Report - hemayeye.live/

Report Overview

Submitted URL
hemayeye.live/
IP
91.195.240.123
ASN
#47846 SEDO GmbH
Submitted
2024-05-07 04:44:59
Access
public
Website Title
hemayeye.live - hemayeye Ressurser og informasjon
Final URL
hemayeye.live/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.adsensecustomsearchads.com	unknown	2011-01-28	2015-09-02	2024-05-06	5.2 kB	199 kB	216.58.211.14
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2024-05-06	995 B	2.1 kB	142.250.74.97
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	455 B	191 kB	142.250.74.164
img.sedoparking.com	54200	2001-09-18	2013-04-23	2024-05-06	1.3 kB	60 kB	205.234.175.175
hemayeye.live	unknown	unknown	No data	No data	1.0 kB	24 kB	91.195.240.123

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	www.adsensecustomsearchads.com/afs/ads/i/iframe.html	1.3 kB	2023-04-05	2024-05-19
Pretty URL www.adsensecustomsearchads.com/afs/ads/i/iframe.html IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 04:36:39 Last Seen2024-05-19 10:16:06 Times Seen23559 Hash 33839cb72649c81ab58b763c95b4a163 0c9b62881e660fded013cee58439ae287690065a cdded269406c9b2b49a3066d12e75913abf338cdd7fa00e31fff299efef1cb76 Loading...

	www.adsensecustomsearchads.com/adsense/domains/caf.js	190 kB	2024-05-01	2024-05-09
Pretty URL www.adsensecustomsearchads.com/adsense/domains/caf.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 21:38:38 Last Seen2024-05-09 21:32:28 Times Seen496 Hash b5e49ab63ec3da61b2fbecfaf10ac338 5f7945f7fbbf996947b764482183c9b71c1badf9 7ca38cdea54b4b92556c90045e1bc302d8bc957cef043f27cf491140f7ccc94b Loading...

	hemayeye.live/	2.9 kB	2024-05-07	2024-05-07
Pretty URL hemayeye.live/ IP 91.195.240.123 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 06:45:06 Last Seen2024-05-07 06:45:06 Times Seen1 Hash f5d4ee2b565be20425ef9785830371c1 76703b681177e40eecd1406bf73d555642a21e3a 34dfad28fd119462269f6cfaea0b663766c83c15d54dd2dc6208e4d7ae45cdad Loading...

	www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true	190 kB	2024-04-30	2024-05-08
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 21:10:37 Last Seen2024-05-08 15:12:08 Times Seen218 Hash 64d6f99efa3924822947ca354b516e6a e73d8408f832712f026a1e9968091d3945be7dae 117a49c7aba207ff5094947bb6d7df4c5f3eef2a7f813f64c7f05fde6a29875b Loading...

	hemayeye.live/	622 B	2023-03-07	2024-05-19
Pretty URL hemayeye.live/ IP 91.195.240.123 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:10:36 Last Seen2024-05-19 01:10:24 Times Seen7362 Hash 4ddc86a1d8ae00753cc792ab72a58071 b405fd8562e0d0582f25f4b7ac6d180d72e0e935 4a5f92285fc4b884f74fbf249d3c256136ae5f4c387ba90230f0f357322a6d8d Loading...

	hemayeye.live/	5.5 kB	2024-01-10	2024-05-19
Pretty URL hemayeye.live/ IP 91.195.240.123 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-10 16:33:42 Last Seen2024-05-19 10:16:06 Times Seen7361 Hash 8dea1c8dd04f9474489541bca012175b ada487edd0cde69a3b8dc8fc0d15a393ac865e65 f1b4243e2948e50bd1024644673f303d9e5a14873f86ae05fd3e27b55009ddb1 Loading...

