www.usenix.org.uk Open in urlscan Pro
2001:ba8:1f1:f1cb::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://all.s5h.net/
Effective URL:
http://www.usenix.org.uk/content/rbl.html
Submission: On March 17 via manual (March 17th 2023, 11:54:00 am UTC) from IN — Scanned from GB

Summary HTTP 103 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 8 countries across 26 domains to perform 103 HTTP transactions. The main IP is 2001:ba8:1f1:f1cb::2, located in United Kingdom and belongs to JUMP, GB. The main domain is www.usenix.org.uk.

This is the only time www.usenix.org.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.119.82.99 85.119.82.99	8943 (JUMP) (JUMP)
3	2001:ba8:1f1:... 2001:ba8:1f1:f1cb::2	8943 (JUMP) (JUMP)
13	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1 1	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
16	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
4 13	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
103	21

1 85.119.82.99 (London, United Kingdom) 1 redirects

ASN8943 (JUMP, GB)
PTR: s5h.net

all.s5h.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:ba8:1f1:f1cb::2 (United Kingdom)

ASN8943 (JUMP, GB)

www.usenix.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.14 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.220 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	407 KB
28	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	147 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	132 KB
9	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	5 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	194 KB
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 24502	1 KB
3	google.ca adservice.google.ca — Cisco Umbrella Rank: 13100	818 B
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2246	3 KB
3	usenix.org.uk www.usenix.org.uk	6 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 425	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 752 s.tribalfusion.com — Cisco Umbrella Rank: 1848	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1230	460 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1798	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770 r.turn.com — Cisco Umbrella Rank: 3354	869 B
1	avads.net 1 redirects ads.avads.net — Cisco Umbrella Rank: 24924	441 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 5043	233 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 272	490 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6097	554 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2706	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	606 B
1	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2362	941 B
1	s5h.net 1 redirects all.s5h.net	278 B
0	aura-dsp.com Failed sync-dmp.aura-dsp.com Failed
103	26

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	www.usenix.org.uk pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	www.gstatic.com	googleads.g.doubleclick.net
6	www.google.com	3 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	sync.gonet-ads.com	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.ca	pagead2.googlesyndication.com
3	www.paypalobjects.com	www.usenix.org.uk
3	www.usenix.org.uk	www.usenix.org.uk
2	fonts.gstatic.com	fonts.googleapis.com
2	ssum-sec.casalemedia.com	2 redirects
2	c1.adform.net	2 redirects
2	sync.teads.tv	1 redirects
2	e.dlx.addthis.com	2 redirects
2	sync.mathtag.com	2 redirects
1	ads.avads.net	1 redirects
1	dsp.adkernel.com	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	s0.2mdn.net
1	ads.travelaudience.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.paypal.com	1 redirects
1	all.s5h.net	1 redirects
0	sync-dmp.aura-dsp.com Failed	googleads.g.doubleclick.net
103	32

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh

This page contains 18 frames:

Primary Page: http://www.usenix.org.uk/content/rbl.html
Frame ID: C8624588223B785ECE65F3EEFE8016A6
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: 69C0673EA5F034236CB441003CC79E5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&adk=1812271804&adf=3025194257&lmt=1552829327&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&ea=0&pra=5&wgl=1&dt=1679054035612&bpp=7&bdt=443&idt=285&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2861339095584&frm=20&pv=2&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=302
Frame ID: 052F0903C970DA9053ECE31F5E80C15D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5
Frame ID: 4B3A32799D7793B13AA26B9056FACDCC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=1&bdt=2006&idt=1&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NTlq1TVh19&p=http%3A//www.usenix.org.uk&dtd=11
Frame ID: 0125D612A67F06E4279CE69873F23239
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: 12B46B2831D3BD7489F067394273EA16
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: C235E2B7E234235AF7F160E968AEF130
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 96CA4E7E81694EB82E5DCA8458E77927
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 77980E5B68001329D305750DDFAF17F0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05975538D7DB0C1C499715B3ABA69767
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA3D1D241BC1A05866752541317540C2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EE8EAEEE7C9F968CF0F94EBCECF62C6A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js
Frame ID: 3598DFE3DB6A3B2F2BE7F8BC26CC7B31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B5E228633EFD381D059623E6561C175A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 314E9534B02BB06877EC4266F65028B0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8370246E6FCCADBE2D5DC63256AA8271
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js
Frame ID: 5CF5584D022A7A3195DF99AEC8F19816
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js
Frame ID: 7EEFDFCCD3D1115ACBA124197D71C9E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RBL page

Page URL History Show full URLs

http://all.s5h.net/ HTTP 301
http://www.usenix.org.uk/content/rbl.html Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

103
Requests

84 %
HTTPS

52 %
IPv6

26
Domains

32
Subdomains

21
IPs

8
Countries

899 kB
Transfer

2478 kB
Size

29
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://all.s5h.net/ HTTP 301
http://www.usenix.org.uk/content/rbl.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.paypal.com/en_GB/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_GB/i/scr/pixel.gif

Request Chain 50

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 52

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 84

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGUd2Mw7gMCc3vpDI6_LW5w&google_cver=1&google_push=Aa02lx9-bCyeURRgvSqbQ2VmMF4_7PEJc9zBF4cTWX6VxqjXq79JQB62w-4wG6MDTNT7XlCaQzd19oxd58zhUji1zPLKS7KInIICNA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg4MDA4OTUxNjg5OTk3ODczNQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMiuqGB6FLsqaInzJW-A8rQ&google_cver=1

Request Chain 86

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMuu27BFCMCKF9iCSZdHgc8&google_cver=1&google_push=Aa02lx-tcrSoTjyswHkCKEdtJn9azEtef-R2i_VIcTJQ-fbi4vbhbU-IRKFV43ZInAgi-8Wnb9aR5AOGwqw88BXM1FLOLlaIKT0_og HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-tcrSoTjyswHkCKEdtJn9azEtef-R2i_VIcTJQ-fbi4vbhbU-IRKFV43ZInAgi-8Wnb9aR5AOGwqw88BXM1FLOLlaIKT0_og

Request Chain 87

https://ads.travelaudience.com/google_pixel?google_gid=CAESEO7prjfzOj236ko8mNWiCPE&google_cver=1&google_push=Aa02lx_wPiRBc1uGpfpghUEsSAUQKz9EM_PzUpKi3NOLme5vDaUh6CvMrn9DFNy8i7QpHIF1oKi4tycm6y72tqMGIMEL9IMAghpHaw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Dt89inmSnK7mqRK-JFAKg2&google_push=Aa02lx_wPiRBc1uGpfpghUEsSAUQKz9EM_PzUpKi3NOLme5vDaUh6CvMrn9DFNy8i7QpHIF1oKi4tycm6y72tqMGIMEL9IMAghpHaw

Request Chain 88

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Tb3BBbtUgvwk41NlnyqEwo2XMInL1oB8AKpU3YYM6-zfc3QN0lcAxjOyo2SLAvGNX8-0ohO5vgWqWJDR_eA3zM56_ugOwyw&google_gid=CAESEFPasTZKb7yZk65t_V_IHWQ&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Tb3BBbtUgvwk41NlnyqEwo2XMInL1oB8AKpU3YYM6-zfc3QN0lcAxjOyo2SLAvGNX8-0ohO5vgWqWJDR_eA3zM56_ugOwyw&google_gid=CAESEFPasTZKb7yZk65t_V_IHWQ&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMTcxMTUzNTgwMDAxMzc3NzYzODg3Mw%3D%3D&google_push=Aa02lx8Tb3BBbtUgvwk41NlnyqEwo2XMInL1oB8AKpU3YYM6-zfc3QN0lcAxjOyo2SLAvGNX8-0ohO5vgWqWJDR_eA3zM56_ugOwyw

