www.pngwing.com Open in urlscan Pro
2606:4700:3036::681b:8075 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pngwing.com.eu.cas.ms/
Effective URL:
https://www.pngwing.com/
Submission: On April 14 via automatic, source certstream-suspicious (April 14th 2020, 8:53:16 pm UTC)

Summary HTTP 36 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3036::681b:8075, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pngwing.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 13th 2020. Valid for: 8 months.

This is the only time www.pngwing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.156.204.24 52.156.204.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 16	2606:4700:303... 2606:4700:3036::681b:8075	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
36	9

1 52.156.204.24 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pngwing.com.eu.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3036::681b:8075 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pngwing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pngwing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w7.pngwing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	pngwing.com 1 redirects pngwing.com www.pngwing.com w7.pngwing.com	144 KB
7	doubleclick.net googleads.g.doubleclick.net
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	131 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	jsdelivr.net cdn.jsdelivr.net	9 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	cas.ms 1 redirects pngwing.com.eu.cas.ms	251 B
36	10

	Domain	Requested by
9	www.pngwing.com	www.pngwing.com pagead2.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	w7.pngwing.com	www.pngwing.com
4	pagead2.googlesyndication.com	www.pngwing.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.pngwing.com
2	cdn.jsdelivr.net	www.pngwing.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.pngwing.com
1	pngwing.com	1 redirects
1	pngwing.com.eu.cas.ms	1 redirects
36	13

This site contains links to these domains. Also see Links.

Domain
mailtoui.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-13` - `2020-10-09`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.pngwing.com/
Frame ID: AF5026AAE6BB081555B956BAE7FBFFFE
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/zrt_lookup.html
Frame ID: ACA9F55F65928467FE0DDDF4E8E9B626
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&adk=1812271804&adf=3025194257&lmt=1586897580&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586897580123&bpp=15&bdt=45&fdt=120&idt=120&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=622848223130&frm=20&pv=2&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=2665100&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1040&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135
Frame ID: 21235F2CFBFEB803548FA1E4000D798A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=90&slotname=3497086563&adk=2530762693&adf=2896993837&w=1200&fwrn=4&lmt=1586897580&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90_0ads_al&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1586897580138&bpp=12&bdt=59&fdt=150&idt=150&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=484&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=1&uci=a!1&fsb=1&xpc=J5NaAVs3zc&p=https%3A//www.pngwing.com&dtd=155
Frame ID: E56AB082DCD0BEB58303A47328BFA8A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&w=1200&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580150&bpp=5&bdt=71&fdt=151&idt=151&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=677&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgcgYzK7K3&p=https%3A//www.pngwing.com&dtd=153
Frame ID: 8E1379F7750D41D857C27C8155541237
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=30193656&w=350&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580155&bpp=3&bdt=77&fdt=163&idt=163&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=61&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kQBZdbQOAl&p=https%3A//www.pngwing.com&dtd=165
Frame ID: EFA8FA705E166E8234F52D0355BF18E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=555039025&w=350&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580158&bpp=3&bdt=79&fdt=169&idt=169&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=809&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=4&uci=a!4&fsb=1&xpc=3l7QD1ppbc&p=https%3A//www.pngwing.com&dtd=172
Frame ID: 8CB69F8F468F9F703B0BC78F6108837A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=3475572030&w=350&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580161&bpp=3&bdt=82&fdt=209&idt=209&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280%2C350x280&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=2057&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=brmYdeJVZI&p=https%3A//www.pngwing.com&dtd=212
Frame ID: D56769CFE2A932F946875DA7F0049E9C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 4A91D63C3859E118112F5EA666E42A0A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://pngwing.com.eu.cas.ms/ HTTP 307
https://pngwing.com/ HTTP 301
https://www.pngwing.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

36
Requests

100 %
HTTPS

89 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

359 kB
Transfer

892 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://mailtoui.com/?ref=ui
Title: Powered by MailtoUI

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pngwing.com.eu.cas.ms/ HTTP 307
https://pngwing.com/ HTTP 301
https://www.pngwing.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pngwing.com/
Redirect Chain

https://pngwing.com.eu.cas.ms/
https://pngwing.com/
https://www.pngwing.com/

113 KB
16 KB

124ms
115ms

Document
text/html

2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7a79b95d2fc92df8ce29b726fd79d63beda504145a033a4ce09694bb9f632cd

