www.pngwing.com Open in urlscan Pro
2606:4700:3032::681b:8175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pngwing.com.admin-eu.cas.ms/
Effective URL:
https://www.pngwing.com/
Submission: On April 14 via automatic, source certstream-suspicious (April 14th 2020, 9:12:10 pm UTC)

Summary HTTP 38 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3032::681b:8175, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pngwing.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 13th 2020. Valid for: 8 months.

This is the only time www.pngwing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.155.161.91 52.155.161.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 18	2606:4700:303... 2606:4700:3032::681b:8175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
38	9

1 52.155.161.91 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pngwing.com.admin-eu.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3032::681b:8175 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pngwing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pngwing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w7.pngwing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	pngwing.com 1 redirects pngwing.com www.pngwing.com w7.pngwing.com	192 KB
7	doubleclick.net googleads.g.doubleclick.net
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	132 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	jsdelivr.net cdn.jsdelivr.net	9 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	839 B
1	google.de adservice.google.de	839 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	cas.ms 1 redirects pngwing.com.admin-eu.cas.ms	266 B
38	10

	Domain	Requested by
9	www.pngwing.com	www.pngwing.com
8	w7.pngwing.com	www.pngwing.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	pagead2.googlesyndication.com	www.pngwing.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.pngwing.com
2	cdn.jsdelivr.net	www.pngwing.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.pngwing.com
1	pngwing.com	1 redirects
1	pngwing.com.admin-eu.cas.ms	1 redirects
38	13

This site contains links to these domains. Also see Links.

Domain
mailtoui.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-13` - `2020-10-09`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.pngwing.com/
Frame ID: 59DE473923947A8ECEEE68347D09B2E7
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/zrt_lookup.html
Frame ID: 23B67EE08860F646016CC0042BC28B93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&adk=1812271804&adf=3025194257&lmt=1586898711&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586898711392&bpp=70&bdt=210&fdt=272&idt=272&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8226036531192&frm=20&pv=2&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=2665100&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1040&bc=31&ifi=0&uci=a!0&fsb=1&dtd=297
Frame ID: F549CC5B2453A09E6FF39C6AD96F2DB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=90&slotname=3497086563&adk=2530762693&adf=2896993837&w=1200&fwrn=4&lmt=1586898711&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90_0ads_al&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1586898711462&bpp=7&bdt=280&fdt=292&idt=292&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=484&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Fm6LrEczjk&p=https%3A//www.pngwing.com&dtd=299
Frame ID: 1F8C72F42BD7F58A1518160487A41D9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&w=1200&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711469&bpp=15&bdt=287&fdt=321&idt=322&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=677&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rswxdkLS3p&p=https%3A//www.pngwing.com&dtd=325
Frame ID: 737548F643B67005F0B7881B2C64891D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=30193656&w=350&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711484&bpp=12&bdt=302&fdt=367&idt=367&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=61&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hkaKIbM8Pk&p=https%3A//www.pngwing.com&dtd=373
Frame ID: 4BDB2FCD5E10036928A10D0FDB52AD6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=555039025&w=350&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711496&bpp=58&bdt=314&fdt=408&idt=408&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=809&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DfFwTg2zSq&p=https%3A//www.pngwing.com&dtd=411
Frame ID: A32AD7E1AE2BEBD1A4BF05E41BA677AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=3475572030&w=350&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711554&bpp=5&bdt=372&fdt=397&idt=397&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280%2C350x280&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=2057&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5c1lrxQ32n&p=https%3A//www.pngwing.com&dtd=403
Frame ID: 1BB455AF42F83594F6EFBEAF7FE0C65F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 398E09242F9F944BB120F7F607AF1DD6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://pngwing.com.admin-eu.cas.ms/ HTTP 307
https://pngwing.com/ HTTP 301
https://www.pngwing.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

38
Requests

100 %
HTTPS

89 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

410 kB
Transfer

941 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://mailtoui.com/?ref=ui
Title: Powered by MailtoUI

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pngwing.com.admin-eu.cas.ms/ HTTP 307
https://pngwing.com/ HTTP 301
https://www.pngwing.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pngwing.com/
Redirect Chain

https://pngwing.com.admin-eu.cas.ms/
https://pngwing.com/
https://www.pngwing.com/