Request Chain 89

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEry79c_QchNCK6wqrd7uH4&google_cver=1&google_push=Aa02lx9dunOVfD8oaRscBEjRkjPqdJ5H_AxjEpSOKdGJe6vjcX4OYMX4P7vSfGJTMjF2dDk4V-u-mTO_Va05OJN8s_M3dBCbxXTNW6c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9dunOVfD8oaRscBEjRkjPqdJ5H_AxjEpSOKdGJe6vjcX4OYMX4P7vSfGJTMjF2dDk4V-u-mTO_Va05OJN8s_M3dBCbxXTNW6c HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 90

https://sync.gonet-ads.com/match/google?google_gid=CAESEP-jdrXCAUtszrbEYShxGtU&google_cver=1&google_push=Aa02lx-Ov5CydqwcjnXO96Z0c2k9o3MNzTHQD8HFpB-rDZ4E2k83MTbbnNDPo5LBkvj-FG1qzLAQYx34a4oN84Z1Zozf7fyilyQ-5zI HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEP-jdrXCAUtszrbEYShxGtU&google_cver=1&google_push=Aa02lx-Ov5CydqwcjnXO96Z0c2k9o3MNzTHQD8HFpB-rDZ4E2k83MTbbnNDPo5LBkvj-FG1qzLAQYx34a4oN84Z1Zozf7fyilyQ-5zI&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmEyNjdmY2QyOTRhOWZhYQ&google_push=Aa02lx-Ov5CydqwcjnXO96Z0c2k9o3MNzTHQD8HFpB-rDZ4E2k83MTbbnNDPo5LBkvj-FG1qzLAQYx34a4oN84Z1Zozf7fyilyQ-5zI HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmEyNjdmY2QyOTRhOWZhYQ&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGS5MNTTByHWSx44nhKzjCA&google_cver=1&google_push=Aa02lx_GfcYrVOpk0aB7TysawB3r43UB4PoXdcLZj5wZmPakSdoekWw0dtwGpkGGVlw9g1jqQAYF-j2Uu1h7v0LjfnDFRtrFsabYqw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_GfcYrVOpk0aB7TysawB3r43UB4PoXdcLZj5wZmPakSdoekWw0dtwGpkGGVlw9g1jqQAYF-j2Uu1h7v0LjfnDFRtrFsabYqw

Request Chain 94

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG7pt7ulRGtQvQ7cXZDMDWQ&google_cver=1&google_push=Aa02lx9Mn33AM1NRx3gCpB0gvzDT7WgitgAVhu9G6B24ArONXDeXQqdxngAPfDLMwTI_lSdSnUYzwm0A_5XNIe4hpcj75IReCS4DVQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9Mn33AM1NRx3gCpB0gvzDT7WgitgAVhu9G6B24ArONXDeXQqdxngAPfDLMwTI_lSdSnUYzwm0A_5XNIe4hpcj75IReCS4DVQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG7pt7ulRGtQvQ7cXZDMDWQ&google_cver=1&google_push=Aa02lx9Mn33AM1NRx3gCpB0gvzDT7WgitgAVhu9G6B24ArONXDeXQqdxngAPfDLMwTI_lSdSnUYzwm0A_5XNIe4hpcj75IReCS4DVQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9Mn33AM1NRx3gCpB0gvzDT7WgitgAVhu9G6B24ArONXDeXQqdxngAPfDLMwTI_lSdSnUYzwm0A_5XNIe4hpcj75IReCS4DVQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 95

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAKNblP3O3pXJbZqyKYcO9U&google_cver=1&google_push=Aa02lx8Xy2MWjs5HT_a-61YW6jpcFGhlMHdpCArsz7IEbWEgFDSzfjnvuUqGIOB1s3mDiQVMlARPbV7JYv0BnuwW4hb2owqj8KfFlw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAKNblP3O3pXJbZqyKYcO9U&google_cver=1&google_push=Aa02lx8Xy2MWjs5HT_a-61YW6jpcFGhlMHdpCArsz7IEbWEgFDSzfjnvuUqGIOB1s3mDiQVMlARPbV7JYv0BnuwW4hb2owqj8KfFlw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg5MTc0OTMzMjgwNzkyNjAxMw&google_push=Aa02lx8Xy2MWjs5HT_a-61YW6jpcFGhlMHdpCArsz7IEbWEgFDSzfjnvuUqGIOB1s3mDiQVMlARPbV7JYv0BnuwW4hb2owqj8KfFlw

Request Chain 97

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAj86PjhvTpwNxz5cPhOIGM&google_cver=1&google_push=Aa02lx-roR7gt-xYZmKsZ-j20UH59pYS0l2yGnNAo_r1PbaAomETxV0vO_sIx8CAwI2r1gdsDXAxxhcSrdVOTR6VfJ4szQjF0nt2Lw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAj86PjhvTpwNxz5cPhOIGM&google_push=Aa02lx-roR7gt-xYZmKsZ-j20UH59pYS0l2yGnNAo_r1PbaAomETxV0vO_sIx8CAwI2r1gdsDXAxxhcSrdVOTR6VfJ4szQjF0nt2Lw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAj86PjhvTpwNxz5cPhOIGM&google_hm=ZBRU1sp8TaNvwUxMta9l1gAAFD8AAAAB&google_nid=index&google_push=Aa02lx-roR7gt-xYZmKsZ-j20UH59pYS0l2yGnNAo_r1PbaAomETxV0vO_sIx8CAwI2r1gdsDXAxxhcSrdVOTR6VfJ4szQjF0nt2Lw

Request Chain 98

https://ads.avads.net/sync/ggl?google_gid=CAESEANvEElcgF9ZVmIpIz4Es6w&google_cver=1&google_push=Aa02lx-EEejPnhKNmxuWcbe4aMUqx4obaCp4YPjAOz8Q7c-RkOgDQsFm0mInOHksSUXTAI8YcOGQz1HLsglepWv6av-WtuyuMlr2DvM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=Y2UxNjY1MzQtMTVlNy00ZGFiLTgzM2ItZjQ1OWZjZDIwZjk4&google_push=Aa02lx-EEejPnhKNmxuWcbe4aMUqx4obaCp4YPjAOz8Q7c-RkOgDQsFm0mInOHksSUXTAI8YcOGQz1HLsglepWv6av-WtuyuMlr2DvM

103 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request rbl.html Show response
www.usenix.org.uk/content/
Redirect Chain

http://all.s5h.net/
http://www.usenix.org.uk/content/rbl.html

10 KB
5 KB

123ms
57ms

Document
text/html

2001:ba8:1f1:f1cb::2
JUMP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.usenix.org.uk/content/rbl.html
Protocol: HTTP/1.1
Server: 2001:ba8:1f1:f1cb::2 , United Kingdom, ASN8943 (JUMP, GB),
Reverse DNS
Software: Apache/2.4.54 (Debian) /
Resource Hash: 49abb010ce00c1361acb8377fe6b6d2d78b13d11b11121a5d3c86b2e2cdd5b2d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4314
Content-Type: text/html
Date: Fri, 17 Mar 2023 11:53:55 GMT
ETag: "28cc-5844a406ec1c0-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Sun, 17 Mar 2019 13:28:47 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 326
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 17 Mar 2023 11:53:55 GMT
Keep-Alive: timeout=5, max=100
Location: http://www.usenix.org.uk/content/rbl.html
Server: Apache/2.4.54 (Debian)