Request headers

:method: GET
:authority: www.pngwing.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 14 Apr 2020 20:53:00 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6c3d6f099c0a767af17d2f54c01fbd861586897579; expires=Thu, 14-May-20 20:52:59 GMT; path=/; domain=.pngwing.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58405052cf0b97cc-FRA
content-encoding: br

Redirect headers

status: 301
date: Tue, 14 Apr 2020 20:52:59 GMT
cache-control: max-age=3600
expires: Tue, 14 Apr 2020 21:52:59 GMT
location: https://www.pngwing.com/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 584050529eee97cc-FRA

GET
H2 200 base.css
www.pngwing.com/public/css/ 28 KB
8 KB 14ms
14ms Stylesheet
text/css 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pngwing.com/public/css/base.css?2020312
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc499945542acf6bb7cf7d9ee7f1387aed1dfec094ca22667a9a5b77ee91416f

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Mar 2020 01:34:40 GMT
server: cloudflare
age: 11350
etag: W/"5e6991b0-7080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=43200
cf-ray: 584050538fde97cc-FRA
expires: Wed, 15 Apr 2020 05:43:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 108 KB
39 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d713e50c5e438cc6596122fd3cbcb09e4181ee93dc25d4d6d128da8f42ccf7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39657
x-xss-protection: 0
server: cafe
etag: 5984455608614455518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Apr 2020 20:53:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-68216682-41

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da1c2230fec1b2ce37956bebb2b712eeb7d2ff629499770603ccba792a5b1e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30188
x-xss-protection: 0
last-modified: Tue, 14 Apr 2020 19:43:35 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Apr 2020 20:53:00 GMT

GET
H2 200 email-decode.min.js Show response
www.pngwing.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
816 B 21ms
20ms Script
application/javascript 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pngwing.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 06 Apr 2020 16:30:08 GMT
server: cloudflare
etag: W/"5e8b5910-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 584050538fe697cc-FRA
expires: Thu, 16 Apr 2020 20:53:00 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.5.0/dist/ 6 KB
3 KB 28ms
13ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.5.0/dist/lazyload.min.js

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d26ab0a896eb9cb3b3322a85087d0f0e86fc1b111b8d3731a7f8f2c6d1eaa889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4291840
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"1925-f6lYC0BD2Q6yy6SkpXLkFU7m6kE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 584050539c419730-FRA

GET
H2 200 global.js Show response
www.pngwing.com/public/ 14 KB
4 KB 13ms
12ms Script
application/javascript 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pngwing.com/public/global.js?2020320
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da5afa9eda9ad0c90987b9da1ef349e88167c81aebb33d373f1713772456b15b

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Mar 2020 04:11:04 GMT
server: cloudflare
age: 37602
etag: W/"5e744258-3821"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=43200
cf-ray: 584050538fe997cc-FRA
expires: Tue, 14 Apr 2020 22:26:18 GMT

GET
H2 200 mailtoui-min.js Show response
cdn.jsdelivr.net/npm/mailtoui@1.0.2/dist/ 20 KB
6 KB 28ms
13ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mailtoui@1.0.2/dist/mailtoui-min.js

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f71b667a94af5f1a2c991cd177b298191619ecaef1b8b57e5a78f04ae8539d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5834021
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-ams21028-AMS, cache-fra19146-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"5026-JzoRFecdxJA+1XdmlRtXB5lrBJ0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 584050539c439730-FRA

GET
H2 200 header_bg.svg
www.pngwing.com/public/css/ 69 KB
19 KB 35ms
35ms Image
image/svg+xml 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngwing.com/public/css/header_bg.svg
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8290218f730b2483c7cc60d2eac2ea9e90595e9ca355769f742e75268120088

Request headers

Referer: https://www.pngwing.com/public/css/base.css?2020312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Mar 2020 00:58:08 GMT
server: cloudflare
age: 212
etag: W/"5e698920-11575"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 58405053a80497cc-FRA

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a9d619b2e7b16d11e6fdacc86346dbfd821e13497da959f5f3d16ad39e43a8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pngwing.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pngwing.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/ 216 KB
81 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4726f5351b3e304c4e378940f4ae9d009f15d13423783a82b89ab1c47257e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 83076
x-xss-protection: 0
server: cafe
etag: 11284991114190924255
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Apr 2020 20:53:00 GMT