	www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=exp-0051%2Cauxa-control-1%2C35961519&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fhemayeye.live%2Fcaf%2F%3Fses%3DY3JlPTE3MTUwNTcwNzQmdGNpZD1oZW1heWV5ZS5saXZlNjYzOWIxYjI1ZTBmZTYuNTc2OTAzMDgmdGFzaz1zZWFyY2gmZG9tYWluPWhlbWF5ZXllLmxpdmUmYV9pZD0zJnNlc3Npb249ZksxZ25ZOVJUOW4xbHhIMmZjUlc%3D&type=3&uiopt=false&swp=as-drid-2249301175844733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=3661715057075196&num=0&output=afd_ads&domain_name=hemayeye.live&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1715057075211&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=997&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Fhemayeye.live%2F	896 B	2024-05-07	2024-05-07
Pretty URL www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=exp-0051%2Cauxa-control-1%2C35961519&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fhemayeye.live%2Fcaf%2F%3Fses%3DY3JlPTE3MTUwNTcwNzQmdGNpZD1oZW1heWV5ZS5saXZlNjYzOWIxYjI1ZTBmZTYuNTc2OTAzMDgmdGFzaz1zZWFyY2gmZG9tYWluPWhlbWF5ZXllLmxpdmUmYV9pZD0zJnNlc3Npb249ZksxZ25ZOVJUOW4xbHhIMmZjUlc%3D&type=3&uiopt=false&swp=as-drid-2249301175844733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=3661715057075196&num=0&output=afd_ads&domain_name=hemayeye.live&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1715057075211&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=997&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Fhemayeye.live%2F IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 06:45:06 Last Seen2024-05-07 06:45:06 Times Seen1 Hash 286e40a0433066552d3709d44a2db3c3 7d90bba9a441613c89b21e8249cf3b2d0a9cc4b9 1f6e175ea4e15e66c7e5b543f9ccc0578d251ece018a272f836923cdde89a7bb Loading...

HTTP Transactions (15)

	URL	IP	Response	Size
	img.sedoparking.com/templates/bg/arrows.png	205.234.175.175	200 OK	13 kB
URL GET HTTP/2 img.sedoparking.com/templates/bg/arrows.png IP 205.234.175.175:443 ASN #30081 CACHENETWORKS Requested by https://hemayeye.live/ Certificate IssuerGlobalSign nv-sa Subject.cachefly.net Fingerprint0F:4E:B2:D7:96:B9:94:D0:35:66:76:6C:4B:16:18:49:DE:42:80:71 ValidityMon, 13 Nov 2023 19:46:02 GMT - Sat, 14 Dec 2024 19:46:01 GMT File type PNG image data, 426 x 475, 8-bit/color RGBA, non-interlaced Size 13 kB (12642 bytes) Hash 6dc0bad9aa452ff871b282dabd47131e 01411e6726e033240caa3926141a6adbc18a2d73 3059fbd6cd3550047483dca4071c93e5cf4cc79ce8bafc4388166fbc5279644b HTTP Headers `GET /templates/bg/arrows.png HTTP/1.1 Host: img.sedoparking.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 07 May 2024 04:44:34 GMT content-type: image/png content-length: 12642 access-control-allow-origin: * cache-control: max-age=604800 expires: Tue, 14 May 2024 04:44:34 GMT x-cfhash: "6dc0bad9aa452ff871b282dabd47131e" x-cff: B last-modified: Mon, 11 Oct 2021 05:39:44 GMT x-cf3: H cf4age: 23090 x-cf-tsc: 1711144663 cf4ttl: 31512910.000 x-cf2: H server: CFS 1124 x-cf-reqid: 8da922a99158d78f9e9249e62887d6a4 x-cf1: 11696:fD.arn1:cf:nom:cacheN.arn1-01:H accept-ranges: bytes X-Firefox-Spdy: h2

