www.usenix.org.uk Open in urlscan Pro
2001:ba8:1f1:f1cb::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://all.s5h.net/
Effective URL:
http://www.usenix.org.uk/content/rbl.html
Submission: On January 28 via manual (January 28th 2023, 3:55:01 am UTC) from GB — Scanned from GB

Summary HTTP 100 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 7 countries across 24 domains to perform 100 HTTP transactions. The main IP is 2001:ba8:1f1:f1cb::2, located in United Kingdom and belongs to JUMP, GB. The main domain is www.usenix.org.uk.

This is the only time www.usenix.org.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.119.82.99 85.119.82.99	8943 (JUMP) (JUMP)
3	2001:ba8:1f1:... 2001:ba8:1f1:f1cb::2	8943 (JUMP) (JUMP)
15	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1 1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
12	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 14	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:211... 2600:9000:211e:2000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.208.224.138 52.208.224.138	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:b1a5:7b6d:79a3:e8f	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	185.86.137.121 185.86.137.121	201081 (SMARTADSE...) (SMARTADSERVER)
100	17

1 85.119.82.99 (London, United Kingdom) 1 redirects

ASN8943 (JUMP, GB)
PTR: s5h.net

all.s5h.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:ba8:1f1:f1cb::2 (United Kingdom)

ASN8943 (JUMP, GB)

www.usenix.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States) 1 redirects

ASN15133 (EDGECAST, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.224.138 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-224-138.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:b1a5:7b6d:79a3:e8f (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	440 KB
25	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	150 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	140 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	192 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5333	818 B
3	usenix.org.uk www.usenix.org.uk	6 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 592	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1733	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1232	461 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2166	794 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416	2 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 31320	1015 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 767	1 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2284	2 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	75 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 308	461 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414	714 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 685	444 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	864 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	334 B
1	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2392	666 B
1	s5h.net 1 redirects all.s5h.net	278 B
100	24

	Domain	Requested by
23	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	www.usenix.org.uk pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.uk	pagead2.googlesyndication.com
3	www.usenix.org.uk	www.usenix.org.uk
2	ap.lijit.com	2 redirects
2	sync.teads.tv	1 redirects
2	match.360yield.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	um.simpli.fi	2 redirects
2	www.paypalobjects.com	www.usenix.org.uk
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	sync.mathtag.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.paypal.com	1 redirects
1	all.s5h.net	1 redirects
100	29

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 17 frames:

Primary Page: http://www.usenix.org.uk/content/rbl.html
Frame ID: 3337351DAB3D4542C13DA653606DA95E
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
Frame ID: FFA4BD4880A8AB1D1AFA189A4A779151
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&adk=1812271804&adf=3025194257&lmt=1552829327&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&ea=0&pra=5&wgl=1&dt=1674878096614&bpp=5&bdt=296&idt=162&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=62115029505&frm=20&pv=2&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=188
Frame ID: 08060038C22653C931FA7DB61B1308C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=2&bdt=1162&idt=-M&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0&nras=2&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=RvqozL2qJF&p=http%3A//www.usenix.org.uk&dtd=6
Frame ID: FF4FAFB0EA36242EF2896067C5A678DF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11
Frame ID: B3A71C3C82C8C8A2015ECD01CCA3D538
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
Frame ID: C0D836B1B544E737101C384CB235953F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
Frame ID: 707A3691DA8E0749E8A7D0E14C7FDF8F
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D5AAE49A7B0F8DA039A07B4EB9010B5F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0DEBC554DF5B34FD4E2FB3D0E36C82F6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E205D9D47692C0F604FFB5723BF1AE79
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 3B0E3B37DEDDD9F68841BFB2079EFB0F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js
Frame ID: 17E7E7A6ECFB0D28FB1C872AA420D085
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js
Frame ID: 472B4D8D4CD61265237E312F5C116F9A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 604604CC79C09548C8B3D7B22741D87C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 226DA9B2B9E5BC9CD5EFAA5A9A4EA84C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js
Frame ID: 9FE2F2BA04FABF4E52AE7F560F8CC3D3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js
Frame ID: F5AC8CA190AD1CB94DA6003143E81F87
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RBL page

Page URL History Show full URLs

http://all.s5h.net/ HTTP 301
http://www.usenix.org.uk/content/rbl.html Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

100
Requests

83 %
HTTPS

52 %
IPv6

24
Domains

29
Subdomains

17
IPs

7
Countries

939 kB
Transfer

2506 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://all.s5h.net/ HTTP 301
http://www.usenix.org.uk/content/rbl.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.paypal.com/en_GB/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_GB/i/scr/pixel.gif

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 82

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKLWhAOq38UbD21mTCp41rk&google_cver=1&google_push=Aa02lx8jjK6KHWRt2uIUDuBzdMMAmPk70_dw49OkREYmjYvLkXDGRpn6CUwWXGNhNYFsjJiPU6fHm82foKGkej4pj9CoIxLxrUi-FT4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8jjK6KHWRt2uIUDuBzdMMAmPk70_dw49OkREYmjYvLkXDGRpn6CUwWXGNhNYFsjJiPU6fHm82foKGkej4pj9CoIxLxrUi-FT4

Request Chain 83

https://um.simpli.fi/gp_match?google_gid=CAESECnqaHA8o080qUaIWvQrffM&google_cver=1&google_push=Aa02lx-azr9a3j8gHDU5If5fDsZ3dLImujmxKNIP-La6F4EnQ_6mAifJB6jOvriiSVwZBE1fozyqnmXwH3U_5gxJIDsbaYfWhgLGTgI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EBC3DDEBF094DC5BA66934DB55DCAC4&google_push=Aa02lx-azr9a3j8gHDU5If5fDsZ3dLImujmxKNIP-La6F4EnQ_6mAifJB6jOvriiSVwZBE1fozyqnmXwH3U_5gxJIDsbaYfWhgLGTgI

Request Chain 84

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPCs8gzUliorRNvYNpS7rTI&google_cver=1&google_push=Aa02lx9X8B92DFGb47qMWnLhADa1AsXycbBY53f3qYI67lzp34ClesIn70sNKiYcDYlP0BHIP0skqQxEgKtUeTfpXVfIdq0q78uWZg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9X8B92DFGb47qMWnLhADa1AsXycbBY53f3qYI67lzp34ClesIn70sNKiYcDYlP0BHIP0skqQxEgKtUeTfpXVfIdq0q78uWZg&google_hm=ZQoilMc8Ty-valYr3k0UYW0

Request Chain 85

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAdbPF5UEbCZ829TgfHLTUM&google_cver=1&google_push=Aa02lx8gfkSMIVbXHGXR2TNC3SxkndYdS-6ZKcvyytmehJLlaleeYVsq-d16dYp25kaKCnszzloxjIzuDGL9c1ZL6F1MLG-HbR5gie8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAdbPF5UEbCZ829TgfHLTUM&google_push=Aa02lx8gfkSMIVbXHGXR2TNC3SxkndYdS-6ZKcvyytmehJLlaleeYVsq-d16dYp25kaKCnszzloxjIzuDGL9c1ZL6F1MLG-HbR5gie8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAdbPF5UEbCZ829TgfHLTUM&google_hm=Y9SckjU0U73YaSi2GIGKLwAAB_8AAAIB&google_nid=index&google_push=Aa02lx8gfkSMIVbXHGXR2TNC3SxkndYdS-6ZKcvyytmehJLlaleeYVsq-d16dYp25kaKCnszzloxjIzuDGL9c1ZL6F1MLG-HbR5gie8

Request Chain 86

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHcASopEckfIc1LEvvqSTp4&google_cver=1&google_push=Aa02lx_4c2vYrcEGKllGEwrU-hZsCdI-aWcJdVq9Z1HW0bQmWyhF3_fpoeFPLHZ9kXj8CSxZ2NI5KlJHz4FmZbHhGdA5tsmX3xd2GDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_4c2vYrcEGKllGEwrU-hZsCdI-aWcJdVq9Z1HW0bQmWyhF3_fpoeFPLHZ9kXj8CSxZ2NI5KlJHz4FmZbHhGdA5tsmX3xd2GDg

