tk

Response headers

date
Wed, 20 Nov 2019 01:17:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2015 17:45:07 GMT
server
sffe
age
1262712
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
89804
x-xss-protection
0
expires
Thu, 19 Nov 2020 01:17:23 GMT
NotoNaskhArabic-Regular.woff2
fonts.gstatic.com/ea/notonaskharabic/v4/ 		91 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/notonaskharabic/v4/NotoNaskhArabic-Regular.woff2
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e63c5a15185ca3cdea4fb816ac84c4ed326951a620d4cafca6a79b90f97df977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/earlyaccess/notonaskharabic.css
Origin
http://www.nweshow.tk

Response headers

date
Wed, 20 Nov 2019 11:45:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2015 17:45:07 GMT
server
sffe
age
1224999
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
92704
x-xss-protection
0
expires
Thu, 19 Nov 2020 11:45:56 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nweshow.tk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nweshow.tk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/ 		240 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9abb9e299ab0f7c2c00c20f0d5858358ffa1e7a9f835bab1798c769ff3b22777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
90016
x-xss-protection
0
server
cafe
etag
16514268273887163252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Dec 2019 16:02:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/ Frame 6868 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191114/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://www.nweshow.tk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.nweshow.tk/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 04 Dec 2019 08:19:49 GMT
expires
Wed, 18 Dec 2019 08:19:49 GMT
content-type
text/html; charset=UTF-8
etag
9688732929695215001
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6504
x-xss-protection
0
cache-control
public, max-age=1209600
age
27766
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
classic.js
widgets.amung.us/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widgets.amung.us/classic.js
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
HTTP/1.1
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
cf0515e24db8e36fd10e5b1309eb32672c750a04db794714fb13b7068dea9785

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 16:02:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 22:03:04 GMT
ETag
W/"5de6db98-2e31"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Thu, 05 Dec 2019 16:02:37 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v8/NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
Requested by
Host: www.nweshow.tk
URL: http://www.nweshow.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Titillium+Web
Origin
http://www.nweshow.tk