	img.sedoparking.com/templates/bg/NameSiloLogo.png	205.234.175.175	200 OK	31 kB
URL GET HTTP/2 img.sedoparking.com/templates/bg/NameSiloLogo.png IP 205.234.175.175:443 ASN #30081 CACHENETWORKS Requested by https://hemayeye.live/ Certificate IssuerGlobalSign nv-sa Subject.cachefly.net Fingerprint0F:4E:B2:D7:96:B9:94:D0:35:66:76:6C:4B:16:18:49:DE:42:80:71 ValidityMon, 13 Nov 2023 19:46:02 GMT - Sat, 14 Dec 2024 19:46:01 GMT File type PNG image data, 1756 x 390, 8-bit/color RGBA, non-interlaced Size 31 kB (30661 bytes) Hash 0f38d9d55d778a10b8a5bdeda9b1cf09 edf6302e26c216765e2d9ae9625fb69f57379ff9 4bbc784f1808bf25b1be7a0309b9e0b7ccd2c48e77ddcb270b67f18c7af55d9f HTTP Headers `GET /templates/bg/NameSiloLogo.png HTTP/1.1 Host: img.sedoparking.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Tue, 07 May 2024 04:44:34 GMT content-type: image/png content-length: 30661 access-control-allow-origin: * x-cff: B last-modified: Mon, 27 Feb 2023 08:54:36 GMT x-cf3: H cf4age: 528035 x-cf-tsc: 1711139350 cf4ttl: 31007964.000 x-cf2: H accept-ranges: bytes server: CFS 1124 x-cf-reqid: 70ca46af98bf6c5ba998c729bd4a2a03 x-cf1: 11696:fD.arn1:nom:cacheN.arn1-01:M X-Firefox-Spdy: h2`

	hemayeye.live/search/tsc.php?200=NTY1MTU4ODk3&21=OTEuOTAuNDIuMTU0&681=MTcxNTA1NzA3NGIzYWE5OTczMDg4NTIyNWM3ZDZiYWQ5NTUxZDk4NWZk&crc=3f3c1f5651df11ca8137532a58a46c387c0d3751&cv=1	91.195.240.123	200 OK	0 B
URL GET HTTP/2 hemayeye.live/search/tsc.php?200=NTY1MTU4ODk3&21=OTEuOTAuNDIuMTU0&681=MTcxNTA1NzA3NGIzYWE5OTczMDg4NTIyNWM3ZDZiYWQ5NTUxZDk4NWZk&crc=3f3c1f5651df11ca8137532a58a46c387c0d3751&cv=1 IP 91.195.240.123:443 ASN #47846 SEDO GmbH Requested by https://hemayeye.live/ Certificate IssuerDigiCert Inc Subjecthemayeye.live Fingerprint50:CE:F3:86:3F:25:61:FC:5E:03:4F:F8:8C:02:09:0B:7D:62:D0:A9 ValiditySun, 24 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /search/tsc.php?200=NTY1MTU4ODk3&21=OTEuOTAuNDIuMTU0&681=MTcxNTA1NzA3NGIzYWE5OTczMDg4NTIyNWM3ZDZiYWQ5NTUxZDk4NWZk&crc=3f3c1f5651df11ca8137532a58a46c387c0d3751&cv=1 HTTP/1.1 Host: hemayeye.live User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Tue, 07 May 2024 04:44:35 GMT server: NginX x-cache-miss-from: parking-7cbf88ff6b-w8ldc x-powered-by: PHP/8.1.17 content-length: 0 X-Firefox-Spdy: h2`

	www.adsensecustomsearchads.com/afs/ads/i/iframe.html	216.58.211.14	200 OK	729 B
URL GET HTTP/2 www.adsensecustomsearchads.com/afs/ads/i/iframe.html IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by https://hemayeye.live/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type HTML document, ASCII text, with very long lines (1559) Size 729 B (729 bytes) Hash dcec06219509bc80f8546590d032e88c 860e37f9dabf84eb249696623d50f9c4ac15d02b aa37013b7015395e0b1bb74bd530c018ece276dae11f8042bf1e9be980089e24 HTTP Headers GET /afs/ads/i/iframe.html HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/html content-security-policy: script-src 'nonce-Z4Rrsdi3GZ6xJjzc6mRlZw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none' content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-length: 729 date: Tue, 07 May 2024 04:44:35 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate last-modified: Tue, 12 Mar 2024 06:00:00 GMT x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	img.sedoparking.com/templates/logos/sedo_logo.png	205.234.175.175	200 OK	15 kB
URL GET HTTP/2 img.sedoparking.com/templates/logos/sedo_logo.png IP 205.234.175.175:443 ASN #30081 CACHENETWORKS Requested by https://hemayeye.live/ Certificate IssuerGlobalSign nv-sa Subject.cachefly.net Fingerprint0F:4E:B2:D7:96:B9:94:D0:35:66:76:6C:4B:16:18:49:DE:42:80:71 ValidityMon, 13 Nov 2023 19:46:02 GMT - Sat, 14 Dec 2024 19:46:01 GMT File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Size 15 kB (15086 bytes) Hash def00c11b1596db4efee6a9fbe64fc27 bd298981e6d8d7e4ffa18abcf687041f4246672d 95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4 HTTP Headers `GET /templates/logos/sedo_logo.png HTTP/1.1 Host: img.sedoparking.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 07 May 2024 04:44:35 GMT content-type: image/png content-length: 15086 access-control-allow-origin: * cache-control: max-age=604800 expires: Tue, 14 May 2024 04:44:35 GMT x-cfhash: "def00c11b1596db4efee6a9fbe64fc27" x-cff: B last-modified: Mon, 11 Jan 2021 07:44:34 GMT x-cf3: H cf4age: 21299 x-cf-tsc: 1711144658 cf4ttl: 31514700.000 x-cf2: H server: CFS 1124 x-cf-reqid: d3d7f12d790f9b8be2bac8c03a3cd1f1 x-cf1: 11696:fD.arn1:cf:nom:cacheN.arn1-01:H accept-ranges: bytes X-Firefox-Spdy: h2