113 KB
16 KB

101ms
100ms

Document
text/html

2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e719b4a48c263be8005c13af4d2c54c7ff291d031ed0653b7d9e32840b862f9

Request headers

:method: GET
:authority: www.pngwing.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 14 Apr 2020 21:11:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3fd5293d83c312a13541f60300d3554f1586898711; expires=Thu, 14-May-20 21:11:51 GMT; path=/; domain=.pngwing.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58406bf03c569ac2-FRA
content-encoding: br

Redirect headers

status: 301
date: Tue, 14 Apr 2020 21:11:51 GMT
cache-control: max-age=3600
expires: Tue, 14 Apr 2020 22:11:51 GMT
location: https://www.pngwing.com/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 58406bf02c419ac2-FRA

GET
H2 200 base.css
www.pngwing.com/public/css/ 28 KB
8 KB 13ms
13ms Stylesheet
text/css 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pngwing.com/public/css/base.css?2020312
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc499945542acf6bb7cf7d9ee7f1387aed1dfec094ca22667a9a5b77ee91416f

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Mar 2020 01:34:40 GMT
server: cloudflare
age: 12481
etag: W/"5e6991b0-7080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=43200
cf-ray: 58406bf0ecf09ac2-FRA
expires: Wed, 15 Apr 2020 05:43:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 108 KB
40 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d713e50c5e438cc6596122fd3cbcb09e4181ee93dc25d4d6d128da8f42ccf7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39657
x-xss-protection: 0
server: cafe
etag: 5984455608614455518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Apr 2020 21:11:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-68216682-41

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da1c2230fec1b2ce37956bebb2b712eeb7d2ff629499770603ccba792a5b1e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30188
x-xss-protection: 0
expires: Tue, 14 Apr 2020 21:11:51 GMT

GET
H2 200 email-decode.min.js Show response
www.pngwing.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
833 B 12ms
10ms Script
application/javascript 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pngwing.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 06 Apr 2020 16:30:08 GMT
server: cloudflare
etag: W/"5e8b5910-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 58406bf0fcf99ac2-FRA
expires: Thu, 16 Apr 2020 21:11:51 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.5.0/dist/ 6 KB
2 KB 16ms
14ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.5.0/dist/lazyload.min.js

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d26ab0a896eb9cb3b3322a85087d0f0e86fc1b111b8d3731a7f8f2c6d1eaa889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4292971
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"1925-f6lYC0BD2Q6yy6SkpXLkFU7m6kE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 58406bf0fe97dfcf-FRA

GET
H2 200 global.js Show response
www.pngwing.com/public/ 14 KB
4 KB 14ms
12ms Script
application/javascript 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pngwing.com/public/global.js?2020320
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da5afa9eda9ad0c90987b9da1ef349e88167c81aebb33d373f1713772456b15b

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Mar 2020 04:11:04 GMT
server: cloudflare
age: 38733
etag: W/"5e744258-3821"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=43200
cf-ray: 58406bf0fcfa9ac2-FRA
expires: Tue, 14 Apr 2020 22:26:18 GMT

GET
H2 200 mailtoui-min.js Show response
cdn.jsdelivr.net/npm/mailtoui@1.0.2/dist/ 20 KB
6 KB 19ms
18ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mailtoui@1.0.2/dist/mailtoui-min.js

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f71b667a94af5f1a2c991cd177b298191619ecaef1b8b57e5a78f04ae8539d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5835152
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-ams21028-AMS, cache-fra19146-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"5026-JzoRFecdxJA+1XdmlRtXB5lrBJ0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 58406bf0fe99dfcf-FRA

GET
H2 200 header_bg.svg
www.pngwing.com/public/css/ 69 KB
19 KB 16ms
15ms Image
image/svg+xml 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngwing.com/public/css/header_bg.svg
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8290218f730b2483c7cc60d2eac2ea9e90595e9ca355769f742e75268120088

Request headers

Referer: https://www.pngwing.com/public/css/base.css?2020312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Mar 2020 00:58:08 GMT
server: cloudflare
age: 1343
etag: W/"5e698920-11575"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 58406bf11d1b9ac2-FRA