GET
H/1.1 200
OK style.v2.css
www.usenix.org.uk/content/ 1 KB
1017 B 57ms
56ms Stylesheet
text/css 2001:ba8:1f1:f1cb::2
JUMP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.usenix.org.uk/content/style.v2.css
Requested by: Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html
Protocol: HTTP/1.1
Server: 2001:ba8:1f1:f1cb::2 , United Kingdom, ASN8943 (JUMP, GB),
Reverse DNS
Software: Apache/2.4.54 (Debian) /
Resource Hash: 29d4cc6f43cacfb46e1e858f5ca264860461681a070c450b26c9e4baf4a608e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/content/rbl.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 11:53:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Dec 2018 17:41:57 GMT
Server: Apache/2.4.54 (Debian)
ETag: "5d1-57dc81d0b821b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 616
Expires: Fri, 17 Mar 2023 11:53:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 315ms
178ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07f41c8f66d110dcbc2121c18186aba67ef80863f6e8c7b5a5cab4f4acfe2a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48531
x-xss-protection: 0
server: cafe
etag: 8817461947462964829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 11:53:55 GMT

GET
H2 200 btn_donate_SM.gif
www.paypalobjects.com/en_GB/i/btn/ 1 KB
2 KB 238ms
54ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_GB/i/btn/btn_donate_SM.gif

Requested by

Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB8) /

Resource Hash

154f3a9ed4f3ac0059fc18337f3cb4d28103f349b3e256458f6a39b23d3c092b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:27 GMT
server: ECAcc (frc/4CB8)
etag: "5d5637b7-5d3"
x-cache: HIT
content-type: image/gif
paypal-debug-id: 5a713fc1c1103
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 1491
expires: Fri, 17 Mar 2023 12:53:55 GMT

GET
H2

200

pixel.gif
www.paypalobjects.com/en_GB/i/scr/
Redirect Chain

https://www.paypal.com/en_GB/i/scr/pixel.gif
https://www.paypalobjects.com/en_GB/i/scr/pixel.gif

43 B
225 B

55ms
54ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_GB/i/scr/pixel.gif

Requested by

Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D03) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 9bfda9c249ea7
dc: ccg11-origin-www-1.paypal.com
content-length: 43
last-modified: Fri, 16 Aug 2019 04:57:27 GMT
server: ECAcc (frc/4D03)
traceparent: 00-00000000000000000009bfda9c249ea7-12c37513b66dbad8-01
etag: "5d5637b7-2b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 17 Mar 2023 12:53:55 GMT

Redirect headers

date: Fri, 17 Mar 2023 11:53:55 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: f3959024aa998
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-served-by: cache-hhn-etou8220028-HHN
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f3959024aa998-575068e5d900f379-01
x-timer: S1679054035.379347,VS0,VE138
location: https://www.paypalobjects.com/en_GB/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK 1x1.gif
www.usenix.org.uk/content/pictures/ 35 B
383 B 67ms
56ms Image
image/gif 2001:ba8:1f1:f1cb::2
JUMP

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.usenix.org.uk/content/pictures/1x1.gif
Requested by: Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html
Protocol: HTTP/1.1
Server: 2001:ba8:1f1:f1cb::2 , United Kingdom, ASN8943 (JUMP, GB),
Reverse DNS
Software: Apache/2.4.54 (Debian) /
Resource Hash: ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/content/rbl.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 11:53:55 GMT
Last-Modified: Sun, 01 Jun 2014 16:31:51 GMT
Server: Apache/2.4.54 (Debian)
ETag: "23-4fac8d0d70bc0"
Content-Type: image/gif
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 35
Expires: Fri, 17 Mar 2023 11:53:55 GMT

GET
H2 200 btn_donate_SM.gif
www.paypalobjects.com/en_GB/i/btn/ 1 KB
2 KB 214ms
56ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_GB/i/btn/btn_donate_SM.gif

Requested by

Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB8) /

Resource Hash

154f3a9ed4f3ac0059fc18337f3cb4d28103f349b3e256458f6a39b23d3c092b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:27 GMT
server: ECAcc (frc/4CB8)
etag: "5d5637b7-5d3"
x-cache: HIT
content-type: image/gif
paypal-debug-id: 5a713fc1c1103
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 1491
expires: Fri, 17 Mar 2023 12:53:55 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/ 365 KB
121 KB 157ms
156ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

866310bbaa9dd66a7fe6abc679401d3a8143835c9d45cd6024bb7269a02fd257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123392
x-xss-protection: 0
server: cafe
etag: 890855132579805627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 11:53:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame 69C0 10 KB
5 KB 183ms
53ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 47308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 22:45:27 GMT
etag: 2378337311435320485
expires: Thu, 30 Mar 2023 22:45:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 267ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.usenix.org.uk&callback=_gfp_s_&client=ca-pub-1713338079903901

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcd7c49f2af2bf9648e1e79cd74c7caf946e86f3d37cef9193d1143c22a148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
531 B 283ms
67ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 265ms
67ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 052F 249 KB
60 KB 1151ms
1150ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&adk=1812271804&adf=3025194257&lmt=1552829327&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&ea=0&pra=5&wgl=1&dt=1679054035612&bpp=7&bdt=443&idt=285&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2861339095584&frm=20&pv=2&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=302

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dd13ff52b181695d5b8e7358ab9954138903e78d3d1303661a2c1be6084762d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61011
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:53:57 GMT
expires: Fri, 17 Mar 2023 11:53:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 211ms
103ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230315&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c4ba8be84d795e63e6fb4a20d2589cffcde26ab0e18db6cc9bd1ace34a3a928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11335
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/ 149 KB
51 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fce49e94e6f7e0cee13699946be1bf95b435a03e2d464714840857a219148d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52047
x-xss-protection: 0
server: cafe
etag: 11846567131750137549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
165 B 68ms
67ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 66ms
65ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B3A 103 KB
35 KB 689ms
689ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7f28096de45ce86cab51849f0e866dc2956b5216520fff72d5ce8ae4472086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36167
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:53:57 GMT
expires: Fri, 17 Mar 2023 11:53:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0125 99 KB
36 KB 610ms
609ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=1&bdt=2006&idt=1&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NTlq1TVh19&p=http%3A//www.usenix.org.uk&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

508f45a834b2d91c88d2edd78c89679a50ee8c5982862312c4d9f3ea5f486445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36391
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:53:57 GMT
expires: Fri, 17 Mar 2023 11:53:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 66ms
65ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 63ms
62ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.usenix.org.uk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame 12B4 10 KB
4 KB 57ms
57ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 45144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 23:21:33 GMT
etag: 2378337311435320485
expires: Thu, 30 Mar 2023 23:21:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame C235 10 KB
4 KB 57ms
57ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 45144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 23:21:33 GMT
etag: 2378337311435320485
expires: Thu, 30 Mar 2023 23:21:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 12B4 4 KB
1 KB 189ms
66ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:05:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 12B4 205 B
295 B 181ms
57ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:01:03 GMT
x-content-type-options: nosniff
age: 10374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 16 Mar 2024 09:01:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 12B4 604 B
918 B 180ms
56ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 10:48:53 GMT
x-content-type-options: nosniff
age: 3904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 16 Mar 2024 10:48:53 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/ Frame 12B4 20 KB
9 KB 185ms
56ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:18:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 16448057571289220057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:18:58 GMT

GET
H2 200 0f98ab093493e21e6a1e2127137795a3.js Show response
www.gstatic.com/mysidia/ Frame C235 10 KB
5 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0f98ab093493e21e6a1e2127137795a3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b87eb697514c4f7f78d19319a9f7f9ec477787d3c6060ae86eb7cb04a64eac13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 03:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4382
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 03:52:31 GMT