Request Chain 87

https://match.360yield.com/match/ebda?google_gid=CAESEDAMOcdCHfIQhOeKzR3u5To&google_cver=1&google_push=Aa02lx-3x3PBBHwTQaAy5g_Zc_oPNXe6WmGqNUo3wNznPMzV8MRpmv3wVrIxLhdS_DgP_vzcYT0Ak-x1qLdg2mytlBh14bRfisFknBE HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDAMOcdCHfIQhOeKzR3u5To&google_cver=1&google_push=Aa02lx-3x3PBBHwTQaAy5g_Zc_oPNXe6WmGqNUo3wNznPMzV8MRpmv3wVrIxLhdS_DgP_vzcYT0Ak-x1qLdg2mytlBh14bRfisFknBE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ONgGJaBIRdSNMK7GXDqywA&google_push=Aa02lx-3x3PBBHwTQaAy5g_Zc_oPNXe6WmGqNUo3wNznPMzV8MRpmv3wVrIxLhdS_DgP_vzcYT0Ak-x1qLdg2mytlBh14bRfisFknBE

Request Chain 88

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEE2x3pfWZcHh3ST5UTAygDs&google_cver=1&google_push=Aa02lx9J3jv4MRHQMGxZHbEV_9McjI5CDWQU5EMxWvgkygEeam8xMzwdjAYXDO16jAfZ2povB8goPpPWaXWhEZdvb7i3FC92lr14SdFd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9J3jv4MRHQMGxZHbEV_9McjI5CDWQU5EMxWvgkygEeam8xMzwdjAYXDO16jAfZ2povB8goPpPWaXWhEZdvb7i3FC92lr14SdFd HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 91

https://a.tribalfusion.com/i.match?p=b6&u=CAESEO1JOmPMmJGe4uMs63rEmg0&google_cver=1&google_push=Aa02lx_u2C__WwaEwRgsnLFPJ0XJjPsTJzEbW8CYp7GiHSjaKrCchxD4GNYL7P07JJd_GG0dMOOKRbBDu6ttgQPJYOaxry3QXrqJ5us&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_u2C__WwaEwRgsnLFPJ0XJjPsTJzEbW8CYp7GiHSjaKrCchxD4GNYL7P07JJd_GG0dMOOKRbBDu6ttgQPJYOaxry3QXrqJ5us%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO1JOmPMmJGe4uMs63rEmg0&google_cver=1&google_push=Aa02lx_u2C__WwaEwRgsnLFPJ0XJjPsTJzEbW8CYp7GiHSjaKrCchxD4GNYL7P07JJd_GG0dMOOKRbBDu6ttgQPJYOaxry3QXrqJ5us&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_u2C__WwaEwRgsnLFPJ0XJjPsTJzEbW8CYp7GiHSjaKrCchxD4GNYL7P07JJd_GG0dMOOKRbBDu6ttgQPJYOaxry3QXrqJ5us%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 92

https://um.simpli.fi/gp_match?google_gid=CAESEDc0qkdBPfRUj_PYT38Im7k&google_cver=1&google_push=Aa02lx-y_i2K3cUq5XIMd9-mZZDx4pPhiQa3pe5kJY9XGqyTKEIr8sXk-TFWPq1Z1GeKWJ6ZlWoawzBSfkny2UG6Jk01DJUTfOlU5zFD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D968862D6DA14CBC88693710A03ADEDE&google_push=Aa02lx-y_i2K3cUq5XIMd9-mZZDx4pPhiQa3pe5kJY9XGqyTKEIr8sXk-TFWPq1Z1GeKWJ6ZlWoawzBSfkny2UG6Jk01DJUTfOlU5zFD

Request Chain 93

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDuLSxlt8SvX1JsVPETGvJ0&google_cver=1&google_push=Aa02lx-PAjuJgz6GXEq_u8FXl_baG0kTD_VD_KVYR5pYEFqDmWHOAUYvYfDAEBNhA9NQ3uigjvG35KQypoCHM7ZKfb0RYKrVieSLit7I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-PAjuJgz6GXEq_u8FXl_baG0kTD_VD_KVYR5pYEFqDmWHOAUYvYfDAEBNhA9NQ3uigjvG35KQypoCHM7ZKfb0RYKrVieSLit7I&google_hm=xxoDQHatQWa4tLMqYeiPQG0

Request Chain 94

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFz_hf3Pb8vVlmjY5gUDPd8&google_cver=1&google_push=Aa02lx90nMqrhsj2y3eelCBZTifSaw2E43Qt6nI32q24vvhx534_P2XcckvpE2ldfJLo-ivGamxm56_hHJbl97tYAk3mbBr7689rTDwy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx90nMqrhsj2y3eelCBZTifSaw2E43Qt6nI32q24vvhx534_P2XcckvpE2ldfJLo-ivGamxm56_hHJbl97tYAk3mbBr7689rTDwy&google_hm=eS1PRFI1MEl0RTJwR01PRXpoSWEzRXRCMkkyRjZ2U0ExNH5B

Request Chain 95

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEISeAHC7DPLDPp5l_XAuEDg&google_cver=1&google_push=Aa02lx8BPvWT3eumUAnGGXMP8cy_H9RurPzxK6iSA9NPKT4AmPDYBAr33SY2QHoDajGQbbs6wNQYRJiKQKvbqK7Bep75s5S7BDAuAgvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERGRjZCU1ktOC01UUtS&google_push=Aa02lx8BPvWT3eumUAnGGXMP8cy_H9RurPzxK6iSA9NPKT4AmPDYBAr33SY2QHoDajGQbbs6wNQYRJiKQKvbqK7Bep75s5S7BDAuAgvI

Request Chain 96

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDtC89nadnBBRoRCOY75lrQ&google_cver=1&google_push=Aa02lx-42rYoXK7HtZXuAq_di2ZtYUEp3TPSZIh9PGw-iLkbzD1SVKMXWGu6r4c2cYOPUvqwCG-Rxnv-Grqu9dpljdfCIA7eBQ9uruI HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDtC89nadnBBRoRCOY75lrQ&google_cver=1&google_push=Aa02lx-42rYoXK7HtZXuAq_di2ZtYUEp3TPSZIh9PGw-iLkbzD1SVKMXWGu6r4c2cYOPUvqwCG-Rxnv-Grqu9dpljdfCIA7eBQ9uruI&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-42rYoXK7HtZXuAq_di2ZtYUEp3TPSZIh9PGw-iLkbzD1SVKMXWGu6r4c2cYOPUvqwCG-Rxnv-Grqu9dpljdfCIA7eBQ9uruI&google_hm=GD1KuGZHYjaidvuXQYWwPJIZ

100 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request rbl.html Show response
www.usenix.org.uk/content/
Redirect Chain

http://all.s5h.net/
http://www.usenix.org.uk/content/rbl.html

10 KB
5 KB

141ms
41ms

Document
text/html

2001:ba8:1f1:f1cb::2
JUMP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.usenix.org.uk/content/rbl.html
Protocol: HTTP/1.1
Server: 2001:ba8:1f1:f1cb::2 , United Kingdom, ASN8943 (JUMP, GB),
Reverse DNS
Software: Apache/2.4.54 (Debian) /
Resource Hash: 49abb010ce00c1361acb8377fe6b6d2d78b13d11b11121a5d3c86b2e2cdd5b2d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
CIDR_CC: GB
CIDR_FROM: 2a02:8c8::
CIDR_REGISTRY: ripencc
CIDR_SIZE: 32
CIDR_TYPE: ipv6
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4314
Content-Type: text/html
Date: Sat, 28 Jan 2023 03:54:56 GMT
ETag: "28cc-5844a406ec1c0-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Sun, 17 Mar 2019 13:28:47 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 326
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 28 Jan 2023 03:54:56 GMT
Keep-Alive: timeout=5, max=100
Location: http://www.usenix.org.uk/content/rbl.html
Server: Apache/2.4.54 (Debian)

GET
H/1.1 200
OK style.v2.css
www.usenix.org.uk/content/ 1 KB
1 KB 36ms
35ms Stylesheet
text/css 2001:ba8:1f1:f1cb::2
JUMP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.usenix.org.uk/content/style.v2.css
Requested by: Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html
Protocol: HTTP/1.1
Server: 2001:ba8:1f1:f1cb::2 , United Kingdom, ASN8943 (JUMP, GB),
Reverse DNS
Software: Apache/2.4.54 (Debian) /
Resource Hash: 29d4cc6f43cacfb46e1e858f5ca264860461681a070c450b26c9e4baf4a608e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/content/rbl.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

