[30]
Imane Fouad, Cristiana Santos, Feras Al Kassar, Na-
taliia Bielova, and Stefano Calzavara. On compliance of
cookie purposes with the purpose specification principle.
In EuroS&P Workshops, pages 326–333. IEEE, 2020.
[31]
Nathaniel Fruchter, Hsin Miao, Scott Stevenson, and
Rebecca Balebako. Variations in tracking in relation to
geographic location. Proc. of the 9th Workshop on Web
2.0 Security and Privacy (W2SP) 2015, 2015.
[32]
Steven Goldfeder, Harry A. Kalodner, Dillon Reis-
man, and Arvind Narayanan. When the cookie meets
the blockchain: Privacy risks of web payments via
cryptocurrencies. Proc. Priv. Enhancing Technol.,
2018(4):179–199, 2018.
[33]
Hélder Gomes, André Zúquete, Gonçalo Paiva Dias, and
Fábio Marques. Usage of HTTPS by municipal websites
in portugal. In WorldCIST (2), volume 931 of Advances
in Intelligent Systems and Computing, pages 155–164.
Springer, 2019.
[34]
Daniel Goßen, Hugo Jonker, Stefan Karsch, Benjamin
Krumnow, and David Roefs. HLISA: towards a more
reliable measurement tool. In Proc. 21st ACM Inter-
net Measurement Conference (IMC’21), pages 380–389.
ACM, 2021.
[35]
Grant Ho, Dan Boneh, Lucas Ballard, and Niels Provos.
Tick tock: Building browser red pills from timing side
channels. In WOOT, pages 1–11. USENIX Association,
2014.
[36]
Xuehui Hu, Guillermo Suarez de Tangil, and Nishanth
Sastry. Multi-country study of third party trackers from
real browser histories. In EuroS&P, pages 70–86. IEEE,
2020.
[37]
Luca Invernizzi, Kurt Thomas, Alexandros Kaprave-
los, Oxana Comanescu, Jean Michel Picod, and Elie
Bursztein. Cloak of visibility: Detecting when machines
browse a different web. In Proc. 37th IEEE Symposium
on Security and Privacy, SP 2016, San Jose, CA, USA,
May 22-26, 2016, pages 743–758, 2016.
[38]
Umar Iqbal, Steven Englehardt, and Zubair Shafiq.
Fingerprinting the fingerprinters: Learning to detect
browser fingerprinting behaviors. In 2021 IEEE Sympo-
sium on Security and Privacy (SP), pages 1143–1161,
2021.
[39]
Hugo Jonker, Benjamin Krumnow, and Gabry Vlot. Fin-
gerprint surface-based detection of web bot detectors. In
Proceedings of 24th European Symposium on Research
in Computer Security (ESORICS’19), LNCS, pages 586–
605. Springer, 2019.
[40]
Jordan Jueckstock and Alexandros Kapravelos. Visi-
blev8: In-browser monitoring of javascript in the wild.
In Proc. 19th ACM Internet Measurement Conference,
pages 393–405. ACM, 2019.
[41]
Jordan Jueckstock, Shaown Sarker, Peter Snyder, Aidan
Beggs, Panagiotis Papadopoulos, Matteo Varvello, Ben
Livshits, and Alexandros Kapravelos. Towards realistic
and reproducible web crawl measurements. In Proc. The
Web Conference 2021 (WWW’21). ACM, 2021.
[42]
Martin Koop, Erik Tews, and Stefan Katzenbeisser. In-
depth evaluation of redirect tracking and link usage.
Proc. Priv. Enhancing Technol., 2020(4):394–413, 2020.
[43]
Michael Kranch and Joseph Bonneau. HTTPS in mid-
air: An empirical study of strict transport security and
key pinning. In Proc. 22nd Network and Distributed
System Security Symposium (NDSS’15). The Internet
Society, 2015.
[44]
Pierre Laperdrix, Nataliia Bielova, Benoit Baudry, and
Gildas Avoine. Browser fingerprinting: A survey. ACM
Transactions on the Web (TWEB), 14(2):1–33, 2020.
[45]
Victor Le Pochat, Tom Van Goethem, Samaneh Tajal-
izadehkhoob, Maciej Korczy
´
nski, and Wouter Joosen.
Tranco: A research-oriented top sites ranking hardened
against manipulation. In Proc. 26th Network and Dis-
tributed System Security Symposium (NDSS’19), NDSS
2019, pages 1–15. The Internet Society, 2019.
[46]
Baojun Liu, Zhou Li, Peiyuan Zong, Chaoyi Lu, Hai-
Xin Duan, Ying Liu, Sumayah A. Alrwais, XiaoFeng
Wang, Shuang Hao, Yaoqi Jia, Yiming Zhang, Kai Chen,
and Zaifeng Zhang. Traffickstop: Detecting and measur-
ing illicit traffic monetization through large-scale DNS
analysis. In EuroS&P, pages 560–575. IEEE, 2019.
[47]
Baojun Liu, Zhou Li, Peiyuan Zong, Chaoyi Lu, Hai-
Xin Duan, Ying Liu, Sumayah A. Alrwais, XiaoFeng
Wang, Shuang Hao, Yaoqi Jia, Yiming Zhang, Kai Chen,
and Zaifeng Zhang. Traffickstop: Detecting and measur-
ing illicit traffic monetization through large-scale DNS
analysis. In IEEE European Symposium on Security
and Privacy, EuroS&P 2019, Stockholm, Sweden, June
17-19, 2019, pages 560–575. IEEE, 2019.
[48]
Fang Liu, Chun Wang, Andres Pico, Danfeng Yao, and
Gang Wang. Measuring the insecurity of mobile deep
links of android. In USENIX Security Symposium, pages
953–969. USENIX Association, 2017.
[49]
Max Maass, Stephan Schwär, and Matthias Hollick. To-
wards transparency in email tracking. In APF, volume
11498 of Lecture Notes in Computer Science, pages 18–
27. Springer, 2019.
15