GET
H2 200 ec50de85495f28590e259a5bfc1feac2.js Show response
www.gstatic.com/mysidia/ Frame C235 11 KB
5 KB 222ms
107ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ec50de85495f28590e259a5bfc1feac2.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d12fcbeb7624beef6c90755330fd5dfc2fd155c8e1f596129c9531821c5a85be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 03:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4795
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 03:52:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C235 8 KB
968 B 178ms
66ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 11:40:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame C235 2 KB
846 B 229ms
110ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:12:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame C235 22 KB
9 KB 183ms
64ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:08:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame C235 3 KB
1 KB 231ms
112ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 10:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 10:34:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame C235 20 KB
9 KB 190ms
71ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:07:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C235 158 KB
49 KB 203ms
67ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame C235 34 KB
14 KB 170ms
58ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:42:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 01:51:49 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 230ms
112ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15679027146110370484/ Frame C235 7 KB
8 KB 58ms
57ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15679027146110370484/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4967497bf203ce180a348826931b796a26b57b94b0f67567bbc210b4fb07063e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 01:09:47 GMT
x-content-type-options: nosniff
age: 125050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7449
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 05:46:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Mar 2024 01:09:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 96CA 8 KB
968 B 75ms
74ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:37:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 96CA 2 KB
799 B 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:12:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 96CA 22 KB
9 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:08:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 96CA 3 KB
1 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 10:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 10:34:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 96CA 20 KB
8 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:07:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 96CA 158 KB
48 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 96CA 34 KB
14 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:42:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 01:51:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C235 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDvsk1FQUZJcr57uFBtu7t_AFwLnqx2-6wr69hhGm--GOjA4QASDKzal_YH2gAbeYgaIoyAEBqQJL7zMYOx15PqgDAaoE4QFP0HKfBoJ_UF50PfFc-wP-h0lD0et86MG-vcXZq4eUuIVTe3y4MfEbJC_YVYJnq0FgQwI5wtgbFDkYXHJdumd81RUiZGQuxTXtmJVsUa4TzjGMfLbNCNXfG5bd-Rx-tTvcDj5FbWTD-JUK4Bf9GTQg-7NBeOuwy2-9Fp41wgt-kpPyfsjAs4asDYDY7tZsZiDmQPODfVPzbcGsvL1aS-9ZVJ1YzSJAC6SrTU2SobcQDwDBdDFyQWlY6IMCVpUJiTbA_mJj6QHJsalynRBzx5hVkDGTHkiaN7C6nuOm1pNWciXABN3fl4X8A5IFBAgEGAGSBQQIBRgEgAfr6dycA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOqRBtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0xNzEzMzM4MDc5OTAzOTAxGAA&sigh=vrqe95n11fU&uach_m=[UACH]&cid=CAQSGwDUE5ym7GDUHIYYC3HDC1-TvpwIFdo6BbLH9BgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Mar 2023 11:53:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7798 143 B
166 B 57ms
56ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 10:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C235 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adad5f22158dc5d228118c864c4fec00269070dc1eb8db5a86846d63351d0447

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0597 13 KB
5 KB 55ms
53ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:20:04 GMT
expires: Sat, 16 Mar 2024 11:20:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BA3D 783 B
1 KB 189ms
66ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bbe1bb0e650597b51ca996f7abd9a7440162833f74d4668c1d506db7a3dcc83e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nQoMvEvI4xcA-KfZMNmgog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.usenix.org.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-nQoMvEvI4xcA-KfZMNmgog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:53:57 GMT
expires: Fri, 17 Mar 2023 11:53:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE8E 143 B
166 B 59ms
58ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 10:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7798
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

89ms
89ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:53:57 GMT
expires: Fri, 17 Mar 2023 11:53:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:53:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0597 36 KB
14 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 05:03:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE8E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

88ms
88ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:53:57 GMT
expires: Fri, 17 Mar 2023 11:53:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:53:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3598 36 KB
14 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js

Requested by

Host: www.usenix.org.uk
URL: http://www.usenix.org.uk/content/rbl.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 05:03:55 GMT

GET
H3 200 0f98ab093493e21e6a1e2127137795a3.js Show response
www.gstatic.com/mysidia/ Frame 0125 10 KB
4 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0f98ab093493e21e6a1e2127137795a3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=1&bdt=2006&idt=1&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NTlq1TVh19&p=http%3A//www.usenix.org.uk&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b87eb697514c4f7f78d19319a9f7f9ec477787d3c6060ae86eb7cb04a64eac13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 03:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4382
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 03:52:31 GMT

GET
H3 200 ec50de85495f28590e259a5bfc1feac2.js Show response
www.gstatic.com/mysidia/ Frame 0125 11 KB
5 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ec50de85495f28590e259a5bfc1feac2.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d12fcbeb7624beef6c90755330fd5dfc2fd155c8e1f596129c9531821c5a85be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 03:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4795
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 03:52:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0125 8 KB
895 B 62ms
62ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 11:40:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 0125 2 KB
765 B 117ms
116ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:12:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 0125 22 KB
9 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:08:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 0125 3 KB
1 KB 146ms
145ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 10:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 10:34:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 0125 20 KB
8 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:07:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0125 0
0 128ms
127ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSC0xFBxRZOCNmsTYsVfYR_OnqFpPTbJkOBPQYGpZfh8SXhDBdARTE6azyGo5SvRZhP4tOeayrtVVI5X6hKmUK82TkKLg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=1&bdt=2006&idt=1&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NTlq1TVh19&p=http%3A//www.usenix.org.uk&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0125 158 KB
48 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 11:53:58 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 0125 34 KB
14 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:42:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 01:51:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4B3A 8 KB
895 B 115ms
115ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 11:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 09:58:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 4B3A 2 KB
765 B 114ms
114ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:12:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA3D 0
0 113ms
112ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230315&jk=2115126909912828&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/405684062892814923/ Frame 4B3A 14 KB
14 KB 103ms
103ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/405684062892814923/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

676bd6b1649a9462d62da462d5df9bb459445ed5a413ca36bf9316807b59b0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 08:06:27 GMT
x-content-type-options: nosniff
age: 13650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14160
x-xss-protection: 0
last-modified: Sun, 30 Oct 2022 13:03:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Mar 2024 08:06:27 GMT