CIDR_SIZE: 32
Date: Sat, 28 Jan 2023 03:54:56 GMT
Content-Encoding: gzip
CIDR_CC: GB
CIDR_TYPE: ipv6
Connection: Keep-Alive
Content-Length: 616
CIDR_REGISTRY: ripencc
Last-Modified: Mon, 24 Dec 2018 17:41:57 GMT
Server: Apache/2.4.54 (Debian)
CIDR_FROM: 2a02:8c8::
ETag: "5d1-57dc81d0b821b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sat, 28 Jan 2023 03:54:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
49 KB 186ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c7b44332fe2b0aaeaac77ee2752a4c7862ef7bc2ae9c765defed0397405bcb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50138
x-xss-protection: 0
server: cafe
etag: 13813608884437560818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 Jan 2023 03:54:56 GMT

GET
H2 200 btn_donate_SM.gif
www.paypalobjects.com/en_GB/i/btn/ 1 KB
2 KB 90ms
27ms Image
image/gif 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_GB/i/btn/btn_donate_SM.gif

Requested by

Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3df4cb291a94e29327e631b40d71056268370db44d9e634fa9cc60b2b1fad3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:56 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=1491 idim=74x21 ifmt=gif ofsz=1490 odim=74x21 ofmt=gif
paypal-debug-id: d901d3ff873b9
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 1490
x-served-by: cache-sjc10020-SJC, cache-lcy-eglc8600044-LCY
traceparent: 00-0000000000000000000d901d3ff873b9-8ad066a5b415888a-01
x-timer: S1674878096.446990,VS0,VE0
etag: "1XkoZbkWURnYfz3DnPmwskDxn5oqJQMCfkas9Y7jblc"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 20902, 3

GET
H2

200

pixel.gif
www.paypalobjects.com/en_GB/i/scr/
Redirect Chain

https://www.paypal.com/en_GB/i/scr/pixel.gif
https://www.paypalobjects.com/en_GB/i/scr/pixel.gif

42 B
282 B

27ms
27ms

Image
image/gif

151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_GB/i/scr/pixel.gif

Requested by

Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html

Protocol

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:56 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 6422288d45e41
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10082-SJC, cache-lcy-eglc8600044-LCY
traceparent: 00-00000000000000000006422288d45e41-838a8961185fdc70-01
x-timer: S1674878097.650076,VS0,VE0
etag: "EMKH4Lmcv0jpPecX1lsuI9JDUC4i6ZE+vkcq+Tq/75s"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 10817, 4954

Redirect headers

date: Sat, 28 Jan 2023 03:54:56 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35C3)
traceparent: 00-000000000000000000006470886916b9-9dc7fd7185163b3c-01
vary: Accept-Encoding
location: https://www.paypalobjects.com/en_GB/i/scr/pixel.gif
paypal-debug-id: 06470886916b9
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: *
content-length: 20

GET
H/1.1 200
OK 1x1.gif
www.usenix.org.uk/content/pictures/ 35 B
475 B 38ms
38ms Image
image/gif 2001:ba8:1f1:f1cb::2
JUMP

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.usenix.org.uk/content/pictures/1x1.gif
Requested by: Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html
Protocol: HTTP/1.1
Server: 2001:ba8:1f1:f1cb::2 , United Kingdom, ASN8943 (JUMP, GB),
Reverse DNS
Software: Apache/2.4.54 (Debian) /
Resource Hash: ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/content/rbl.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

CIDR_SIZE: 32
Date: Sat, 28 Jan 2023 03:54:56 GMT
CIDR_CC: GB
CIDR_TYPE: ipv6
Connection: Keep-Alive
Content-Length: 35
CIDR_REGISTRY: ripencc
Last-Modified: Sun, 01 Jun 2014 16:31:51 GMT
Server: Apache/2.4.54 (Debian)
CIDR_FROM: 2a02:8c8::
ETag: "23-4fac8d0d70bc0"
Content-Type: image/gif
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sat, 28 Jan 2023 03:54:56 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 361 KB
119 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1713338079903901&plah=www.usenix.org.uk&bust=31071855

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23f166e2f90b11c5b6435ab03f92729da5f68b5b443dbdd143aa04d6b9be1e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121174
x-xss-protection: 0
server: cafe
etag: 13176451840049455906
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 28 Jan 2023 03:54:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/ Frame FFA4 10 KB
5 KB 145ms
38ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 24195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 21:11:41 GMT
etag: 10353107486223812946
expires: Fri, 10 Feb 2023 21:11:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
334 B 74ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.usenix.org.uk&callback=_gfp_s_&client=ca-pub-1713338079903901

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1713338079903901&plah=www.usenix.org.uk&bust=31071855

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

767f5491751a224804c42011eb4364b48e8668a1c0995ef61792748fda83c9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
531 B 166ms
47ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 156ms
49ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0806 259 KB
67 KB 577ms
577ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&adk=1812271804&adf=3025194257&lmt=1552829327&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&ea=0&pra=5&wgl=1&dt=1674878096614&bpp=5&bdt=296&idt=162&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=62115029505&frm=20&pv=2&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=188

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6eb969e9f68cc3d0898a8608942ed0a0dd3e6da1d322258847e45bfe6cef07bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 68326
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 03:54:57 GMT
expires: Sat, 28 Jan 2023 03:54:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 131ms
52ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230124&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a32cc95299ce641ad0e2e62c49d2fb912641adaa199fa9347b0c7f762d6a2350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11332
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 150 KB
51 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/reactive_library_fy2021.js?bust=31071855

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c5351e6e132f0143c340d7239b87c643fad83d159c48c5c6a0fb816bb55de92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52194
x-xss-protection: 0
server: cafe
etag: 15276389713758454929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Jan 2023 03:54:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
165 B 48ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF4F 88 KB
32 KB 441ms
440ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=2&bdt=1162&idt=-M&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0&nras=2&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=RvqozL2qJF&p=http%3A//www.usenix.org.uk&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

104ac3fb437e80e0dda20769f7d6af7ccd4f74a6da00cba8d5fc51286fedb734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33000
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 03:54:57 GMT
expires: Sat, 28 Jan 2023 03:54:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3A7 100 KB
35 KB 498ms
498ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d2b176ca152fac747f55255c4619608a106059479150347cc83c6114100ec13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35393
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 03:54:57 GMT
expires: Sat, 28 Jan 2023 03:54:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/ Frame C0D8 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 34615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 18:18:02 GMT
etag: 10353107486223812946
expires: Fri, 10 Feb 2023 18:18:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/ Frame 707A 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 34615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 18:18:02 GMT
etag: 10353107486223812946
expires: Fri, 10 Feb 2023 18:18:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 191ms
82ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 03:54:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame C0D8 4 KB
1 KB 227ms
74ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Jan 2023 01:55:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Jan 2023 03:54:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C0D8 205 B
519 B 253ms
103ms Image
image/png 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 01:05:05 GMT
x-content-type-options: nosniff
age: 10192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Jan 2024 01:05:05 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C0D8 604 B
695 B 254ms
103ms Image
image/png 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 22:50:48 GMT
x-content-type-options: nosniff
age: 18249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 27 Jan 2024 22:50:48 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame C0D8 19 KB
8 KB 119ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f9788d7e66abe87bcc3b3da018a88a09a3092be671c3f7b87ca1ee8eee2b1d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 20:35:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8242
x-xss-protection: 0
server: cafe
etag: 13932103368176740555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 20:35:04 GMT

GET
H2 200 8229fa5a5c3ebd24f3e2eb95db7eba72.js Show response
www.gstatic.com/mysidia/ Frame 707A 9 KB
5 KB 190ms
51ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 07:54:16 GMT