GET
H2 200 loader.svg
www.pngwing.com/public/css/ 1 KB
449 B 16ms
16ms Image
image/svg+xml 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngwing.com/public/css/loader.svg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0daef4b8a60f2a2e84cde0431285ee80a0176560b983d0730b87c26481cc7836

Request headers

Referer: https://www.pngwing.com/public/css/base.css?2020312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Apr 2019 01:42:22 GMT
server: cloudflare
age: 5952
etag: W/"5cba78fe-47d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 58405053c82297cc-FRA

GET
H2 200 scale.svg
www.pngwing.com/public/css/ 2 KB
883 B 12ms
12ms Image
image/svg+xml 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngwing.com/public/css/scale.svg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1a1026bd29787369177df7c8b337bf62deab35e69dec0ccdf338cec4f307ac6

Request headers

Referer: https://www.pngwing.com/public/css/base.css?2020312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2019 06:06:50 GMT
server: cloudflare
age: 5952
etag: W/"5c9329fa-8d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 58405053c82397cc-FRA

GET
H2 200 document.svg
www.pngwing.com/public/css/ 1 KB
613 B 14ms
14ms Image
image/svg+xml 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngwing.com/public/css/document.svg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04261972b408d8edaefc199c08d87a13afec67796c540c7f1617127f6f66ab8a

Request headers

Referer: https://www.pngwing.com/public/css/base.css?2020312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2019 06:07:18 GMT
server: cloudflare
age: 5952
etag: W/"5c932a16-574"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 58405053c82497cc-FRA

GET
H2 200 top.png
www.pngwing.com/public/css/ 3 KB
3 KB 13ms
13ms Image
image/png 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngwing.com/public/css/top.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b04df73090f6b0f3192a3b71874ca3b3cc19dff16adc6cf365cd0c75897f6c0

Request headers

Referer: https://www.pngwing.com/public/css/base.css?2020312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2019 07:39:28 GMT
server: cloudflare
age: 1158581
etag: "5c933fb0-b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58405053c82797cc-FRA
content-length: 2867
expires: Fri, 01 May 2020 11:03:19 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/ Frame ACA9 0
0 7ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200408/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 09 Apr 2020 05:36:24 GMT
expires: Thu, 23 Apr 2020 05:36:24 GMT
content-type: text/html; charset=UTF-8
etag: 1284906565632978074
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4913
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 486996
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 png-transparent-youtube-play-button-computer-icons-youtube-youtube-logo-angle-rectangle-logo-thumbnail.png
w7.pngwing.com/pngs/208/269/ 3 KB
3 KB 32ms
23ms Image
image/png 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/208/269/png-transparent-youtube-play-button-computer-icons-youtube-youtube-logo-angle-rectangle-logo-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4fddff9bdc0ebaa567ab6c65611730ac7066e21429f11bce1ed2e4b447b0be8

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
cf-cache-status: HIT
age: 1941655
status: 200
content-length: 2583
last-modified: Sun, 16 Feb 2020 04:55:58 GMT
server: cloudflare
etag: "5e48cb5e-a17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 5840505468bc97cc-FRA
expires: Thu, 18 Mar 2021 09:32:05 GMT

GET
H2 200 png-transparent-virus-illustration-gastroenteritis-stomach-abdomen-virus-vomiting-virus-miscellaneous-ink-food-thumbnail.png
w7.pngwing.com/pngs/843/761/ 20 KB
20 KB 30ms
21ms Image
image/png 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/843/761/png-transparent-virus-illustration-gastroenteritis-stomach-abdomen-virus-vomiting-virus-miscellaneous-ink-food-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989bd3bd423e24782117d315c177bc22bfa8cee59c0678d9c4766dec7fecae45

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
cf-cache-status: HIT
age: 1239542
status: 200
content-length: 19994
last-modified: Sun, 16 Feb 2020 22:17:37 GMT
server: cloudflare
etag: "5e49bf81-4e1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 5840505468c397cc-FRA
expires: Fri, 26 Mar 2021 12:33:58 GMT

GET
H2 200 png-transparent-daytime-atmosphere-of-earth-computer-the-vast-sky-starry-night-watercolor-painting-texture-studio-thumbnail.png
w7.pngwing.com/pngs/568/815/ 19 KB
19 KB 31ms
22ms Image
image/png 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/568/815/png-transparent-daytime-atmosphere-of-earth-computer-the-vast-sky-starry-night-watercolor-painting-texture-studio-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87e2ddabca4067e746eba189338aea0a9551390586b68660b0bf474aae4274c3