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a9d619b2e7b16d11e6fdacc86346dbfd821e13497da959f5f3d16ad39e43a8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 loader.svg
www.pngwing.com/public/css/ 1 KB
449 B 14ms
13ms Image
image/svg+xml 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngwing.com/public/css/loader.svg
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/public/global.js?2020320
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0daef4b8a60f2a2e84cde0431285ee80a0176560b983d0730b87c26481cc7836

Request headers

Referer: https://www.pngwing.com/public/css/base.css?2020312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Apr 2019 01:42:22 GMT
server: cloudflare
age: 7083
etag: W/"5cba78fe-47d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 58406bf13d399ac2-FRA

GET
H2 200 scale.svg
www.pngwing.com/public/css/ 2 KB
860 B 13ms
12ms Image
image/svg+xml 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngwing.com/public/css/scale.svg
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/public/global.js?2020320
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1a1026bd29787369177df7c8b337bf62deab35e69dec0ccdf338cec4f307ac6

Request headers

Referer: https://www.pngwing.com/public/css/base.css?2020312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2019 06:06:50 GMT
server: cloudflare
age: 7083
etag: W/"5c9329fa-8d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 58406bf13d3b9ac2-FRA

GET
H2 200 document.svg
www.pngwing.com/public/css/ 1 KB
613 B 19ms
18ms Image
image/svg+xml 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngwing.com/public/css/document.svg
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/public/global.js?2020320
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04261972b408d8edaefc199c08d87a13afec67796c540c7f1617127f6f66ab8a

Request headers

Referer: https://www.pngwing.com/public/css/base.css?2020312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2019 06:07:18 GMT
server: cloudflare
age: 7083
etag: W/"5c932a16-574"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 58406bf13d3f9ac2-FRA

GET
H2 200 top.png
www.pngwing.com/public/css/ 3 KB
3 KB 12ms
12ms Image
image/png 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngwing.com/public/css/top.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/public/global.js?2020320
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b04df73090f6b0f3192a3b71874ca3b3cc19dff16adc6cf365cd0c75897f6c0

Request headers

Referer: https://www.pngwing.com/public/css/base.css?2020312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2019 07:39:28 GMT
server: cloudflare
age: 1159712
etag: "5c933fb0-b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58406bf13d409ac2-FRA
content-length: 2867
expires: Fri, 01 May 2020 11:03:19 GMT

GET
H2 200 png-transparent-youtube-play-button-computer-icons-youtube-youtube-logo-angle-rectangle-logo-thumbnail.png
w7.pngwing.com/pngs/208/269/ 3 KB
3 KB 28ms
16ms Image
image/png 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/208/269/png-transparent-youtube-play-button-computer-icons-youtube-youtube-logo-angle-rectangle-logo-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4fddff9bdc0ebaa567ab6c65611730ac7066e21429f11bce1ed2e4b447b0be8

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
cf-cache-status: HIT
age: 1942786
status: 200
content-length: 2583
last-modified: Sun, 16 Feb 2020 04:55:58 GMT
server: cloudflare
etag: "5e48cb5e-a17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 58406bf21e699ac2-FRA
expires: Thu, 18 Mar 2021 09:32:05 GMT

GET
H2 200 png-transparent-virus-illustration-gastroenteritis-stomach-abdomen-virus-vomiting-virus-miscellaneous-ink-food-thumbnail.png
w7.pngwing.com/pngs/843/761/ 20 KB
20 KB 26ms
14ms Image
image/png 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/843/761/png-transparent-virus-illustration-gastroenteritis-stomach-abdomen-virus-vomiting-virus-miscellaneous-ink-food-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989bd3bd423e24782117d315c177bc22bfa8cee59c0678d9c4766dec7fecae45

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
cf-cache-status: HIT
age: 1240673
status: 200
content-length: 19994
last-modified: Sun, 16 Feb 2020 22:17:37 GMT
server: cloudflare
etag: "5e49bf81-4e1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 58406bf21e6e9ac2-FRA
expires: Fri, 26 Mar 2021 12:33:58 GMT