Response headers

date
Wed, 20 Nov 2019 23:38:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:34 GMT
server
sffe
age
1182236
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12344
x-xss-protection
0
expires
Thu, 19 Nov 2020 23:38:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5E8C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7106676341842215&output=html&h=50&slotname=3896273942&adk=1350358917&adf=2079008609&w=220&lmt=1575468480&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=220x50&url=http%3A%2F%2Fwww.nweshow.tk%2F&flash=0&wgl=1&adsid=NT&dt=1575475355521&bpp=12&bdt=406&fdt=77&idt=78&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&correlator=3154625023211&frm=20&pv=2&ga_vid=707168418.1575475356&ga_sid=1575475356&ga_hid=1299829739&ga_fc=0&iag=0&icsg=47659&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=690&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011%2C423550201&oid=3&pg_h=1200&pvsid=2364654552863834&ref=http%3A%2F%2Fgift-way.com%2Fsold%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=u8xUcwIpm1&p=http%3A//www.nweshow.tk&dtd=92
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7106676341842215&output=html&h=50&slotname=3896273942&adk=1350358917&adf=2079008609&w=220&lmt=1575468480&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=220x50&url=http%3A%2F%2Fwww.nweshow.tk%2F&flash=0&wgl=1&adsid=NT&dt=1575475355521&bpp=12&bdt=406&fdt=77&idt=78&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&correlator=3154625023211&frm=20&pv=2&ga_vid=707168418.1575475356&ga_sid=1575475356&ga_hid=1299829739&ga_fc=0&iag=0&icsg=47659&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=690&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011%2C423550201&oid=3&pg_h=1200&pvsid=2364654552863834&ref=http%3A%2F%2Fgift-way.com%2Fsold%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=u8xUcwIpm1&p=http%3A//www.nweshow.tk&dtd=92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://www.nweshow.tk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.nweshow.tk/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 04 Dec 2019 16:02:35 GMT
server
cafe
content-length
19154
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 04-Dec-2019 16:17:35 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 04 Dec 2019 16:02:35 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ddeda14a0a3fa1b9696f3bbe5907edf2f254e0ca9e2987e835923464ea8f2627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29365
x-xss-protection
0
expires
Wed, 04 Dec 2019 16:02:35 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2B4C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7106676341842215&output=html&h=200&slotname=4795025287&adk=4385963&adf=1209158807&w=200&lmt=1575468480&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=200x200&url=http%3A%2F%2Fwww.nweshow.tk%2F&flash=0&wgl=1&adsid=NT&dt=1575475355534&bpp=6&bdt=419&fdt=104&idt=104&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=220x50&correlator=3154625023211&frm=20&pv=1&ga_vid=707168418.1575475356&ga_sid=1575475356&ga_hid=1299829739&ga_fc=0&iag=0&icsg=178731&dssz=16&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=700&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011%2C423550201&oid=3&pg_h=1200&pvsid=2364654552863834&ref=http%3A%2F%2Fgift-way.com%2Fsold%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ef0WY77u5F&p=http%3A//www.nweshow.tk&dtd=106
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13322284649061008667/200x200.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13322284649061008667/200x200.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMDDtIevnOYCFc8t4AodQigMmQ&gqi=m9jnXdHRJ4WvgAeMkJ-YAQ&layout=/sadbundle/%24csp%253Der3%24/13322284649061008667/200x200.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7106676341842215&output=html&h=200&slotname=4795025287&adk=4385963&adf=1209158807&w=200&lmt=1575468480&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=200x200&url=http%3A%2F%2Fwww.nweshow.tk%2F&flash=0&wgl=1&adsid=NT&dt=1575475355534&bpp=6&bdt=419&fdt=104&idt=104&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=220x50&correlator=3154625023211&frm=20&pv=1&ga_vid=707168418.1575475356&ga_sid=1575475356&ga_hid=1299829739&ga_fc=0&iag=0&icsg=178731&dssz=16&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=700&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011%2C423550201&oid=3&pg_h=1200&pvsid=2364654552863834&ref=http%3A%2F%2Fgift-way.com%2Fsold%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ef0WY77u5F&p=http%3A//www.nweshow.tk&dtd=106
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://www.nweshow.tk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.nweshow.tk/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13322284649061008667/200x200.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13322284649061008667/200x200.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMDDtIevnOYCFc8t4AodQigMmQ&gqi=m9jnXdHRJ4WvgAeMkJ-YAQ&layout=/sadbundle/%24csp%253Der3%24/13322284649061008667/200x200.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 04 Dec 2019 16:02:35 GMT
server
cafe
content-length
26094
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 04-Dec-2019 16:17:35 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 04 Dec 2019 16:02:35 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame D457 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7106676341842215&output=html&adk=1812271804&adf=3025194257&lmt=1575468480&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Fwww.nweshow.tk%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1575475355562&bpp=6&bdt=447&fdt=84&idt=84&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=220x50%2C200x200&nras=1&correlator=3154625023211&frm=20&pv=1&ga_vid=707168418.1575475356&ga_sid=1575475356&ga_hid=1299829739&ga_fc=0&iag=0&icsg=178731&dssz=16&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011%2C423550201&oid=3&pg_h=1200&pvsid=2364654552863834&ref=http%3A%2F%2Fgift-way.com%2Fsold%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&dtd=88
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7106676341842215&output=html&adk=1812271804&adf=3025194257&lmt=1575468480&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Fwww.nweshow.tk%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1575475355562&bpp=6&bdt=447&fdt=84&idt=84&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=220x50%2C200x200&nras=1&correlator=3154625023211&frm=20&pv=1&ga_vid=707168418.1575475356&ga_sid=1575475356&ga_hid=1299829739&ga_fc=0&iag=0&icsg=178731&dssz=16&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011%2C423550201&oid=3&pg_h=1200&pvsid=2364654552863834&ref=http%3A%2F%2Fgift-way.com%2Fsold%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&dtd=88
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://www.nweshow.tk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.nweshow.tk/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 04 Dec 2019 16:02:35 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 04-Dec-2019 16:17:35 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 04 Dec 2019 16:02:35 GMT
cache-control
private
/
whos.amung.us/pingjs/ 		25 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=weback&t=%D8%B9%D8%A7%D8%AC%D9%84%20%D8%A7%D9%82%D8%B3%D9%85%20%D8%A8%D8%A7%D9%84%D9%84%D9%87%20%D8%A7%D8%AD%D8%B5%D9%84%20%D8%B9%D9%84%D9%89%20%D8%B1%D8%B5%D9%8A%D8%AF%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A&c=c&y=http%3A%2F%2Fgift-way.com%2Fsold%2F&a=0&d=0.929&v=22&r=686
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol
HTTP/1.1
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
355bc6cd0f16583dce0350aa9ebeae362828c84e1a5e629232455ccb26b7c0e7