GET
H2 200 9e5698c686bc55900eb7505b234da968.js Show response
www.gstatic.com/mysidia/ Frame 707A 10 KB
4 KB 191ms
53ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4467
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 07:54:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 707A 8 KB
968 B 232ms
96ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Jan 2023 01:57:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Jan 2023 03:54:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 707A 2 KB
846 B 144ms
79ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 22:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 22:03:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 707A 22 KB
9 KB 110ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:16:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 03:16:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 707A 3 KB
1 KB 145ms
81ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 03:16:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 707A 18 KB
7 KB 116ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 20:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 20:35:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 707A 156 KB
48 KB 182ms
47ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 03:54:57 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 707A 33 KB
14 KB 193ms
58ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 07:54:36 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D5AA 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 03:16:47 GMT
expires: Sun, 28 Jan 2024 03:16:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0DEB 783 B
1 KB 151ms
50ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c34961c759b0d60feb55e1a266bf1c23af80f5d08101a021769abb8a488c57f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B4lzelE28Wk5WWFLscFdGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-B4lzelE28Wk5WWFLscFdGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 03:54:57 GMT
expires: Sat, 28 Jan 2023 03:54:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 707A 0
0 103ms
102ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoNi2kJzUY9DEM_GX9u8PqNewqA2t9tesbsu4mrWgDv3j5sC7JRABIMrNqX9guwagAY3s5NkCyAEBqQJFjoCZQjWpPqgDAcgDywSqBOIBT9DX0J4gPhYwRoU5upwu5ECExVrHXyb0VzpNhhNV6_8KzlApDMsbshSPNLhYgwc3aeF4z6P_i2BMkTTxz90LhSz3SAjswIiWVifeaqpgzAVEGok-AcJlKic4nYgozip2YCnY2RIk1a_8NcXV4n8Wb1kRmOMpJD0-GMhR7elbM2drTwpADNOOpKqVI-LZ5d7bj2aQhKjMV7yw3p9yP59Eu6v9QFUS1ChrlRLKgHR6mU1Kg2j1vc6ighJrY0wljFc25TDOTTifhJr98vybhYIbXP8LjGTNJXavcU7hRW1024FJp8AE4MKdzOYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_cMH0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFArQFQGAFwGyFxwKGggAEhRwdWItMTcxMzMzODA3OTkwMzkwMRgA&sigh=l2YFge9bFq0&uach_m=[UACH]&cid=CAQSGwDUE5ymlCOWc_aDiHgY6_PF6UfjaC3LtGJbHRgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 28 Jan 2023 03:54:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 28 Jan 2023 03:54:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E205 143 B
166 B 39ms
38ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 03:02:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 707A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6404a05323e54827e6fa207255a27af4a216b6597f929763975ed7e52a47d07

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 3B0E 6 KB
745 B 76ms
75ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Jan 2023 02:04:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Jan 2023 03:54:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 3B0E 2 KB
765 B 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 22:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 22:03:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 3B0E 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:16:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 03:16:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 3B0E 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 03:16:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 3B0E 18 KB
7 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 20:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 20:35:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B0E 156 KB
48 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 03:54:57 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 3B0E 33 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 07:54:36 GMT

GET
H3 200 o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js Show response
pagead2.googlesyndication.com/bg/ Frame D5AA 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b3c9e267a772b2697c160127234b76a1f2e3ff13f1edd3ada08f7c0e059fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14089
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 14:35:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FF4F 6 KB
745 B 75ms
74ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=2&bdt=1162&idt=-M&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0&nras=2&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=RvqozL2qJF&p=http%3A//www.usenix.org.uk&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Jan 2023 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Jan 2023 02:02:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Jan 2023 03:54:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame FF4F 2 KB
765 B 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 22:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 22:03:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FF4F 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNTDDkZzUY4z2H_uA9u8P-MC4iA2t9tesbsu4mrWgDv3j5sC7JRABIMrNqX9guwagAY3s5NkCyAEJqQJFjoCZQjWpPqgDAcgDywSqBOgBT9CQczg3k-BsKKr9opkgTuC0eypxT0bk5pqWdccfJBZSCHe6B3_HWBlF1obD8Neu5cyZx5yNg99-Qe_-QeIuYQnSbgzHCP4LJov0jpLydRyHpu9iQwuDksKxmJ1Zv8n6UGaCwpFajVFIPbFtWoWoEMy5KjDVO8gANSj97M8L0BLlR1xUhOg3ULgIQphUhzfzdEXjIxgJHl95SmLj75vJ92Q2cZdKk-ai_Mf--iLLTV3teDZvrTwyDrpZu44D16h6GJILOHVDmeI6yX11oo_rarHx0GNFjCwlLGa53-rmOVo5BZmPtDJrM8AE4MKdzOYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQlPwB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQK0BUBgBcBshccChoIABIUcHViLTE3MTMzMzgwNzk5MDM5MDEYAA&sigh=mGmzLcJgMPg&uach_m=[UACH]&cid=CAQSPADUE5ymSLYpvL98DEZemcrUBVOS6jCb9rQFo_iletpM3Pv-QDeK7QbGwoN3yFqFCE-htdjGE4PlfNaLLhgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=2&bdt=1162&idt=-M&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0&nras=2&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=RvqozL2qJF&p=http%3A//www.usenix.org.uk&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 28 Jan 2023 03:54:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6755164337674422732/ Frame FF4F 7 KB
7 KB 40ms
39ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6755164337674422732/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753b97fadc48db387ccb8dd73bf9e88f5da457699a3b8cac862cd677c8e4bb86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 08:04:04 GMT
x-content-type-options: nosniff
age: 71454
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6826
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 02:40:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jan 2024 08:04:04 GMT

GET
H3 200 15133298075068839658
tpc.googlesyndication.com/simgad/ Frame FF4F 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15133298075068839658?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e3d4a2cc549ba5e51867d426f3e98a0112231497f355dd1ec6815ba67f14dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:57:14 GMT
x-content-type-options: nosniff
age: 43064
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1912
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 17:06:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jan 2024 15:57:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame FF4F 22 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:16:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 03:16:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame FF4F 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 03:16:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame FF4F 18 KB
7 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 20:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 20:35:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FF4F 0
0 49ms
47ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtS6HYffmydKa02p1_ScX0FJrNza5YwH1p_M_phSKoVyf--A9Z4KOC8S45VpMHtp3cpDiu-b8EtKRFJ0cgif164ZKv9g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=2&bdt=1162&idt=-M&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0&nras=2&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=RvqozL2qJF&p=http%3A//www.usenix.org.uk&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF4F 156 KB
48 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 03:54:58 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame FF4F 33 KB
14 KB 55ms
53ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 07:54:36 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E205
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
47ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 03:54:58 GMT
expires: Sat, 28 Jan 2023 03:54:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 03:54:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js Show response
pagead2.googlesyndication.com/bg/ Frame 17E7 36 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b3c9e267a772b2697c160127234b76a1f2e3ff13f1edd3ada08f7c0e059fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14089
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 14:35:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B3A7 8 KB
895 B 76ms
76ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Jan 2023 03:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Jan 2023 01:55:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Jan 2023 03:54:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame B3A7 2 KB
765 B 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 22:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 22:03:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame B3A7 22 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:16:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 03:16:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame B3A7 3 KB
1 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 03:16:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame B3A7 18 KB
7 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 20:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 20:35:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B3A7 0
0 50ms
44ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_Y_GNslM_qCCw9XVUeb39vMC26i9_zfSQS4M2f3B5QxN72jvd8A3-ypSYiFw4MC6Bv-F4G4l_G6KIS0tklMzH-5Z4Tw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3A7 156 KB
48 KB 68ms
63ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 03:54:58 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame B3A7 33 KB
14 KB 56ms
52ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 07:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 07:54:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B3A7 0
0 88ms
85ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C296BkZzUY8nbIK6G9u8P7fuSoA6t9tesbreFof_xDv3j5sC7JRABIMrNqX9guwagAY3s5NkCyAEJqQJFjoCZQjWpPqgDAcgDywSqBOIBT9CBrScSLmxpfCBDHzXvvhEUIFy0L3J7bf_nbzGfZYbnFNRbghaSxIpcFQ_6_wWuW4lH2H3IELuVovtEG4yn_Q6eprGZ9fBtyDQaasrw1VxvVl3Wy3kXZs3QV0fEi8ucKjOOSsrjz7SXzkSVD5NnR1K4Ti7aiAT1ut9RlNabLMPauIak2-udcFP73tVBj5jLbbMDV8tg7ggWqJ_JtAxFkL61MLRsPSfDMZVV0LLlP-iI1-00VWl_7VGDqmu4ZoDOq-gckEUER9YLQH0npEiECy8jqPOuWZnPvGmwL_E4txvb-8AE4MKdzOYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQy0DSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUCNAVAYAXAbIXHAoaCAASFHB1Yi0xNzEzMzM4MDc5OTAzOTAxGAA&sigh=VxmSYCOg2Us&uach_m=[UACH]&cid=CAQSPADUE5ymDptpF3E7XXnpqkAY1AazdZsn6xqGiLAfK35yhTXuCzLUH5NTsNqEZYK5e8Y-8r_O2fwZNK57ExgBIBM&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 28 Jan 2023 03:54:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6951785204276097563/ Frame B3A7 39 KB
39 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6951785204276097563/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98f6eab7e7cbc1753e32f2567ff67d2742689f379e68b285d88cbd304f7b3492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 01:58:36 GMT
x-content-type-options: nosniff
age: 93382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39828
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 03:59:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jan 2024 01:58:36 GMT