GET
H2 200 png-transparent-daytime-atmosphere-of-earth-computer-the-vast-sky-starry-night-watercolor-painting-texture-studio-thumbnail.png
w7.pngwing.com/pngs/568/815/ 19 KB
19 KB 24ms
13ms Image
image/png 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/568/815/png-transparent-daytime-atmosphere-of-earth-computer-the-vast-sky-starry-night-watercolor-painting-texture-studio-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87e2ddabca4067e746eba189338aea0a9551390586b68660b0bf474aae4274c3

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
cf-cache-status: HIT
age: 1587006
status: 200
content-length: 19513
last-modified: Sat, 15 Feb 2020 21:02:30 GMT
server: cloudflare
etag: "5e485c66-4c39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 58406bf21e6f9ac2-FRA
expires: Mon, 22 Mar 2021 12:21:45 GMT

GET
H2 200 png-transparent-surgical-mask-dust-mask-surgery-surgeon-mask-glass-face-mask-thumbnail.png
w7.pngwing.com/pngs/502/169/ 11 KB
11 KB 31ms
19ms Image
image/png 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/502/169/png-transparent-surgical-mask-dust-mask-surgery-surgeon-mask-glass-face-mask-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f82c9c13dd621f0dc67a411641fbaea665bfd25f176230b1d48a1bcf1a31a275

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
cf-cache-status: HIT
age: 906471
status: 200
content-length: 11104
last-modified: Tue, 31 Mar 2020 05:59:53 GMT
server: cloudflare
etag: "5e82dc59-2b60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 58406bf21e689ac2-FRA
expires: Tue, 30 Mar 2021 09:24:00 GMT

GET
H2 200 png-transparent-logo-icon-instagram-logo-instagram-logo-purple-violet-text-thumbnail.png
w7.pngwing.com/pngs/722/1011/ 20 KB
20 KB 30ms
18ms Image
image/png 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/722/1011/png-transparent-logo-icon-instagram-logo-instagram-logo-purple-violet-text-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b02fd9ddf4aaca4086f87123194c179b94b0e70760b28c2297d5312b4f4b8a31

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
cf-cache-status: HIT
age: 2129914
status: 200
content-length: 20049
last-modified: Sat, 15 Feb 2020 21:33:32 GMT
server: cloudflare
etag: "5e4863ac-4e51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 58406bf21e729ac2-FRA
expires: Tue, 16 Mar 2021 05:33:17 GMT

GET
H2 200 png-transparent-common-cold-cartoon-illustration-baby-fever-runny-nose-cartoon-character-child-photography-thumbnail.png
w7.pngwing.com/pngs/635/273/ 17 KB
17 KB 26ms
15ms Image
image/png 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/635/273/png-transparent-common-cold-cartoon-illustration-baby-fever-runny-nose-cartoon-character-child-photography-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb0534aa2c05b97356769b9b2819ec65886e9a65dbef25b1b8fe04ab8d20e908

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
cf-cache-status: HIT
age: 1667814
status: 200
content-length: 17357
last-modified: Mon, 17 Feb 2020 08:18:22 GMT
server: cloudflare
etag: "5e4a4c4e-43cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 58406bf21e6c9ac2-FRA
expires: Sun, 21 Mar 2021 13:54:57 GMT

GET
H2 200 png-transparent-black-and-white-symmetry-daytime-pattern-radioactive-light-effect-time-lapse-grayscale-texture-photography-triangle-thumbnail.png
w7.pngwing.com/pngs/415/71/ 16 KB
16 KB 57ms
56ms Image
image/png 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/415/71/png-transparent-black-and-white-symmetry-daytime-pattern-radioactive-light-effect-time-lapse-grayscale-texture-photography-triangle-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8efda6409951118f0a371a2475a9bd335b52d741991b2bf41c9c6fdcb594678

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
cf-cache-status: HIT
age: 1987248
status: 200
content-length: 16556
last-modified: Sun, 16 Feb 2020 18:06:27 GMT
server: cloudflare
etag: "5e4984a3-40ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 58406bf23e969ac2-FRA
expires: Wed, 17 Mar 2021 21:11:03 GMT