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 16:02:38 GMT
content-encoding
gzip
transfer-encoding
chunked
content-type
text/javascript;charset=UTF-8
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Referer
http://www.nweshow.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ccute.cc
URL
https://ccute.cc/wp-content/uploads/2018/07/1919-9.jpg
Domain
eveningg.cc
URL
https://eveningg.cc/wp-content/uploads/2018/12/6697.jpg
Domain
meaningg.cc
URL
https://meaningg.cc/wp-content/uploads/2018/07/1503.jpg
Domain
hobe.cc
URL
https://hobe.cc/wp-content/uploads/2018/06/3497-2.jpg
Domain
www.nweshow.tk
URL
http://www.nweshow.tk/css/style.css
Domain
www.nweshow.tk
URL
http://www.nweshow.tk/css/style.css

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| _wau object| cookieChoices function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| WAU_ren function| WAU_classic function| WAU_classic_request function| WAU_r_c function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady object| x string| x1 string| x2

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmWy8B_CsNuyar1NNNs1RiETngt5FkE-yycaMmzBqq6QGzfYDJ3afFKDfJo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ccute.cc
eveningg.cc
fonts.googleapis.com
fonts.gstatic.com
gift-way.com
good-morning.cc
googleads.g.doubleclick.net
hobe.cc
i.imgur.com
meaningg.cc
pagead2.googlesyndication.com
whos.amung.us
widgets.amung.us
www.googletagservices.com
www.nweshow.tk
ccute.cc
eveningg.cc
hobe.cc
meaningg.cc
www.nweshow.tk
151.101.112.193
160.153.129.33
185.225.208.133
2606:4700:30::6818:674c
2606:4700:30::6818:7b80
2606:4700:30::6818:7be7
2606:4700:30::681c:24a
2606:4700:30::681f:5d3c
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2013
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200a
2a00:1450:4001:821::2002
67.202.94.86
009e8c75d6bc907eea24f4c38d0b5fe7fcdd1166c17513348e73d88eb96311a8
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
2dc647adbc0ba841baac99353c7bb2bf3c17f4afc73bf1576bdabdd58403b7b0
355bc6cd0f16583dce0350aa9ebeae362828c84e1a5e629232455ccb26b7c0e7
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
44bb15364de8e73c877878ddd34ccf9ef610bf4761eedbb997838f1db9333694
6836f108e95429453237924d7aacf91cac5bb536ce876369f72cbc3fec9c7541
6874eb15f58461f740c8d1a0f458ba69e35be48a4241d37668e0bf9850136db2
69a2880ace74c8bac4b520b07ed434d70d02c0a66147a68852bc19d6c7c35f0c
9abb9e299ab0f7c2c00c20f0d5858358ffa1e7a9f835bab1798c769ff3b22777
9cb10d63c9d4def4045096a22f125112e80ce1443a5da9ce9368f0ae02b8e8df
a7c0a48c99dc9e7bb325852881ffc59908119a1baaa052b5c17ba615b712e7ab
bb912b8f4783240b152e04c67453f292c205bf4ca79067c67d1758716e259ad3
bd42606afa64c7c05083e99a36d99069cfa681359ac133c2622c269e9a235fc6
c4e25c1f78668c8ac54eab1ab6cdd397c54be20bf38931d6b24a011c95c659e5
cd32a92aae1def4975df6ef5f0abc1b3cccada0a9e256b21dee99d3e7e155c75
cf0515e24db8e36fd10e5b1309eb32672c750a04db794714fb13b7068dea9785
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
ddeda14a0a3fa1b9696f3bbe5907edf2f254e0ca9e2987e835923464ea8f2627
e4754b9dcda821f85b36ea190fd12d7dffb274dad623911d865271743b010b52
e63c5a15185ca3cdea4fb816ac84c4ed326951a620d4cafca6a79b90f97df977
f0a4174512020e443f8c3270a6de99bf0c0f49ec761f54f5f49eda3922c7939a
fb75e66c87398c07afdb37c8a22e06974a646a57d875351737a9a4c614eeb5b7