GET
DATA 200
OK truncated
/ Frame B3A7 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B3A7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0DEB 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230124&jk=383717315006124&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js Show response
pagead2.googlesyndication.com/bg/ Frame 472B 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js

Requested by

Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b3c9e267a772b2697c160127234b76a1f2e3ff13f1edd3ada08f7c0e059fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14089
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 14:35:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6046 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 72639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 07:44:19 GMT
etag: 48472445140208031
expires: Sat, 28 Jan 2023 07:44:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FF4F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f99792ff0f45e2671ca7144ef12f689c6804a0516f884463606d7dd34ba880c6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 226D 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 72639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 07:44:19 GMT
etag: 48472445140208031
expires: Sat, 28 Jan 2023 07:44:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FF4F 15 KB
16 KB 138ms
38ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 20:40:44 GMT
x-content-type-options: nosniff
age: 26054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 20:40:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FF4F 15 KB
16 KB 179ms
81ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 385806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FF4F 15 KB
15 KB 145ms
48ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 01:48:43 GMT
x-content-type-options: nosniff
age: 93975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 01:48:43 GMT

GET
DATA 200
OK truncated
/ Frame B3A7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2398ada8bae981d1808b36bc39871255040206ab509f1f181d4739e6cae5c4e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6046
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKLWhAOq38UbD21mTCp41rk&google_cver=1&google_push=Aa02lx8jjK6KHWRt2uIUDuBzdMMAmPk70_dw49OkREYmjYvLkXDGRpn6CUwWXGNhNYFsjJiPU6fHm82foKGkej4p...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8jjK6KHWRt2uIUDuBzdMMAmPk70_dw49OkREYmjYvLkXDGRpn6CUwWXGNhNYFsjJiPU6fHm82foKGkej4pj9CoIxLxrUi-FT4

170 B
232 B

49ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8jjK6KHWRt2uIUDuBzdMMAmPk70_dw49OkREYmjYvLkXDGRpn6CUwWXGNhNYFsjJiPU6fHm82foKGkej4pj9CoIxLxrUi-FT4

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 28 Jan 2023 03:54:58 GMT
Server: MT3 404 ce67235 master cdg-pixel-x32 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8jjK6KHWRt2uIUDuBzdMMAmPk70_dw49OkREYmjYvLkXDGRpn6CUwWXGNhNYFsjJiPU6fHm82foKGkej4pj9CoIxLxrUi-FT4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 28 Jan 2023 03:54:57 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6046
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECnqaHA8o080qUaIWvQrffM&google_cver=1&google_push=Aa02lx-azr9a3j8gHDU5If5fDsZ3dLImujmxKNIP-La6F4EnQ_6mAifJB6jOvriiSVwZBE1fozyqnmXwH3U_5gxJIDsbaYfWhgLGTgI
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EBC3DDEBF094DC5BA66934DB55DCAC4&google_push=Aa02lx-azr9a3j8gHDU5If5fDsZ3dLImujmxKNIP-La6F4EnQ_6mAifJB6jOvriiSVwZBE1fozyqnmXwH3U_5gx...

170 B
232 B

49ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EBC3DDEBF094DC5BA66934DB55DCAC4&google_push=Aa02lx-azr9a3j8gHDU5If5fDsZ3dLImujmxKNIP-La6F4EnQ_6mAifJB6jOvriiSVwZBE1fozyqnmXwH3U_5gxJIDsbaYfWhgLGTgI

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 28 Jan 2023 03:54:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EBC3DDEBF094DC5BA66934DB55DCAC4&google_push=Aa02lx-azr9a3j8gHDU5If5fDsZ3dLImujmxKNIP-La6F4EnQ_6mAifJB6jOvriiSVwZBE1fozyqnmXwH3U_5gxJIDsbaYfWhgLGTgI
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 27 Jan 2023 03:54:58 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6046
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPCs8gzUliorRNvYNpS7rTI&google_cver=1&google_push=Aa02lx9X8B92DFGb47qMWnLhADa1AsXycbBY53f3qYI67lzp34ClesIn70sNKiYcDYlP0BHIP0skqQxEgKt...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9X8B92DFGb47qMWnLhADa1AsXycbBY53f3qYI67lzp34ClesIn70sNKiYcDYlP0BHIP0skqQxEgKtUeTfpXVfIdq0q78uWZg&google_hm=ZQoilMc8Ty-valYr3k...

170 B
329 B

59ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9X8B92DFGb47qMWnLhADa1AsXycbBY53f3qYI67lzp34ClesIn70sNKiYcDYlP0BHIP0skqQxEgKtUeTfpXVfIdq0q78uWZg&google_hm=ZQoilMc8Ty-valYr3k0UYW0

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:57 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9X8B92DFGb47qMWnLhADa1AsXycbBY53f3qYI67lzp34ClesIn70sNKiYcDYlP0BHIP0skqQxEgKtUeTfpXVfIdq0q78uWZg&google_hm=ZQoilMc8Ty-valYr3k0UYW0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6046
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAdbPF5UEbCZ829TgfHLTUM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAdbPF5UEbCZ829TgfHLTUM&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAdbPF5UEbCZ829TgfHLTUM&google_hm=Y9SckjU0U73YaSi2GIGKLwAAB_8AAAIB&google_nid=index&google_push=Aa02lx8gfkSMIVbXHGXR2TNC3SxkndYdS-6ZK...

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAdbPF5UEbCZ829TgfHLTUM&google_hm=Y9SckjU0U73YaSi2GIGKLwAAB_8AAAIB&google_nid=index&google_push=Aa02lx8gfkSMIVbXHGXR2TNC3SxkndYdS-6ZKcvyytmehJLlaleeYVsq-d16dYp25kaKCnszzloxjIzuDGL9c1ZL6F1MLG-HbR5gie8

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76UirtEZBRNzVxP0BLAA4DUcIv5cdHzBCR2Ztwu08VCgMMzsP1GyPExGXsf%2F%2BjnvC9sgxH4Fcb0o96ULqiNp%2FXxducQw5OSmyMUT8u5PDrwbZLMGwSQE%2BlnKf70dSS9Jbb0hYaC71Jx5hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAdbPF5UEbCZ829TgfHLTUM&google_hm=Y9SckjU0U73YaSi2GIGKLwAAB_8AAAIB&google_nid=index&google_push=Aa02lx8gfkSMIVbXHGXR2TNC3SxkndYdS-6ZKcvyytmehJLlaleeYVsq-d16dYp25kaKCnszzloxjIzuDGL9c1ZL6F1MLG-HbR5gie8
cache-control: no-cache
cf-ray: 7906ca36781c3853-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6046
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHcASopEckfIc1LEvvqSTp4&google_cver=1&google_push=Aa02lx_4c2vYrcEGKllGEwrU-hZsCdI-aWcJdVq9Z1HW0bQmWyhF3_fpoeFPLHZ9kXj8CSxZ2NI5KlJHz4FmZbHh...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_4c2vYrcEGKllGEwrU-hZsCdI-aWcJdVq9Z1HW0bQmWyhF3_fpoeFPLHZ9kXj8CSxZ2NI5KlJHz4FmZbHhGdA5tsmX3xd2GDg