GET
DATA 200
OK truncated
/ Frame 4B3A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4B3A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0125 0
0 158ms
158ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CY-xP1VQUZMPSDojitwekrpOIBq3216xu_4Gh__EOq5T0_QgQASDKzal_YH2gAY3s5NkCyAEBqQI5SCpuC4aoPqgDAcgDywSqBN8BT9Cc8wDWvBaDC8WzHIy2jACiFnbCMUzK5dM6kcOTxLiNOhTiumvEngay8ONvREFNFCe-12UtQ0K6UzrUB6SOsHXc2aJnWaENMnSxhO7XBoA1wbGNPz8TOa1lLa8E2x-rsTADMp8v_OroyFtoaoEdFHLpz9sHQ3-E40rKXBQanuVTYuUuqTb9zoQME0IPA1hFpVmjfLER3soOqjiyGOWtK1LkTJEZnRqxkfvS7jOZOj8TXgqAt_CjW3gslqPPJa00nQsi8gdcU4SXJPORK9M6Cw3YiVIf0B-l2EZPXNom5sAEoMCdzOYDkgUECAQYAZIFBAgFGASAB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQkJkK0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMNiBQJ0BUBgBcBshccChoIABIUcHViLTE3MTMzMzgwNzk5MDM5MDEYAA&sigh=6QZ2_fvaTXQ&uach_m=[UACH]&cid=CAQSOwDUE5ymBjq9Bo81UNMRST4OO9itmUZikOCyHWIY1MAQrGV51yZUdsmiLlU_ahEjObt-fWTM7zqQQ2zPGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=1&bdt=2006&idt=1&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NTlq1TVh19&p=http%3A//www.usenix.org.uk&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Mar 2023 11:53:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B3A 0
0 152ms
152ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwDl31VQUZKucDpnvtwen6KiIBq3216xu_4Gh__EOq5T0_QgQASDKzal_YH2gAY3s5NkCyAEJqQI5SCpuC4aoPqgDAcgDywSqBN8BT9DXfxYSxgc-jByS6A3YWk0gpD4wu6vemArc7cdHciwviG-fizruVLN1K6xv4q_O8tx3-vbkovGtdICpOpB2mWBREzOJ8TTeGeVq1pfM9LTdOLSs3PJVAEJJJZjoZASdAYO1AquuEgMP4209fPL-AGTnhDvzxlHMjwdyx9J85JnK1MP_66_XXWbT4nTQuIIy7mbIOHlflsqF22-6Rln7L12Gtl5lpytW0rQ14BDPAoePRBkYMtLT2YFE17EpwwFNanJl4YzrzYNNOrykaLuoCKk_wPdmnkHb5u2petPfisAEoMCdzOYDkgUECAQYAZIFBAgFGASgBi6AB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQzd8P0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMNiBQJ0BUBgBcBshccChoIABIUcHViLTE3MTMzMzgwNzk5MDM5MDEYAA&sigh=2AfqVwn8G-M&uach_m=[UACH]&cid=CAQSOwDUE5ymJgU_pO_vB5SaOFLdl-6zYnIvkkVLK4yvuCU1PZQBsBj9o7kC-ErCR6Y5YKoPD1QEpO6MMK2DGAE&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Mar 2023 11:53:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 4B3A 22 KB
9 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:08:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 4B3A 3 KB
1 KB 134ms
134ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 10:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 10:34:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 4B3A 20 KB
8 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:07:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4B3A 0
0 116ms
115ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnFA56KMOL36-EX9p4iFwPHKl0Q-2tg6rpfdV-Qj4rSAisEMJAEQH7RyDOjL9zPdzK6f9K5YBOs2Ro2LVZfYM5EuusvQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B3A 158 KB
48 KB 135ms
134ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 11:53:58 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 4B3A 34 KB
14 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:42:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 01:51:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0597 0
10 B 104ms
104ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MUxMiA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B5E2 143 B
166 B 57ms
56ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=1&bdt=2006&idt=1&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NTlq1TVh19&p=http%3A//www.usenix.org.uk&dtd=11
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 10:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 314E 1 KB
643 B 57ms
57ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 84637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Fri, 17 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0125 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52eb6ba7b29e986b7b5d991822ba411fcd9600e29f5ffa2da22755ecf212f427

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8370 1 KB
643 B 57ms
57ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 84637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Fri, 17 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4B3A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93381b48da3009be20f06ccbf890f9147256bfdd75fe714f84207f2712cc137c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 314E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGUd2Mw7gMCc3vpDI6_LW5w&google_cver=1&google_push=Aa02lx9-bCyeURRgvSqbQ2VmMF4_7PEJc9zBF4cTWX6VxqjXq79JQB62w-4wG6MDTNT7XlCaQzd19oxd58zhUji1zPLKS7KInIICNA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg4MDA4OTUxNjg5OTk3ODczNQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMiuqGB6FLsqaInzJW-A8rQ&google_cver=1

43 B
398 B

226ms
57ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMiuqGB6FLsqaInzJW-A8rQ&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMiuqGB6FLsqaInzJW-A8rQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 314E 0
104 B 257ms
95ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMVWDkIcKSz0dzoOSwBMzUQ&google_cver=1&google_push=Aa02lx_NbrCMIfgFF1AHAuDvHBDwzZSKj7eG2ueGeYge8gvWPvmlqSG6G6vobeBVZGtldMfjjBvFc2a8dplmPgx4qt0MS7NXGgTXsA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=1080182727&pi=t.aa~a.846518323~i.58~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=1&bdt=2006&idt=1&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NTlq1TVh19&p=http%3A//www.usenix.org.uk&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 314E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMuu27BFCMCKF9iCSZdHgc8&google_cver=1&google_push=Aa02lx-tcrSoTjyswHkCKEdtJn9azEtef-R2i_VIcTJQ-fbi4vbhbU-IRKFV43ZInAgi-8Wnb9aR5AOGwqw88BXM...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-tcrSoTjyswHkCKEdtJn9azEtef-R2i_VIcTJQ-fbi4vbhbU-IRKFV43ZInAgi-8Wnb9aR5AOGwqw88BXM1FLOLlaIKT0_og

170 B
232 B

67ms
67ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-tcrSoTjyswHkCKEdtJn9azEtef-R2i_VIcTJQ-fbi4vbhbU-IRKFV43ZInAgi-8Wnb9aR5AOGwqw88BXM1FLOLlaIKT0_og

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Mar 2023 11:53:58 GMT
Server: MT3 569 46451a0 master zrh-pixel-x29 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-tcrSoTjyswHkCKEdtJn9azEtef-R2i_VIcTJQ-fbi4vbhbU-IRKFV43ZInAgi-8Wnb9aR5AOGwqw88BXM1FLOLlaIKT0_og
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 314E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEO7prjfzOj236ko8mNWiCPE&google_cver=1&google_push=Aa02lx_wPiRBc1uGpfpghUEsSAUQKz9EM_PzUpKi3NOLme5vDaUh6CvMrn9DFNy8i7QpHIF1oKi4tycm6y72tqMG...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Dt89inmSnK7mqRK-JFAKg2&google_push=Aa02lx_wPiRBc1uGpfpghUEsSAUQKz9EM_PzUpKi3NOLme5vDaUh6CvMrn9DFNy8i7QpHIF1oKi4tycm6y72tqMGIMEL9IMAghpHaw

170 B
329 B

67ms
67ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Dt89inmSnK7mqRK-JFAKg2&google_push=Aa02lx_wPiRBc1uGpfpghUEsSAUQKz9EM_PzUpKi3NOLme5vDaUh6CvMrn9DFNy8i7QpHIF1oKi4tycm6y72tqMGIMEL9IMAghpHaw

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Mar 2023 11:53:58 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Dt89inmSnK7mqRK-JFAKg2&google_push=Aa02lx_wPiRBc1uGpfpghUEsSAUQKz9EM_PzUpKi3NOLme5vDaUh6CvMrn9DFNy8i7QpHIF1oKi4tycm6y72tqMGIMEL9IMAghpHaw
x-host: tde-deliveryengine-production-86c874c4d8-njw5h
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 314E
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Tb3BB...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Tb3BB...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMTcxMTUzNTgwMDAxMzc3NzYzODg3Mw%3D%3D&google_push=Aa02lx8Tb3BBbtUgvwk41NlnyqEwo2XMInL1oB8AKpU3YYM6-zfc3QN0lcAxjOyo2SLAvG...