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
cf-cache-status: HIT
age: 1585875
status: 200
content-length: 19513
last-modified: Sat, 15 Feb 2020 21:02:30 GMT
server: cloudflare
etag: "5e485c66-4c39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 5840505468c297cc-FRA
expires: Mon, 22 Mar 2021 12:21:45 GMT

GET
H2 200 png-transparent-surgical-mask-dust-mask-surgery-surgeon-mask-glass-face-mask-thumbnail.png
w7.pngwing.com/pngs/502/169/ 11 KB
11 KB 23ms
15ms Image
image/png 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/502/169/png-transparent-surgical-mask-dust-mask-surgery-surgeon-mask-glass-face-mask-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f82c9c13dd621f0dc67a411641fbaea665bfd25f176230b1d48a1bcf1a31a275

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
cf-cache-status: HIT
age: 905340
status: 200
content-length: 11104
last-modified: Tue, 31 Mar 2020 05:59:53 GMT
server: cloudflare
etag: "5e82dc59-2b60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 5840505468bb97cc-FRA
expires: Tue, 30 Mar 2021 09:24:00 GMT

GET
H2 200 png-transparent-logo-icon-instagram-logo-instagram-logo-purple-violet-text-thumbnail.png
w7.pngwing.com/pngs/722/1011/ 20 KB
20 KB 26ms
17ms Image
image/png 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/722/1011/png-transparent-logo-icon-instagram-logo-instagram-logo-purple-violet-text-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b02fd9ddf4aaca4086f87123194c179b94b0e70760b28c2297d5312b4f4b8a31

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
cf-cache-status: HIT
age: 2128783
status: 200
content-length: 20049
last-modified: Sat, 15 Feb 2020 21:33:32 GMT
server: cloudflare
etag: "5e4863ac-4e51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 5840505468c597cc-FRA
expires: Tue, 16 Mar 2021 05:33:17 GMT

GET
H2 200 png-transparent-common-cold-cartoon-illustration-baby-fever-runny-nose-cartoon-character-child-photography-thumbnail.png
w7.pngwing.com/pngs/635/273/ 17 KB
17 KB 25ms
16ms Image
image/png 2606:4700:3036::681b:8075
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/635/273/png-transparent-common-cold-cartoon-illustration-baby-fever-runny-nose-cartoon-character-child-photography-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb0534aa2c05b97356769b9b2819ec65886e9a65dbef25b1b8fe04ab8d20e908

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
cf-cache-status: HIT
age: 1666683
status: 200
content-length: 17357
last-modified: Mon, 17 Feb 2020 08:18:22 GMT
server: cloudflare
etag: "5e4a4c4e-43cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 5840505468be97cc-FRA
expires: Sun, 21 Mar 2021 13:54:57 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2123 0
0 52ms
52ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&adk=1812271804&adf=3025194257&lmt=1586897580&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586897580123&bpp=15&bdt=45&fdt=120&idt=120&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=622848223130&frm=20&pv=2&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=2665100&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1040&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&adk=1812271804&adf=3025194257&lmt=1586897580&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586897580123&bpp=15&bdt=45&fdt=120&idt=120&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=622848223130&frm=20&pv=2&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=2665100&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1040&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 20:53:00 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Apr-2020 21:08:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 20:53:00 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e019e4dd3d8be298895ef632bb8e5083de16a01f55a1eb385b1e0efede2f3705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586777055770172"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28426
x-xss-protection: 0
expires: Tue, 14 Apr 2020 20:53:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68216682-41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 7000
date: Tue, 14 Apr 2020 18:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Tue, 14 Apr 2020 20:56:20 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E56A 0
0 154ms
153ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=90&slotname=3497086563&adk=2530762693&adf=2896993837&w=1200&fwrn=4&lmt=1586897580&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90_0ads_al&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1586897580138&bpp=12&bdt=59&fdt=150&idt=150&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=484&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=1&uci=a!1&fsb=1&xpc=J5NaAVs3zc&p=https%3A//www.pngwing.com&dtd=155

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&h=90&slotname=3497086563&adk=2530762693&adf=2896993837&w=1200&fwrn=4&lmt=1586897580&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90_0ads_al&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1586897580138&bpp=12&bdt=59&fdt=150&idt=150&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=484&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=1&uci=a!1&fsb=1&xpc=J5NaAVs3zc&p=https%3A//www.pngwing.com&dtd=155
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 20:53:00 GMT
server: cafe
content-length: 6026
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Apr-2020 21:08:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 20:53:00 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8E13 0
0 216ms
216ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&w=1200&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580150&bpp=5&bdt=71&fdt=151&idt=151&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=677&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgcgYzK7K3&p=https%3A//www.pngwing.com&dtd=153