170 B
232 B

48ms
47ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_4c2vYrcEGKllGEwrU-hZsCdI-aWcJdVq9Z1HW0bQmWyhF3_fpoeFPLHZ9kXj8CSxZ2NI5KlJHz4FmZbHhGdA5tsmX3xd2GDg

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 28 Jan 2023 03:54:58 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_4c2vYrcEGKllGEwrU-hZsCdI-aWcJdVq9Z1HW0bQmWyhF3_fpoeFPLHZ9kXj8CSxZ2NI5KlJHz4FmZbHhGdA5tsmX3xd2GDg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: cCXEldjjOOLMklFyidmJt-sUzCu9FWQ2hhWA-fuPo4NzCh--re93uQ==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6046
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEDAMOcdCHfIQhOeKzR3u5To&google_cver=1&google_push=Aa02lx-3x3PBBHwTQaAy5g_Zc_oPNXe6WmGqNUo3wNznPMzV8MRpmv3wVrIxLhdS_DgP_vzcYT0Ak-x1qLdg2mytlBh14b...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDAMOcdCHfIQhOeKzR3u5To&google_cver=1&google_push=Aa02lx-3x3PBBHwTQaAy5g_Zc_oPNXe6WmGqNUo3wNznPMzV8MRpmv3wVrIxLhdS_DgP_vzcYT0Ak-x1qLdg2myt...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ONgGJaBIRdSNMK7GXDqywA&google_push=Aa02lx-3x3PBBHwTQaAy5g_Zc_oPNXe6WmGqNUo3wNznPMzV8MRpmv3wVrIxLhdS_DgP_vzcYT0Ak-x1qLdg2my...

170 B
232 B

50ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ONgGJaBIRdSNMK7GXDqywA&google_push=Aa02lx-3x3PBBHwTQaAy5g_Zc_oPNXe6WmGqNUo3wNznPMzV8MRpmv3wVrIxLhdS_DgP_vzcYT0Ak-x1qLdg2mytlBh14bRfisFknBE

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ONgGJaBIRdSNMK7GXDqywA&google_push=Aa02lx-3x3PBBHwTQaAy5g_Zc_oPNXe6WmGqNUo3wNznPMzV8MRpmv3wVrIxLhdS_DgP_vzcYT0Ak-x1qLdg2mytlBh14bRfisFknBE
access-control-allow-origin: *
date: Sat, 28 Jan 2023 03:54:58 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

report
sync.teads.tv/um/ Frame 6046
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEE2x3pfWZcHh3ST5UTAygDs&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9J3jv4MRHQMGxZHbEV_9McjI5CDWQU5EMxWvgkygEeam8xMzwdjAYXDO16jAfZ2povB8goPpPWaXWhEZdvb7i3FC92lr14SdFd
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

61ms
61ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 28 Jan 2023 03:54:58 GMT
pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6046 0
40 B 159ms
47ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jmu_E5yAOzne8Oze2EtBfH5R02HIiqLy1PcxysdegQZ_DZQGFBcbZJugQ7jUa8Xzp8kXjcfw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B3A7 28 KB
28 KB 76ms
75ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 21:35:41 GMT
x-content-type-options: nosniff
age: 109157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 21:35:41 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 226D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEO1JOmPMmJGe4uMs63rEmg0&google_cver=1&google_push=Aa02lx_u2C__WwaEwRgsnLFPJ0XJjPsTJzEbW8CYp7GiHSjaKrCchxD4GNYL7P07JJd_GG0dMOOKRbBDu6ttgQPJYOaxry3QXrqJ5...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO1JOmPMmJGe4uMs63rEmg0&google_cver=1&google_push=Aa02lx_u2C__WwaEwRgsnLFPJ0XJjPsTJzEbW8CYp7GiHSjaKrCchxD4GNYL7P07JJd_GG0dMOOKRbBDu6ttgQPJYOaxry3QXrq...

43 B
416 B

185ms
176ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO1JOmPMmJGe4uMs63rEmg0&google_cver=1&google_push=Aa02lx_u2C__WwaEwRgsnLFPJ0XJjPsTJzEbW8CYp7GiHSjaKrCchxD4GNYL7P07JJd_GG0dMOOKRbBDu6ttgQPJYOaxry3QXrqJ5us&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_u2C__WwaEwRgsnLFPJ0XJjPsTJzEbW8CYp7GiHSjaKrCchxD4GNYL7P07JJd_GG0dMOOKRbBDu6ttgQPJYOaxry3QXrqJ5us%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7906ca342a3cdceb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 188
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO1JOmPMmJGe4uMs63rEmg0&google_cver=1&google_push=Aa02lx_u2C__WwaEwRgsnLFPJ0XJjPsTJzEbW8CYp7GiHSjaKrCchxD4GNYL7P07JJd_GG0dMOOKRbBDu6ttgQPJYOaxry3QXrqJ5us&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_u2C__WwaEwRgsnLFPJ0XJjPsTJzEbW8CYp7GiHSjaKrCchxD4GNYL7P07JJd_GG0dMOOKRbBDu6ttgQPJYOaxry3QXrqJ5us%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7906ca32f94cdceb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 226D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDc0qkdBPfRUj_PYT38Im7k&google_cver=1&google_push=Aa02lx-y_i2K3cUq5XIMd9-mZZDx4pPhiQa3pe5kJY9XGqyTKEIr8sXk-TFWPq1Z1GeKWJ6ZlWoawzBSfkny2UG6Jk01DJUTfOlU5zFD
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D968862D6DA14CBC88693710A03ADEDE&google_push=Aa02lx-y_i2K3cUq5XIMd9-mZZDx4pPhiQa3pe5kJY9XGqyTKEIr8sXk-TFWPq1Z1GeKWJ6ZlWoawzBSfkny2UG...

170 B
232 B

50ms
50ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D968862D6DA14CBC88693710A03ADEDE&google_push=Aa02lx-y_i2K3cUq5XIMd9-mZZDx4pPhiQa3pe5kJY9XGqyTKEIr8sXk-TFWPq1Z1GeKWJ6ZlWoawzBSfkny2UG6Jk01DJUTfOlU5zFD

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 28 Jan 2023 03:54:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D968862D6DA14CBC88693710A03ADEDE&google_push=Aa02lx-y_i2K3cUq5XIMd9-mZZDx4pPhiQa3pe5kJY9XGqyTKEIr8sXk-TFWPq1Z1GeKWJ6ZlWoawzBSfkny2UG6Jk01DJUTfOlU5zFD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 27 Jan 2023 03:54:58 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 226D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDuLSxlt8SvX1JsVPETGvJ0&google_cver=1&google_push=Aa02lx-PAjuJgz6GXEq_u8FXl_baG0kTD_VD_KVYR5pYEFqDmWHOAUYvYfDAEBNhA9NQ3uigjvG35KQypoC...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-PAjuJgz6GXEq_u8FXl_baG0kTD_VD_KVYR5pYEFqDmWHOAUYvYfDAEBNhA9NQ3uigjvG35KQypoCHM7ZKfb0RYKrVieSLit7I&google_hm=xxoDQHatQWa4tLMq...

170 B
232 B

60ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-PAjuJgz6GXEq_u8FXl_baG0kTD_VD_KVYR5pYEFqDmWHOAUYvYfDAEBNhA9NQ3uigjvG35KQypoCHM7ZKfb0RYKrVieSLit7I&google_hm=xxoDQHatQWa4tLMqYeiPQG0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:57 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-PAjuJgz6GXEq_u8FXl_baG0kTD_VD_KVYR5pYEFqDmWHOAUYvYfDAEBNhA9NQ3uigjvG35KQypoCHM7ZKfb0RYKrVieSLit7I&google_hm=xxoDQHatQWa4tLMqYeiPQG0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 226D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFz_hf3Pb8vVlmjY5gUDPd8&google_cver=1&google_push=Aa02lx90nMqrhsj2y3eelCBZTifSaw2E43Qt6nI32q24vvhx534_P2XcckvpE2ldfJLo-ivGamxm56_hHJbl97tYAk3mbBr...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx90nMqrhsj2y3eelCBZTifSaw2E43Qt6nI32q24vvhx534_P2XcckvpE2ldfJLo-ivGamxm56_hHJbl97tYAk3mbBr7689rTDwy&google_hm=eS1PRFI1MEl0RTJwR0...