GET
H2 200 png-transparent-pinkpop-festival-watercolor-painting-texture-sky-blue-watercolor-graffiti-abstract-illustratrion-purple-blue-watercolor-leaves-thumbnail.png
w7.pngwing.com/pngs/972/735/ 32 KB
33 KB 60ms
59ms Image
image/png 2606:4700:3032::681b:8175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w7.pngwing.com/pngs/972/735/png-transparent-pinkpop-festival-watercolor-painting-texture-sky-blue-watercolor-graffiti-abstract-illustratrion-purple-blue-watercolor-leaves-thumbnail.png
Requested by: Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b7fd26e7925d33b90b034bfffb9a1e4880f5bad2855c1bd07905a2d55a26bf9

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
cf-cache-status: HIT
age: 2172596
status: 200
content-length: 33119
last-modified: Sat, 15 Feb 2020 21:31:25 GMT
server: cloudflare
etag: "5e48632d-815f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 58406bf23e979ac2-FRA
expires: Mon, 15 Mar 2021 17:41:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
839 B 90ms
17ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pngwing.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
839 B 86ms
17ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pngwing.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/ 216 KB
81 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4726f5351b3e304c4e378940f4ae9d009f15d13423783a82b89ab1c47257e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 83076
x-xss-protection: 0
server: cafe
etag: 11284991114190924255
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Apr 2020 21:11:51 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/ Frame 23B6 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200408/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 09 Apr 2020 06:16:28 GMT
expires: Thu, 23 Apr 2020 06:16:28 GMT
content-type: text/html; charset=UTF-8
etag: 1284906565632978074
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4913
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 485723
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68216682-41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5597
date: Tue, 14 Apr 2020 19:38:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Tue, 14 Apr 2020 21:38:34 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F549 0
0 100ms
99ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&adk=1812271804&adf=3025194257&lmt=1586898711&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586898711392&bpp=70&bdt=210&fdt=272&idt=272&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8226036531192&frm=20&pv=2&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=2665100&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1040&bc=31&ifi=0&uci=a!0&fsb=1&dtd=297

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&adk=1812271804&adf=3025194257&lmt=1586898711&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586898711392&bpp=70&bdt=210&fdt=272&idt=272&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8226036531192&frm=20&pv=2&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=2665100&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1040&bc=31&ifi=0&uci=a!0&fsb=1&dtd=297
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 21:11:51 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Apr-2020 21:26:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 21:11:51 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e019e4dd3d8be298895ef632bb8e5083de16a01f55a1eb385b1e0efede2f3705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586777055770172"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28426
x-xss-protection: 0
expires: Tue, 14 Apr 2020 21:11:51 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1F8C 0
0 237ms
237ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=90&slotname=3497086563&adk=2530762693&adf=2896993837&w=1200&fwrn=4&lmt=1586898711&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90_0ads_al&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1586898711462&bpp=7&bdt=280&fdt=292&idt=292&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=484&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Fm6LrEczjk&p=https%3A//www.pngwing.com&dtd=299

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&h=90&slotname=3497086563&adk=2530762693&adf=2896993837&w=1200&fwrn=4&lmt=1586898711&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90_0ads_al&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1586898711462&bpp=7&bdt=280&fdt=292&idt=292&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=484&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Fm6LrEczjk&p=https%3A//www.pngwing.com&dtd=299
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 21:11:52 GMT
server: cafe
content-length: 6037
x-xss-protection: 0
set-cookie: IDE=AHWqTUnaBSnrDBYaOnMwssktIVgvYbYA8ktAKabBVrQsZe0QmyO_ZexyAOfM_YgU; expires=Sun, 09-May-2021 21:11:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 21:11:52 GMT
cache-control: private

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 15ms
15ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1962914198&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pngwing.com%2F&ul=en-us&de=UTF-8&dt=PNGWing%20-%20Exclusive%20png%20design%20images&sd=24-bit&sr=1600x1200&vp=1594x1200&je=0&_u=IAhAAUAB~&jid=267492942&gjid=362263773&cid=1513412398.1586898712&tid=UA-68216682-41&_gid=1942411981.1586898712&_r=1&gtm=2ou432&z=2076283495

Requested by

Host: www.pngwing.com
URL: https://www.pngwing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 21:11:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7375 0
0 232ms
232ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&w=1200&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711469&bpp=15&bdt=287&fdt=321&idt=322&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=677&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rswxdkLS3p&p=https%3A//www.pngwing.com&dtd=325