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&w=1200&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580150&bpp=5&bdt=71&fdt=151&idt=151&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=677&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgcgYzK7K3&p=https%3A//www.pngwing.com&dtd=153
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 20:53:00 GMT
server: cafe
content-length: 25676
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Apr-2020 21:08:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 20:53:00 GMT
cache-control: private

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 15ms
14ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1966590370&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pngwing.com%2F&ul=en-us&de=UTF-8&dt=PNGWing%20-%20Exclusive%20png%20design%20images&sd=24-bit&sr=1600x1200&vp=1594x1200&je=0&_u=IAhAAUAB~&jid=1772041891&gjid=1894962340&cid=1902506689.1586897580&tid=UA-68216682-41&_gid=1165949399.1586897580&_r=1&gtm=2ou432&z=1868648222

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 20:53:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame EFA8 0
0 270ms
269ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=30193656&w=350&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580155&bpp=3&bdt=77&fdt=163&idt=163&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=61&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kQBZdbQOAl&p=https%3A//www.pngwing.com&dtd=165

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=30193656&w=350&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580155&bpp=3&bdt=77&fdt=163&idt=163&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=61&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kQBZdbQOAl&p=https%3A//www.pngwing.com&dtd=165
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 20:53:00 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Apr-2020 21:08:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 20:53:00 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8CB6 0
0 447ms
446ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=555039025&w=350&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580158&bpp=3&bdt=79&fdt=169&idt=169&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=809&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=4&uci=a!4&fsb=1&xpc=3l7QD1ppbc&p=https%3A//www.pngwing.com&dtd=172

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=555039025&w=350&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580158&bpp=3&bdt=79&fdt=169&idt=169&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=809&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=4&uci=a!4&fsb=1&xpc=3l7QD1ppbc&p=https%3A//www.pngwing.com&dtd=172
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 20:53:00 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUnUXupuYZUzhiyILycv5ritMQBAnoTTJknIJ5FPbeMsat1JXUVG0qUYqayS; expires=Sun, 09-May-2021 20:53:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 20:53:00 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame D567 0
0 444ms
444ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=3475572030&w=350&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580161&bpp=3&bdt=82&fdt=209&idt=209&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280%2C350x280&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=2057&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=brmYdeJVZI&p=https%3A//www.pngwing.com&dtd=212

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=3475572030&w=350&fwrn=4&fwrnh=100&lmt=1586897580&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586897580161&bpp=3&bdt=82&fdt=209&idt=209&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280%2C350x280&nras=1&correlator=622848223130&frm=20&pv=1&ga_vid=1902506689.1586897580&ga_sid=1586897580&ga_hid=1966590370&ga_fc=0&iag=0&icsg=11053708&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=2057&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530311&oid=3&pvsid=2139468910076749&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=brmYdeJVZI&p=https%3A//www.pngwing.com&dtd=212
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 20:53:00 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUkBUc5TVEMWV4XdsSCYuvQKVnLJBDrrSiaDw_s5mAs89gBWRPiHFPkID_CS; expires=Sun, 09-May-2021 20:53:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 20:53:00 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200408&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5ae2e3cdf1da5367423132fdc03c68330120a46234c31a7c6713cb1129d0d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5187
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 20:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 14 Apr 2020 20:53:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 4A91 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 14 Apr 2020 20:15:02 GMT
expires: Wed, 14 Apr 2021 20:15:02 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2278
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 16ms
16ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200408&jk=2139468910076749&bg=!19Sl1MxYav63aUFdKjYCAAAAMVIAAAAJmQFbaxmVDwy7yXE0Zk0wBGJznHix1MOPFO_-bwmJ5oHAxh7VI23bJlJS5A3hDLVIGf1kyYPpLxZTTzxniID-8mm1RjO4wesnd0aBl7nT_pu3PtDROxFFxtzRbutoDzukRcZAjT6l5hECZyYrGmunm_BDfuI7u4lLXScd3Wwj-4649cqvHTaF1O-zXodiZIuXuFP2533BVnTgS_lZZ1zDgOLYz3Jtz8mH_bT5dQMI1gDedpMYuJITKbHLrWywQp_aTfloeyvGsz6hoc5gH80tKBah0cUIft0UqRBwTroPXG_AOKZGRIT4P-Tg-djJ4NYiYtJI903uJtQE_YRZ4r6BWXZfd2m5mXgK-emcNmcJJ3r7smhjcxpmMF-kTEcnMePH8H9LAvyuWqecPBOjS7NkFj9zTECrRXfVK-EtnyUs3ZaZIhvi4A4uBjvGafAC07nsJZ1WmcSSF8Ggrdz6fJE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 20:53:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pngwing.com/	1970-01-19 08:48:17	Name: _gat_gtag_UA_68216682_41 Value: 1
.pngwing.com/	1970-01-19 08:49:43	Name: _gid Value: GA1.2.1165949399.1586897580
.doubleclick.net/	1970-01-19 18:09:53	Name: IDE Value: AHWqTUkBUc5TVEMWV4XdsSCYuvQKVnLJBDrrSiaDw_s5mAs89gBWRPiHFPkID_CS
.pngwing.com/	1970-01-20 02:19:29	Name: _ga Value: GA1.2.1902506689.1586897580
.pngwing.com/	1970-01-19 09:31:29	Name: __cfduid Value: d6c3d6f099c0a767af17d2f54c01fbd861586897579