170 B
232 B

49ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx90nMqrhsj2y3eelCBZTifSaw2E43Qt6nI32q24vvhx534_P2XcckvpE2ldfJLo-ivGamxm56_hHJbl97tYAk3mbBr7689rTDwy&google_hm=eS1PRFI1MEl0RTJwR01PRXpoSWEzRXRCMkkyRjZ2U0ExNH5B

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 28 Jan 2023 03:54:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx90nMqrhsj2y3eelCBZTifSaw2E43Qt6nI32q24vvhx534_P2XcckvpE2ldfJLo-ivGamxm56_hHJbl97tYAk3mbBr7689rTDwy&google_hm=eS1PRFI1MEl0RTJwR01PRXpoSWEzRXRCMkkyRjZ2U0ExNH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 226D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEISeAHC7DPLDPp5l_XAuEDg&google_cver=1&google_push=Aa02lx8BPvWT3eumUAnGGXMP8cy_H9RurPzxK6iSA9NPKT4AmPDYBAr33SY2QHoDajGQbbs6wNQ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERGRjZCU1ktOC01UUtS&google_push=Aa02lx8BPvWT3eumUAnGGXMP8cy_H9RurPzxK6iSA9NPKT4AmPDYBAr33SY2QHoDajGQbbs6wNQYRJiKQKvbqK7Bep75s5S7BDAuAgvI

170 B
232 B

53ms
53ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERGRjZCU1ktOC01UUtS&google_push=Aa02lx8BPvWT3eumUAnGGXMP8cy_H9RurPzxK6iSA9NPKT4AmPDYBAr33SY2QHoDajGQbbs6wNQYRJiKQKvbqK7Bep75s5S7BDAuAgvI

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERGRjZCU1ktOC01UUtS&google_push=Aa02lx8BPvWT3eumUAnGGXMP8cy_H9RurPzxK6iSA9NPKT4AmPDYBAr33SY2QHoDajGQbbs6wNQYRJiKQKvbqK7Bep75s5S7BDAuAgvI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 226D
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDtC89nadnBBRoRCOY75lrQ&google_cver=1&google_push=Aa02lx-42rYoXK7HtZXuAq_di2ZtYUEp3TPSZIh9PGw-iLkbzD1SVKMXWGu6r4c2cYOPUvqwCG-Rxnv-Grqu9dplj...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDtC89nadnBBRoRCOY75lrQ&google_cver=1&google_push=Aa02lx-42rYoXK7HtZXuAq_di2ZtYUEp3TPSZIh9PGw-iLkbzD1SVKMXWGu6r4c2cYOPUvqwCG-Rxnv-Grqu9dplj...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-42rYoXK7HtZXuAq_di2ZtYUEp3TPSZIh9PGw-iLkbzD1SVKMXWGu6r4c2cYOPUvqwCG-Rxnv-Grqu9dpljdfCIA7eBQ9uruI&google_hm=GD1KuGZHYjaidvuXQYW...

170 B
232 B

49ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-42rYoXK7HtZXuAq_di2ZtYUEp3TPSZIh9PGw-iLkbzD1SVKMXWGu6r4c2cYOPUvqwCG-Rxnv-Grqu9dpljdfCIA7eBQ9uruI&google_hm=GD1KuGZHYjaidvuXQYWwPJIZ

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 28 Jan 2023 03:54:58 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-42rYoXK7HtZXuAq_di2ZtYUEp3TPSZIh9PGw-iLkbzD1SVKMXWGu6r4c2cYOPUvqwCG-Rxnv-Grqu9dpljdfCIA7eBQ9uruI&google_hm=GD1KuGZHYjaidvuXQYWwPJIZ
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 226D 0
75 B 179ms
34ms Image
text/plain 185.86.137.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESED4u65dHkJ4oSFNKfT2_DhM&google_cver=1&google_push=Aa02lx83nuC6h8MEMlxdwf-ZSm1urNE4ziK6t2ViLKNWIPYiWmc34YuYn2CpZv2js-DvS_V9VQbkb-BT3TlcpC7waNGiwiV3WZxxLa0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:57 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 226D 0
139 B 138ms
46ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jgm3SzrkXvL_2fL0Z6UYjFSzDN-w42fjMXymHd0HRCvXkc7ppzYBwqNCRMvl2Sv5QgQi_B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D5AA 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C6zY0w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:54:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FE2 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b3c9e267a772b2697c160127234b76a1f2e3ff13f1edd3ada08f7c0e059fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14089
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 14:35:08 GMT