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&w=1200&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711469&bpp=15&bdt=287&fdt=321&idt=322&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=197&ady=677&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1168&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rswxdkLS3p&p=https%3A//www.pngwing.com&dtd=325
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 21:11:52 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUkt1kdizJfItVUB2UifKKHHZnFuqLOLtjb5wjf7jB_gbgaXhI7csn6xDaar; expires=Sun, 09-May-2021 21:11:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 21:11:52 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4BDB 0
0 200ms
200ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=30193656&w=350&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711484&bpp=12&bdt=302&fdt=367&idt=367&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=61&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hkaKIbM8Pk&p=https%3A//www.pngwing.com&dtd=373

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=30193656&w=350&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711484&bpp=12&bdt=302&fdt=367&idt=367&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=61&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hkaKIbM8Pk&p=https%3A//www.pngwing.com&dtd=373
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 21:11:52 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: IDE=AHWqTUnQayfFkNQMYwdXX3LwR1fJ1cXZwiXX0PpctTIY7VFx5pPR2r8g0XnH5tuD; expires=Sun, 09-May-2021 21:11:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 21:11:52 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame A32A 0
0 263ms
262ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=555039025&w=350&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711496&bpp=58&bdt=314&fdt=408&idt=408&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=809&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DfFwTg2zSq&p=https%3A//www.pngwing.com&dtd=411

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=555039025&w=350&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711496&bpp=58&bdt=314&fdt=408&idt=408&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=809&ady=987&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DfFwTg2zSq&p=https%3A//www.pngwing.com&dtd=411
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 21:11:52 GMT
server: cafe
content-length: 25243
x-xss-protection: 0
set-cookie: IDE=AHWqTUnFPRIHieqpcZeP-hHe8dF3KuJ4-Pt10QIllT_rwVGd6V4MtWOMEI6gzrA1; expires=Sun, 09-May-2021 21:11:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 21:11:52 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1BB4 0
0 324ms
323ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=3475572030&w=350&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711554&bpp=5&bdt=372&fdt=397&idt=397&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280%2C350x280&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=2057&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5c1lrxQ32n&p=https%3A//www.pngwing.com&dtd=403