170 B
188 B

67ms
67ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMTcxMTUzNTgwMDAxMzc3NzYzODg3Mw%3D%3D&google_push=Aa02lx8Tb3BBbtUgvwk41NlnyqEwo2XMInL1oB8AKpU3YYM6-zfc3QN0lcAxjOyo2SLAvGNX8-0ohO5vgWqWJDR_eA3zM56_ugOwyw

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMTcxMTUzNTgwMDAxMzc3NzYzODg3Mw%3D%3D&google_push=Aa02lx8Tb3BBbtUgvwk41NlnyqEwo2XMInL1oB8AKpU3YYM6-zfc3QN0lcAxjOyo2SLAvGNX8-0ohO5vgWqWJDR_eA3zM56_ugOwyw
pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 17 Mar 2023 11:53:58 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 314E
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEry79c_QchNCK6wqrd7uH4&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9dunOVfD8oaRscBEjRkjPqdJ5H_AxjEpSOKdGJe6vjcX4OYMX4P7vSfGJTMjF2dDk4V-u-mTO_Va05OJN8s_M3dBCbxXTNW6c
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

105ms
104ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Fri, 17 Mar 2023 11:53:58 GMT
pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dot.gif
s0.2mdn.net/ Frame 314E
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEP-jdrXCAUtszrbEYShxGtU&google_cver=1&google_push=Aa02lx-Ov5CydqwcjnXO96Z0c2k9o3MNzTHQD8HFpB-rDZ4E2k83MTbbnNDPo5LBkvj-FG1qzLAQYx34a4oN84Z1Zozf...
https://sync.gonet-ads.com/match/google?google_gid=CAESEP-jdrXCAUtszrbEYShxGtU&google_cver=1&google_push=Aa02lx-Ov5CydqwcjnXO96Z0c2k9o3MNzTHQD8HFpB-rDZ4E2k83MTbbnNDPo5LBkvj-FG1qzLAQYx34a4oN84Z1Zozf...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmEyNjdmY2QyOTRhOWZhYQ&google_push=Aa02lx-Ov5CydqwcjnXO96Z0c2k9o3MNzTHQD8HFpB-rDZ4E2k83MTbbnNDPo5LBkvj-FG1qzLAQYx34a4oN84Z1Zozf7fy...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmEyNjdmY2QyOTRhOWZhYQ&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
490 B

195ms
56ms

Image
image/gif

2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Protocol

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:20:51 GMT
x-content-type-options: nosniff
age: 84787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Mar 2023 12:20:51 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 314E 0
130 B 221ms
64ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KG4BdpqLTdxZU11IJd9ZRqSdYkoGdkOGY9a5d34Nh5OIzZ9mR6rmiaUJOY5zUX2Qn6gGEQ23s

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B5E2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

73ms
73ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:53:58 GMT
expires: Fri, 17 Mar 2023 11:53:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 11:53:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8370
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGS5MNTTByHWSx44nhKzjCA&google_cver=1&google_push=Aa02lx_GfcYrVOpk0aB7TysawB3r43UB4PoXdcLZj5wZmPakSdoekWw0dtwGpkGGVlw9g1jqQAYF-j2Uu1h7v0Lj...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_GfcYrVOpk0aB7TysawB3r43UB4PoXdcLZj5wZmPakSdoekWw0dtwGpkGGVlw9g1jqQAYF-j2Uu1h7v0LjfnDFRtrFsabYqw

170 B
232 B

72ms
67ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_GfcYrVOpk0aB7TysawB3r43UB4PoXdcLZj5wZmPakSdoekWw0dtwGpkGGVlw9g1jqQAYF-j2Uu1h7v0LjfnDFRtrFsabYqw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Mar 2023 11:53:58 GMT
Server: MT3 569 46451a0 master zrh-pixel-x30 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_GfcYrVOpk0aB7TysawB3r43UB4PoXdcLZj5wZmPakSdoekWw0dtwGpkGGVlw9g1jqQAYF-j2Uu1h7v0LjfnDFRtrFsabYqw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 17 Mar 2023 11:53:57 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8370
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG7pt7ulRGtQvQ7cXZDMDWQ&google_cver=1&google_push=Aa02lx9Mn33AM1NRx3gCpB0gvzDT7WgitgAVhu9G6B24ArONXDeXQqdxngAPfDLMwTI_lSdSnUYzwm0A_5XNIe4hpcj75IReCS4DV...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG7pt7ulRGtQvQ7cXZDMDWQ&google_cver=1&google_push=Aa02lx9Mn33AM1NRx3gCpB0gvzDT7WgitgAVhu9G6B24ArONXDeXQqdxngAPfDLMwTI_lSdSnUYzwm0A_5XNIe4hpcj75IReCS4...

43 B
414 B

199ms
190ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG7pt7ulRGtQvQ7cXZDMDWQ&google_cver=1&google_push=Aa02lx9Mn33AM1NRx3gCpB0gvzDT7WgitgAVhu9G6B24ArONXDeXQqdxngAPfDLMwTI_lSdSnUYzwm0A_5XNIe4hpcj75IReCS4DVQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9Mn33AM1NRx3gCpB0gvzDT7WgitgAVhu9G6B24ArONXDeXQqdxngAPfDLMwTI_lSdSnUYzwm0A_5XNIe4hpcj75IReCS4DVQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a9509dc9fb5dd73-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 529
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG7pt7ulRGtQvQ7cXZDMDWQ&google_cver=1&google_push=Aa02lx9Mn33AM1NRx3gCpB0gvzDT7WgitgAVhu9G6B24ArONXDeXQqdxngAPfDLMwTI_lSdSnUYzwm0A_5XNIe4hpcj75IReCS4DVQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9Mn33AM1NRx3gCpB0gvzDT7WgitgAVhu9G6B24ArONXDeXQqdxngAPfDLMwTI_lSdSnUYzwm0A_5XNIe4hpcj75IReCS4DVQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a9509db1d36dd73-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8370
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAKNblP3O3pXJbZqyKYcO9U&google_cver=1&google_push=Aa02lx8Xy2MWjs5HT_a-61YW6jpcFGhlMHdpCArsz7IEbWEgFDSzfjnvuUqGIOB1s3mDiQVMlARPbV7J...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAKNblP3O3pXJbZqyKYcO9U&google_cver=1&google_push=Aa02lx8Xy2MWjs5HT_a-61YW6jpcFGhlMHdpCArsz7IEbWEgFDSzfjnvuUqGIOB1s3mDiQVMlAR...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg5MTc0OTMzMjgwNzkyNjAxMw&google_push=Aa02lx8Xy2MWjs5HT_a-61YW6jpcFGhlMHdpCArsz7IEbWEgFDSzfjnvuUqGIOB1s3mDiQVMlARPbV...

170 B
232 B

66ms
66ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg5MTc0OTMzMjgwNzkyNjAxMw&google_push=Aa02lx8Xy2MWjs5HT_a-61YW6jpcFGhlMHdpCArsz7IEbWEgFDSzfjnvuUqGIOB1s3mDiQVMlARPbV7JYv0BnuwW4hb2owqj8KfFlw

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg5MTc0OTMzMjgwNzkyNjAxMw&google_push=Aa02lx8Xy2MWjs5HT_a-61YW6jpcFGhlMHdpCArsz7IEbWEgFDSzfjnvuUqGIOB1s3mDiQVMlARPbV7JYv0BnuwW4hb2owqj8KfFlw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 8370 42 B
233 B 356ms
112ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESECyyNOfJ9ZHd-axicB_aoSU&google_cver=1&google_push=Aa02lx8dBUfeAlRQkW2awUc6BLWJk_ySw7H5YHzSwTjg3ozlbE3RYbB3YMtmYXUdkzl8SduogrJjc03No7sti6_SmJA6mGKHfkq2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 11:53:58 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8370
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAj86PjhvTpwNxz5cPhOIGM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAj86PjhvTpwNxz5cPhOIGM&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAj86PjhvTpwNxz5cPhOIGM&google_hm=ZBRU1sp8TaNvwUxMta9l1gAAFD8AAAAB&google_nid=index&google_push=Aa02lx-roR7gt-xYZmKsZ-j20UH59pYS0l2yG...