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pngwing.com
pngwing.com.eu.cas.ms
tpc.googlesyndication.com
w7.pngwing.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.pngwing.com
2606:4700:3036::681b:8075
2606:4700::6810:5814
2a00:1450:4001:800::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::200e
52.156.204.24
04261972b408d8edaefc199c08d87a13afec67796c540c7f1617127f6f66ab8a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0daef4b8a60f2a2e84cde0431285ee80a0176560b983d0730b87c26481cc7836
1a9d619b2e7b16d11e6fdacc86346dbfd821e13497da959f5f3d16ad39e43a8e
1b04df73090f6b0f3192a3b71874ca3b3cc19dff16adc6cf365cd0c75897f6c0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e2ddabca4067e746eba189338aea0a9551390586b68660b0bf474aae4274c3
989bd3bd423e24782117d315c177bc22bfa8cee59c0678d9c4766dec7fecae45
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a8290218f730b2483c7cc60d2eac2ea9e90595e9ca355769f742e75268120088
b02fd9ddf4aaca4086f87123194c179b94b0e70760b28c2297d5312b4f4b8a31
b1a1026bd29787369177df7c8b337bf62deab35e69dec0ccdf338cec4f307ac6
b5ae2e3cdf1da5367423132fdc03c68330120a46234c31a7c6713cb1129d0d8f
bb0534aa2c05b97356769b9b2819ec65886e9a65dbef25b1b8fe04ab8d20e908
bc499945542acf6bb7cf7d9ee7f1387aed1dfec094ca22667a9a5b77ee91416f
d26ab0a896eb9cb3b3322a85087d0f0e86fc1b111b8d3731a7f8f2c6d1eaa889
d713e50c5e438cc6596122fd3cbcb09e4181ee93dc25d4d6d128da8f42ccf7a0
d7a79b95d2fc92df8ce29b726fd79d63beda504145a033a4ce09694bb9f632cd
da1c2230fec1b2ce37956bebb2b712eeb7d2ff629499770603ccba792a5b1e37
da5afa9eda9ad0c90987b9da1ef349e88167c81aebb33d373f1713772456b15b
e019e4dd3d8be298895ef632bb8e5083de16a01f55a1eb385b1e0efede2f3705
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fddff9bdc0ebaa567ab6c65611730ac7066e21429f11bce1ed2e4b447b0be8
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee4726f5351b3e304c4e378940f4ae9d009f15d13423783a82b89ab1c47257e0
f71b667a94af5f1a2c991cd177b298191619ecaef1b8b57e5a78f04ae8539d78
f82c9c13dd621f0dc67a411641fbaea665bfd25f176230b1d48a1bcf1a31a275

www.pngwing.com Open in urlscan Pro 2606:4700:3036::681b:8075 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

100 %HTTPS

89 %IPv6

10 Domains

13 Subdomains

9 IPs

3 Countries

359 kBTransfer

892 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pngwing.com Open in urlscan Pro
2606:4700:3036::681b:8075 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

100 %
HTTPS

89 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

359 kB
Transfer

892 kB
Size

5
Cookies

36 HTTP transactions
2 data transactions