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=469075378&adf=3475572030&w=350&fwrn=4&fwrnh=100&lmt=1586898711&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=https%3A%2F%2Fwww.pngwing.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586898711554&bpp=5&bdt=372&fdt=397&idt=397&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90_0ads_al%2C1200x280%2C350x280%2C350x280&nras=1&correlator=8226036531192&frm=20&pv=1&ga_vid=1513412398.1586898712&ga_sid=1586898712&ga_hid=1962914198&ga_fc=0&iag=0&icsg=36219532&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=2057&biw=1594&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530312%2C26835105&oid=3&pvsid=4175600832611608&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=1168&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5c1lrxQ32n&p=https%3A//www.pngwing.com&dtd=403
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 21:11:52 GMT
server: cafe
content-length: 27402
x-xss-protection: 0
set-cookie: IDE=AHWqTUlO9bTYrczzxHPsLu-_80M8PKofdFsMFpGPLXQYvnDanMAaaqQsfgsPqkdo; expires=Sun, 09-May-2021 21:11:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 21:11:52 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 30ms
16ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200408&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3e40b79da7dbc499bf521ec13621786fc60727f40508d00f0de496539a5330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Apr 2020 21:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 14 Apr 2020 21:11:54 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 398E 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pngwing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.pngwing.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 14 Apr 2020 21:03:29 GMT
expires: Wed, 14 Apr 2021 21:03:29 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 505
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
60 B 44ms
43ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200408&jk=4175600832611608&bg=!5-Sl5PxYzpe7W3m4FtcCAAAAcVIAAAAQmQFbZ_2ClvfM_Q0w_8qkEUzHqheInkimxJHvhLRUg36nH_OJGJOpnG9q7yd70qp85ItVLBtHk4CtB-wh3Wc-dC_Uf3PUDsx-sitxIjvzsmmpDW8apDm7OyF-w_7Txr2XRet6AMMXRdLxL1yPdWh3Rh_bL_Euv1KLcIupr_4Vhu9pTlBEgF2gyoX5p30HCYSSwW_-OnwB5ICW-C4kX2eYY9r5679os9NUsjN0eeQpnE218EMpWvmPrqeuKniFtAl99FtLVtTWwtzjtT-HFAg0UNSNj4Y3cIq2NOKL3TSCJVER88sQcXJSXBYhhYZDOnt4a-EcV-TMQoXvtCFznlRZk-HBcWh-ApIWDLXqeVXULqIFz0_tTPb9JFcpaUXC_m-bWAUe96A2NyJTr1p4VSf6BwMazDhSdKR5DlMP0Kklu-Gb-p3XcCHCxInDx6RkY4KXtu-r7togGZ1RZkAl1Pw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pngwing.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 21:11:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 08:48:19	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pngwing.com
pngwing.com.admin-eu.cas.ms
tpc.googlesyndication.com
w7.pngwing.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.pngwing.com
2606:4700:3032::681b:8175
2606:4700::6810:5814
2a00:1450:4001:808::2001
2a00:1450:4001:816::2002
2a00:1450:4001:817::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::2002
52.155.161.91
04261972b408d8edaefc199c08d87a13afec67796c540c7f1617127f6f66ab8a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0daef4b8a60f2a2e84cde0431285ee80a0176560b983d0730b87c26481cc7836
1a9d619b2e7b16d11e6fdacc86346dbfd821e13497da959f5f3d16ad39e43a8e
1b04df73090f6b0f3192a3b71874ca3b3cc19dff16adc6cf365cd0c75897f6c0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4b7fd26e7925d33b90b034bfffb9a1e4880f5bad2855c1bd07905a2d55a26bf9
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6e719b4a48c263be8005c13af4d2c54c7ff291d031ed0653b7d9e32840b862f9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e2ddabca4067e746eba189338aea0a9551390586b68660b0bf474aae4274c3
989bd3bd423e24782117d315c177bc22bfa8cee59c0678d9c4766dec7fecae45
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a8290218f730b2483c7cc60d2eac2ea9e90595e9ca355769f742e75268120088
b02fd9ddf4aaca4086f87123194c179b94b0e70760b28c2297d5312b4f4b8a31
b1a1026bd29787369177df7c8b337bf62deab35e69dec0ccdf338cec4f307ac6
bb0534aa2c05b97356769b9b2819ec65886e9a65dbef25b1b8fe04ab8d20e908
bc499945542acf6bb7cf7d9ee7f1387aed1dfec094ca22667a9a5b77ee91416f
d26ab0a896eb9cb3b3322a85087d0f0e86fc1b111b8d3731a7f8f2c6d1eaa889
d713e50c5e438cc6596122fd3cbcb09e4181ee93dc25d4d6d128da8f42ccf7a0
da1c2230fec1b2ce37956bebb2b712eeb7d2ff629499770603ccba792a5b1e37
da5afa9eda9ad0c90987b9da1ef349e88167c81aebb33d373f1713772456b15b
db3e40b79da7dbc499bf521ec13621786fc60727f40508d00f0de496539a5330
e019e4dd3d8be298895ef632bb8e5083de16a01f55a1eb385b1e0efede2f3705
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fddff9bdc0ebaa567ab6c65611730ac7066e21429f11bce1ed2e4b447b0be8
e8efda6409951118f0a371a2475a9bd335b52d741991b2bf41c9c6fdcb594678
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee4726f5351b3e304c4e378940f4ae9d009f15d13423783a82b89ab1c47257e0
f71b667a94af5f1a2c991cd177b298191619ecaef1b8b57e5a78f04ae8539d78
f82c9c13dd621f0dc67a411641fbaea665bfd25f176230b1d48a1bcf1a31a275

www.pngwing.com Open in urlscan Pro 2606:4700:3032::681b:8175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

89 %IPv6

10 Domains

13 Subdomains

9 IPs

3 Countries

410 kBTransfer

941 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pngwing.com Open in urlscan Pro
2606:4700:3032::681b:8175 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

89 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

410 kB
Transfer

941 kB
Size

1
Cookies

38 HTTP transactions
2 data transactions