170 B
232 B

66ms
66ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAj86PjhvTpwNxz5cPhOIGM&google_hm=ZBRU1sp8TaNvwUxMta9l1gAAFD8AAAAB&google_nid=index&google_push=Aa02lx-roR7gt-xYZmKsZ-j20UH59pYS0l2yGnNAo_r1PbaAomETxV0vO_sIx8CAwI2r1gdsDXAxxhcSrdVOTR6VfJ4szQjF0nt2Lw

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 11:53:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAj86PjhvTpwNxz5cPhOIGM&google_hm=ZBRU1sp8TaNvwUxMta9l1gAAFD8AAAAB&google_nid=index&google_push=Aa02lx-roR7gt-xYZmKsZ-j20UH59pYS0l2yGnNAo_r1PbaAomETxV0vO_sIx8CAwI2r1gdsDXAxxhcSrdVOTR6VfJ4szQjF0nt2Lw
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8370
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEANvEElcgF9ZVmIpIz4Es6w&google_cver=1&google_push=Aa02lx-EEejPnhKNmxuWcbe4aMUqx4obaCp4YPjAOz8Q7c-RkOgDQsFm0mInOHksSUXTAI8YcOGQz1HLsglepWv6av-WtuyuMlr2DvM
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=Y2UxNjY1MzQtMTVlNy00ZGFiLTgzM2ItZjQ1OWZjZDIwZjk4&google_push=Aa02lx-EEejPnhKNmxuWcbe4aMUqx4obaCp4YPjAOz8Q7c-RkOgDQsFm0mInOHksSUXTAI8...

170 B
232 B

72ms
68ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=Y2UxNjY1MzQtMTVlNy00ZGFiLTgzM2ItZjQ1OWZjZDIwZjk4&google_push=Aa02lx-EEejPnhKNmxuWcbe4aMUqx4obaCp4YPjAOz8Q7c-RkOgDQsFm0mInOHksSUXTAI8YcOGQz1HLsglepWv6av-WtuyuMlr2DvM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=Y2UxNjY1MzQtMTVlNy00ZGFiLTgzM2ItZjQ1OWZjZDIwZjk4&google_push=Aa02lx-EEejPnhKNmxuWcbe4aMUqx4obaCp4YPjAOz8Q7c-RkOgDQsFm0mInOHksSUXTAI8YcOGQz1HLsglepWv6av-WtuyuMlr2DvM
date: Fri, 17 Mar 2023 11:53:57 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 0

GET google
sync-dmp.aura-dsp.com/match/ Frame 8370 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8370 0
40 B 199ms
66ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4pNQ18CU6pUgYHIYfv7CSLukKeK8lr3Hjjr8RRgPmTnvUNbrCw59Su-10f_HVKlaDhDnA_HE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:53:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4B3A 28 KB
28 KB 172ms
54ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:05:31 GMT
x-content-type-options: nosniff
age: 154107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 17:05:31 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 0125 28 KB
28 KB 229ms
113ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:05:31 GMT
x-content-type-options: nosniff
age: 154107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 17:05:31 GMT

GET
H3 200 h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CF5 36 KB
14 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1713338079903901&output=html&h=280&adk=2696496941&adf=2672432777&pi=t.aa~a.846518323~i.32~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1552829327&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2061960556&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fwww.usenix.org.uk%2Fcontent%2Frbl.html&fwr=0&pra=3&rh=200&rw=1590&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1679054037176&bpp=2&bdt=2007&idt=-M&shv=r20230315&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5bb346799f1b4c0b-22a4c8ed5ddd00f6%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg&gpic=UID%3D00000bc6d666114e%3AT%3D1679054036%3ART%3D1679054036%3AS%3DALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA&prev_fmts=0x0&nras=2&correlator=2861339095584&frm=20&pv=1&ga_vid=2139825118.1679054036&ga_sid=1679054036&ga_hid=899554251&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759842%2C44759876%2C44759927%2C31073016%2C31072952&oid=2&pvsid=2115126909912828&tmod=600076311&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=voCfPw9RiQ&p=http%3A//www.usenix.org.uk&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 05:03:55 GMT

GET
H3 200 h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EEF 36 KB
14 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 05:03:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 98ms
93ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230315&jk=2115126909912828&bg=!y8ilyJzNAAZEjmHWZI47ADkAdvg8Wgioqe9ZFnaKQQCiujRWtlNG7v-9bMoZXT3LbM2FI5mTZB1Dk7-WCm4DVbnucifxdaAem5ICAAAAq1IAAAAJaAEHmQKeBgoiy0QHxhIiCZSTO7nK8o8Y-xVy4YDl9TiyRcF9oQoE5xN958Qt00807DYU6qt8DKxTfvrQXTYzSjXFNJQGvPWOGrzl86g66CQFtXFey38c7JJtVrOtLn1r9DVnmlgjh3rgfXE9tmXcn06qkrfDHZr4T_1GT97twIxcaK66yLUw0R3MHuMukz0zOzBvKjPVxOytiIoVVyExtyyYKS4bWntqs9eyjeGC5hFZUzN-ygOZAmOfqBzEoO94PNNNuvtUhR3QOxyCYOgTS9TVxkly4kFs-nRGciD0XrNXlcozUei_AVUls1Ta1SaimrOf7CpPw7yajZa6cNfy5w9-NFHm6TIA5AztprDqFsR2HmXe-A-tw50HvKllojeJxC-QpXYioQg-n4iqIB4DVfSqwVZ5-nR3Jqg8PYbpOy56pHUfOMyRAcwimK0rlnzHOYxdk33M5m_OIOogMNZCxeumusac5GrFB1cYML0mxXNkrv5dcIfXQ5h9YuIqp7GDVITV0bbiCRZjqz-OmGOwJuhD0iBYi3LGkkTg1agUYMtAoOoCdtG0gFwewDqYm8FPMGWGxkuKr9LViBqYpWOF0eTzPOBYfAH8QMqAy75qplbVY22gtdZLNNGCF6RUyM8h44QVqnxGtexn0Bs6p_ncwcNUD5_qDWlu_R__IKhZL6GxRolCN1sQHgVq7qv4cprSUd5hiOtnurEZiI-gvlSAfrivF_Yrkl_DtsZ9EILD1liRcClfCe62sAfnKRu-hkQvK7cSWxL9ZM9rRrV8-Ei5odRVlFHyqUC1HFnq7N3TLtFTrZKEHWCwWvbhEX_zhIZSOaNTYOrK1HUl_eH0raXfADijQ7wgUrzr25EorxGcqnMsH6ngp9JkBomssfWhs63M2Mnwsg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.usenix.org.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C235 42 B
64 B 91ms
90ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9o7ROHyvty6jfS-65jc_cQoF7Mpals-WVu7I6_afkTwQ28j5_SPw7NqNiJII1ii2sAqmz0safTWNTQepmd3CyzfVqx0FFxyuo3Mj3gEYwVUMebgYkyRHVsxWpgQfxc0FQ8Z4&sai=AMfl-YQbVOUMPPzT525-CbDLb2R3qpLEi2-jSHJBNxOkyMv_aFzZBEsUvdY2PzMIchqhyemKyaX7NVm1pI9u&sig=Cg0ArKJSzBmf72-2k-NdEAE&cid=CAQSGwDUE5ym7GDUHIYYC3HDC1-TvpwIFdo6BbLH9BgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=118,817,1000,1000,1000&tos=118,699,183,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1679054037306&rpt=432&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:53:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-dmp.aura-dsp.com
URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESENd8J0hY8xK30PhkrhSMc6s&google_cver=1&google_push=Aa02lx8fTnpTR45CCzGK4fLa9gAUVbYHnC7g8UOnh_qTkiXyWY7qXRnzsirJseQvRRXvWhL80mrPT9ahEjYWiQL4I3jFkEWP1IvA2w