GET
H3 200 o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js Show response
pagead2.googlesyndication.com/bg/ Frame F5AC 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1674878097480&bpp=1&bdt=1163&idt=1&shv=r20230124&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadf9b7b722e54e56-223e1a0c71db00a4%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA&gpic=UID%3D00000bab6302e191%3AT%3D1674878096%3ART%3D1674878096%3AS%3DALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw&prev_fmts=0x0%2C1200x280&nras=3&correlator=62115029505&frm=20&pv=1&ga_vid=998808646.1674878097&ga_sid=1674878097&ga_hid=714520870&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071791%2C31071855%2C31071947&oid=2&pvsid=383717315006124&tmod=56870750&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qHoifgv8jo&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b3c9e267a772b2697c160127234b76a1f2e3ff13f1edd3ada08f7c0e059fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14089
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 14:35:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230124&jk=383717315006124&bg=!IiGlIWXNAAZSrDxfcqw7ACkAdvg8WqK_9yU_1p7qzyme2qjPCfW64cOTjDZGmo8pgjIy19mudJjRUAIAAAEIUgAAAApoAQcKAOZzhlWAqWgHmJvYu0hTrnoybmILMpK51FQDEUZgOVAWVMNno5gg0mdPPfv5eGqmOoIjKRcJwKlObPCXNhf725pMyTNzzG7-mRrS0E9RU12i36XrstGofJSw7mgc69WdhH8sUOhOh2YXhFMWmWCkrTTGe8W72wgxCntq0T12Z0xenxw2NoJcVTOEhExDcMXKCdu0y95WHrI1WbFoRW3e21vO0MjRz62TRl7zdrSaO1AzTCFRemevrYA4aljNSbTxe11JOxMd8NwEfvmD0H6ro4CHZWlWybXkN80FKgeEiS0ZSEUtQxBgx5kCoKj4G1oIjORz0Z2p60EzNSp_UW5tc00k3QMx39aR3gbrCOvwe-otk0btCB8ddd1e3mfOAEoZF5tMQ_h4njh84A8dknQE4YCfnJPqSWXYTdv6E_tyl6yDRIzsoRUy8EcplCPN5HYd4g5Hl1_-IkVr9Qg1yTghNpAbAeOs-oPyOEUH652tWZ16ZGFhRjBJ3v05ZN0mZcfzlUGJhnloVklWxN0KxuvrLqIdfiw6t7Bapnv6Z2ZnKucCcHUbK6nVYzZIICqv6ci-EV8AZ1Zh6TxWnlXKp7BZPybfCf3ZpfhgAYSTF_GKwWfkebwCaEquhrcB3ffUUTzoXyaRmMegWVxhNPof_FMeqmelynVnP33NQGgKe5HJxoHUJUeRqNtnwDrHvQc07ISlNHJimxa6G5628tIIWug3dbI1NzXEuqAFRn735pdFqr9wbrsPzZsAzz3KgD8IPJPjjwKManK6X0UTRTt2NKpM1_MpBRZigqIdewCs4CCyQJXxSL3YgXW6T6sghNXpQvsjEdGfR8Im1kk0flOyIuqyvzs0IKYJCxCMWcm2q6US0KjT8KknYvk4A-fWEhpfZxQ330Zl7VoO-J6jX3_wjLPBg3xPTKxClxbj6YFGxrzBV4os7uosd6ypEA2ylUMbiFYRcsWGZkVxowQmX1AOboMByMIGPlFhfgcJPeWVIrqTaAoqf4Prr8oyEXGULsTy7ETysfxfW1ZNrqmbyr2FEysUmnNnWZiAi6d_ADB3lBnQWASNCq6iTFw3T46m0rkqvYIikEhnYUCkCUNU8eTxcgvraqQQJca3f3cnWi-BCy6wLHuqSNUruinP6H_MmF0UBkha2iKVIZJWLKqE_02s4H_mphU04OWeG9yJBgdiImRUyz-85AKzrYyRCVYq9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 707A 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssr_Mm3mX3x_WqJq6X69XytqFi17-r4e-pCaTreWCX1vYv1f-RzuumM6TE0qD2D9QIkIIIwIfWjv5vjJTGVNHVFUb4uY9pw3A_EyebNUh8hMW2xY2fLF3OurG1ON2KPSMlU5ntX5A&sai=AMfl-YSCkc73APyBwWwYl9XjSAjKb7hk8g3Gxg9MeEj8ogBgXgYNR-axgMRzVEwTZUge7mWAbv_olV2YDcxHeMg&sig=Cg0ArKJSzPnqA2lsyIcdEAE&cid=CAQSGwDUE5ymlCOWc_aDiHgY6_PF6UfjaC3LtGJbHRgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=126,736,1000,1017,1017&tos=126,610,264,17,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1674878097577&rpt=401&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 03:54:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 18:50:38	Name: ts Value: vreXpYrS%3D1769572496%26vteXpYrS%3D1674879896%26vr%3Df68394a11850a7a0a347e462ffbb9530%26vt%3Df68394a11850a7a0a347e462ffbb952f%26vtyp%3Dnew
.paypal.com/	1970-01-20 18:50:38	Name: ts_c Value: vr%3Df68394a11850a7a0a347e462ffbb9530%26vt%3Df68394a11850a7a0a347e462ffbb952f
.usenix.org.uk/	1970-01-20 18:36:14	Name: __gads Value: ID=adf9b7b722e54e56-223e1a0c71db00a4:T=1674878096:RT=1674878096:S=ALNI_MapTubX1HFuqqnyq5DNRCpdDZwkkA
.usenix.org.uk/	1970-01-20 18:36:14	Name: __gpi Value: UID=00000bab6302e191:T=1674878096:RT=1674878096:S=ALNI_MZ-T50wTnz_Lr2G6CxPSDLZB4jSrw
.doubleclick.net/	1970-01-20 18:36:14	Name: IDE Value: AHWqTUnveqrXZv_3t6XtZlhTK8BxJWOQyzS99TNE2bIr_SRuiSMIhGgxcUuKzlSIzSM
.doubleclick.net/	1970-01-20 09:14:41	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-20 18:00:14	Name: gid_CAESEDuLSxlt8SvX1JsVPETGvJ0 Value: 1
.ctnsnet.com/	1970-01-20 18:00:14	Name: cid_c71a034076ad4166b8b4b32a61e88f40 Value: 1
.ctnsnet.com/	1970-01-20 18:00:14	Name: cid_650a2294c73c4f2faf6a562bde4d1461 Value: 1
.ctnsnet.com/	1970-01-20 18:00:14	Name: gid_CAESEPCs8gzUliorRNvYNpS7rTI Value: 1
.simpli.fi/	1970-01-20 18:01:40	Name: suid Value: D968862D6DA14CBC88693710A03ADEDE
.360yield.com/	1970-01-20 11:24:14	Name: tuuid Value: 38d80625-a048-45d4-8d30-aec65c3ab2c0
.360yield.com/	1970-01-20 11:24:14	Name: tuuid_lu Value: 1674878098
.lijit.com/	1970-01-20 18:00:14	Name: ljt_reader Value: GD1KuGZHYjaidvuXQYWwPJIZ
.yahoo.com/	1970-01-20 18:00:35	Name: A3 Value: d=AQABBJKc1GMCEJkuPlt-FzqyJ3cValypx5EFEgEBAQHu1WPeYwAAAAAA_eMAAA&S=AQAAAgJkTNyh3B3zQhW077NyPoQ
.mathtag.com/	1970-01-20 18:40:33	Name: uuid Value: 9d3c63d4-9c92-4b00-9dba-2cb74d24785d
.mathtag.com/	1970-01-20 09:57:50	Name: mt_mop Value: 4:1674878098
.tribalfusion.com/	1970-01-20 11:24:14	Name: ANON_ID Value: aUnseFON6Jf8ZbUxrbOFRiZaZddUR3U3xDE1jWVrUQEUHbLe8OxO4yU184Fdfmjh3tp2Zc5K6oPFA0VqUuBlEUxd
.casalemedia.com/	1970-01-20 18:00:14	Name: CMID Value: Y9SckjU0U73YaSi2GIGKLwAA
.casalemedia.com/	1970-01-20 11:24:14	Name: CMPS Value: 2047
.casalemedia.com/	1970-01-20 11:24:14	Name: CMPRO Value: 2047

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.co.uk
adservice.google.com
all.s5h.net
ap.lijit.com
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
match.360yield.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
s.ad.smaato.net
s.tribalfusion.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.usenix.org.uk
104.111.217.42
104.18.33.19
142.250.185.226
151.101.194.133
185.29.134.248
185.86.137.121
192.229.221.25
2001:ba8:1f1:f1cb::2
216.52.2.30
2600:9000:211e:2000:1b:5138:8a40:93a1
2606:4700::6812:18ad
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:400d:806::2003
2a00:1450:400d:80e::200a
2a05:d018:d29:3601:b1a5:7b6d:79a3:e8f
35.186.193.173
35.204.74.118
52.208.224.138
69.173.144.139
85.119.82.99
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
104ac3fb437e80e0dda20769f7d6af7ccd4f74a6da00cba8d5fc51286fedb734
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
23f166e2f90b11c5b6435ab03f92729da5f68b5b443dbdd143aa04d6b9be1e60
29d4cc6f43cacfb46e1e858f5ca264860461681a070c450b26c9e4baf4a608e7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3d2b176ca152fac747f55255c4619608a106059479150347cc83c6114100ec13
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
49abb010ce00c1361acb8377fe6b6d2d78b13d11b11121a5d3c86b2e2cdd5b2d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c7b44332fe2b0aaeaac77ee2752a4c7862ef7bc2ae9c765defed0397405bcb1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
6c34961c759b0d60feb55e1a266bf1c23af80f5d08101a021769abb8a488c57f
6eb969e9f68cc3d0898a8608942ed0a0dd3e6da1d322258847e45bfe6cef07bc
6f9788d7e66abe87bcc3b3da018a88a09a3092be671c3f7b87ca1ee8eee2b1d5
753b97fadc48db387ccb8dd73bf9e88f5da457699a3b8cac862cd677c8e4bb86
767f5491751a224804c42011eb4364b48e8668a1c0995ef61792748fda83c9f5
8c5351e6e132f0143c340d7239b87c643fad83d159c48c5c6a0fb816bb55de92
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687
98f6eab7e7cbc1753e32f2567ff67d2742689f379e68b285d88cbd304f7b3492
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a32cc95299ce641ad0e2e62c49d2fb912641adaa199fa9347b0c7f762d6a2350
a3b3c9e267a772b2697c160127234b76a1f2e3ff13f1edd3ada08f7c0e059fe2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b2398ada8bae981d1808b36bc39871255040206ab509f1f181d4739e6cae5c4e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6404a05323e54827e6fa207255a27af4a216b6597f929763975ed7e52a47d07
c8e3d4a2cc549ba5e51867d426f3e98a0112231497f355dd1ec6815ba67f14dd
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3df4cb291a94e29327e631b40d71056268370db44d9e634fa9cc60b2b1fad3c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f99792ff0f45e2671ca7144ef12f689c6804a0516f884463606d7dd34ba880c6

www.usenix.org.uk Open in urlscan Pro 2001:ba8:1f1:f1cb::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

83 %HTTPS

52 %IPv6

24 Domains

29 Subdomains

17 IPs

7 Countries

939 kBTransfer

2506 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.usenix.org.uk Open in urlscan Pro
2001:ba8:1f1:f1cb::2 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

83 %
HTTPS

52 %
IPv6

24
Domains

29
Subdomains

17
IPs

7
Countries

939 kB
Transfer

2506 kB
Size

21
Cookies

100 HTTP transactions
5 data transactions