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 20:00:14	Name: ts Value: vreXpYrS%3D1773748435%26vteXpYrS%3D1679055835%26vr%3Def6b59fa1860ad04c5a44b1cfd64c2b3%26vt%3Def6b59fa1860ad04c5a44b1cfd64c2b2%26vtyp%3Dnew
.paypal.com/	1970-01-20 20:00:14	Name: ts_c Value: vr%3Def6b59fa1860ad04c5a44b1cfd64c2b3%26vt%3Def6b59fa1860ad04c5a44b1cfd64c2b2
.usenix.org.uk/	1970-01-20 19:45:50	Name: __gads Value: ID=5bb346799f1b4c0b-22a4c8ed5ddd00f6:T=1679054036:RT=1679054036:S=ALNI_MYpL_G22Aj3mQqL1yohLaxv6uWvMg
.usenix.org.uk/	1970-01-20 19:45:50	Name: __gpi Value: UID=00000bc6d666114e:T=1679054036:RT=1679054036:S=ALNI_MYjuKv-QT4_C5UXCc7lQGkVkKc5xA
.doubleclick.net/	1970-01-20 20:00:14	Name: IDE Value: AHWqTUkyX8Q8xVJwdk06H-sgY8-ohhdA47AHF5WV6Nt_XV1QlN1MMM98I2aOdxu9jgQ
.doubleclick.net/	1970-01-20 10:24:17	Name: DSID Value: NO_DATA
.travelaudience.com/	1970-01-20 19:55:54	Name: _tracker Value: %7B%22UUID%22%3A%22E83B7CF6-29E6-4A72-BB9A-A44AF891402A%22%7D
.mathtag.com/	1970-01-20 11:07:26	Name: mt_mop Value: 4:1679054039
.ads.avads.net/	1970-01-20 20:00:14	Name: av-mid Value: ce166534-15e7-4dab-833b-f459fcd20f98
.ads.avads.net/	1970-01-20 10:44:23	Name: av-tp-gadx Value: 1
.mathtag.com/	1970-01-20 19:50:09	Name: uuid Value: 4d776414-54d7-4d00-88da-a6ef6de68883
.adform.net/	1970-01-20 11:08:52	Name: C Value: 1
.casalemedia.com/	1970-01-20 19:09:50	Name: CMID Value: ZBRU1sp8TaNvwUxMta9l1gAA
.casalemedia.com/	1970-01-20 12:33:50	Name: CMPS Value: 5183
.casalemedia.com/	1970-01-20 12:33:50	Name: CMPRO Value: 5183
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.adform.net/	1970-01-20 11:50:38	Name: uid Value: 1891749332807926013
.gonet-ads.com/	1970-01-20 19:11:16	Name: pid Value: NmEyNjdmY2QyOTRhOWZhYQ
.e.dlx.addthis.com/	1970-01-20 19:54:28	Name: na_tc Value: Y
.tribalfusion.com/	1970-01-20 12:33:50	Name: ANON_ID Value: ajnseFOleq9PZabprMja7bxUHFKOGI5FyEy3pr4uFNy1YJq0PmtA9oo5c0JZabJwvS7aO6qqS5SdQSMQZaHsNdb
.addthis.com/	1970-01-20 19:54:28	Name: na_id Value: 2023031711535800013777638873
.addthis.com/	1970-01-20 19:54:28	Name: na_tc Value: Y
.addthis.com/	1970-01-20 19:54:28	Name: uid Value: 641454d6c24385b4
.addthis.com/	1970-01-20 19:54:28	Name: ouid Value: 641454d6000171c45fbdcb3de5926896c55e51f50258d76774da
.dlx.addthis.com/	1970-01-20 11:07:26	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 11:07:26	Name: na_sr Value: 20230317
.dlx.addthis.com/	1970-01-20 10:24:14	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 11:07:26	Name: na_sc_e Value: 0
.turn.com/	1970-01-20 14:43:26	Name: uid Value: 2880089516899978735

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.avads.net
ads.travelaudience.com
adservice.google.ca
adservice.google.com
all.s5h.net
c1.adform.net
cm.g.doubleclick.net
dclk-match.dotomi.com
dsp.adkernel.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
r.turn.com
s.tribalfusion.com
s0.2mdn.net
ssum-sec.casalemedia.com
sync-dmp.aura-dsp.com
sync.gonet-ads.com
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.usenix.org.uk
sync-dmp.aura-dsp.com
104.111.217.14
104.111.217.42
142.250.181.226
151.101.65.21
174.137.133.49
185.29.132.241
185.80.39.216
188.42.105.220
192.229.221.25
2001:ba8:1f1:f1cb::2
2606:4700::6812:19ad
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a02:fa8:8806:16::1400
35.190.0.66
35.205.207.25
37.157.4.24
46.228.164.11
85.119.82.99
07f41c8f66d110dcbc2121c18186aba67ef80863f6e8c7b5a5cab4f4acfe2a1d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd13ff52b181695d5b8e7358ab9954138903e78d3d1303661a2c1be6084762d
154f3a9ed4f3ac0059fc18337f3cb4d28103f349b3e256458f6a39b23d3c092b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
29d4cc6f43cacfb46e1e858f5ca264860461681a070c450b26c9e4baf4a608e7
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4967497bf203ce180a348826931b796a26b57b94b0f67567bbc210b4fb07063e
49abb010ce00c1361acb8377fe6b6d2d78b13d11b11121a5d3c86b2e2cdd5b2d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c4ba8be84d795e63e6fb4a20d2589cffcde26ab0e18db6cc9bd1ace34a3a928
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
508f45a834b2d91c88d2edd78c89679a50ee8c5982862312c4d9f3ea5f486445
52eb6ba7b29e986b7b5d991822ba411fcd9600e29f5ffa2da22755ecf212f427
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a7f28096de45ce86cab51849f0e866dc2956b5216520fff72d5ce8ae4472086
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
676bd6b1649a9462d62da462d5df9bb459445ed5a413ca36bf9316807b59b0db
866310bbaa9dd66a7fe6abc679401d3a8143835c9d45cd6024bb7269a02fd257
87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e
93381b48da3009be20f06ccbf890f9147256bfdd75fe714f84207f2712cc137c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
adad5f22158dc5d228118c864c4fec00269070dc1eb8db5a86846d63351d0447
b87eb697514c4f7f78d19319a9f7f9ec477787d3c6060ae86eb7cb04a64eac13
bbe1bb0e650597b51ca996f7abd9a7440162833f74d4668c1d506db7a3dcc83e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12fcbeb7624beef6c90755330fd5dfc2fd155c8e1f596129c9531821c5a85be
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dcd7c49f2af2bf9648e1e79cd74c7caf946e86f3d37cef9193d1143c22a148f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fce49e94e6f7e0cee13699946be1bf95b435a03e2d464714840857a219148d58

www.usenix.org.uk Open in urlscan Pro 2001:ba8:1f1:f1cb::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

84 %HTTPS

52 %IPv6

26 Domains

32 Subdomains

21 IPs

8 Countries

899 kBTransfer

2478 kBSize

29 Cookies

0 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.usenix.org.uk Open in urlscan Pro
2001:ba8:1f1:f1cb::2 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

84 %
HTTPS

52 %
IPv6

26
Domains

32
Subdomains

21
IPs

8
Countries

899 kB
Transfer

2478 kB
Size

29
Cookies

103 HTTP transactions
5 data transactions