	www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=exp-0051%2Cauxa-control-1%2C35961519&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fhemayeye.live%2Fcaf%2F%3Fses%3DY3JlPTE3MTUwNTcwNzQmdGNpZD1oZW1heWV5ZS5saXZlNjYzOWIxYjI1ZTBmZTYuNTc2OTAzMDgmdGFzaz1zZWFyY2gmZG9tYWluPWhlbWF5ZXllLmxpdmUmYV9pZD0zJnNlc3Npb249ZksxZ25ZOVJUOW4xbHhIMmZjUlc%3D&type=3&uiopt=false&swp=as-drid-2249301175844733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=3661715057075196&num=0&output=afd_ads&domain_name=hemayeye.live&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1715057075211&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=997&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Fhemayeye.live%2F	216.58.211.14	200 OK	2.9 kB
URL GET HTTP/2 www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=exp-0051%2Cauxa-control-1%2C35961519&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fhemayeye.live%2Fcaf%2F%3Fses%3DY3JlPTE3MTUwNTcwNzQmdGNpZD1oZW1heWV5ZS5saXZlNjYzOWIxYjI1ZTBmZTYuNTc2OTAzMDgmdGFzaz1zZWFyY2gmZG9tYWluPWhlbWF5ZXllLmxpdmUmYV9pZD0zJnNlc3Npb249ZksxZ25ZOVJUOW4xbHhIMmZjUlc%3D&type=3&uiopt=false&swp=as-drid-2249301175844733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=3661715057075196&num=0&output=afd_ads&domain_name=hemayeye.live&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1715057075211&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=997&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Fhemayeye.live%2F IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by https://hemayeye.live/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (13632) Size 2.9 kB (2892 bytes) Hash 0e354ea304dc20b14f94a632a92c0571 af2961e14a4f652be070c2610807401f63f33ea1 32b6e59a41580b90e5bdac27cefd92bfaf44857e9e0b970eddcea7e4f3fd765a HTTP Headers GET /afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=exp-0051%2Cauxa-control-1%2C35961519&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fhemayeye.live%2Fcaf%2F%3Fses%3DY3JlPTE3MTUwNTcwNzQmdGNpZD1oZW1heWV5ZS5saXZlNjYzOWIxYjI1ZTBmZTYuNTc2OTAzMDgmdGFzaz1zZWFyY2gmZG9tYWluPWhlbWF5ZXllLmxpdmUmYV9pZD0zJnNlc3Npb249ZksxZ25ZOVJUOW4xbHhIMmZjUlc%3D&type=3&uiopt=false&swp=as-drid-2249301175844733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=3661715057075196&num=0&output=afd_ads&domain_name=hemayeye.live&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1715057075211&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=997&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Fhemayeye.live%2F HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Tue, 07 May 2024 04:44:35 GMT expires: Tue, 07 May 2024 04:44:35 GMT cache-control: private, max-age=3600 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-9SvcMaF_08_5lZeXP3wYAA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-encoding: br server: gws content-length: 2892 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff	142.250.74.97	200 OK	174 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=exp-0051%2Cauxa-control-1%2C35961519&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fhemayeye.live%2Fcaf%2F%3Fses%3DY3JlPTE3MTUwNTcwNzQmdGNpZD1oZW1heWV5ZS5saXZlNjYzOWIxYjI1ZTBmZTYuNTc2OTAzMDgmdGFzaz1zZWFyY2gmZG9tYWluPWhlbWF5ZXllLmxpdmUmYV9pZD0zJnNlc3Npb249ZksxZ25ZOVJUOW4xbHhIMmZjUlc%3D&type=3&uiopt=false&swp=as-drid-2249301175844733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=3661715057075196&num=0&output=afd_ads&domain_name=hemayeye.live&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1715057075211&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=997&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Fhemayeye.live%2F Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT File type SVG Scalable Vector Graphics image Size 174 B (174 bytes) Hash 11b3089d616633ca6b73b57aa877eeb4 07632f63e06b30d9b63c97177d3a8122629bda9b 809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 06 May 2024 19:08:01 GMT expires: Tue, 07 May 2024 18:08:01 GMT cache-control: public, max-age=82800 age: 34595 last-modified: Thu, 02 Nov 2023 22:48:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2	142.250.74.97	200 OK	273 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=exp-0051%2Cauxa-control-1%2C35961519&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fhemayeye.live%2Fcaf%2F%3Fses%3DY3JlPTE3MTUwNTcwNzQmdGNpZD1oZW1heWV5ZS5saXZlNjYzOWIxYjI1ZTBmZTYuNTc2OTAzMDgmdGFzaz1zZWFyY2gmZG9tYWluPWhlbWF5ZXllLmxpdmUmYV9pZD0zJnNlc3Npb249ZksxZ25ZOVJUOW4xbHhIMmZjUlc%3D&type=3&uiopt=false&swp=as-drid-2249301175844733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=3661715057075196&num=0&output=afd_ads&domain_name=hemayeye.live&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1715057075211&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=997&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Fhemayeye.live%2F Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT File type SVG Scalable Vector Graphics image Size 273 B (273 bytes) Hash 6751e07e0f93bd43ab90822f4b2eb62a d1d0c6f0b4697b0a4e61ffbf171e8c60eac7c832 ff563f41765da081fe9fd40e8bb33a623df033b10050a8ae8c1b46e15107d8f1 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 273 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 06 May 2024 21:24:49 GMT expires: Tue, 07 May 2024 20:24:49 GMT cache-control: public, max-age=82800 age: 26387 last-modified: Thu, 20 Jul 2023 22:48:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=everjzq3nor8&aqid=s7E5Zo-KGcuAxdwPhqeAGA&psid=9330244380&pbt=bs&adbx=406.66668701171875&adby=134.64999389648438&adbh=554&adbw=467&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=36%7C0%7C714%7C71%7C50&lle=0&ifv=1&hpt=0	216.58.211.14	204 No Content	0 B
URL GET HTTP/3 www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=everjzq3nor8&aqid=s7E5Zo-KGcuAxdwPhqeAGA&psid=9330244380&pbt=bs&adbx=406.66668701171875&adby=134.64999389648438&adbh=554&adbw=467&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=36%7C0%7C714%7C71%7C50&lle=0&ifv=1&hpt=0 IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by https://hemayeye.live/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=everjzq3nor8&aqid=s7E5Zo-KGcuAxdwPhqeAGA&psid=9330244380&pbt=bs&adbx=406.66668701171875&adby=134.64999389648438&adbh=554&adbw=467&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=36%7C0%7C714%7C71%7C50&lle=0&ifv=1&hpt=0 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-9okF3LTUzbMsOvSYIIoSNA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Tue, 07 May 2024 04:44:37 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=osi59md3wq2v&aqid=s7E5Zo-KGcuAxdwPhqeAGA&pbt=bs&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=7%7C0%7C743%7C71%7C50&lle=0&ifv=1&hpt=0	216.58.211.14	204 No Content	0 B
URL GET HTTP/3 www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=osi59md3wq2v&aqid=s7E5Zo-KGcuAxdwPhqeAGA&pbt=bs&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=7%7C0%7C743%7C71%7C50&lle=0&ifv=1&hpt=0 IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by https://hemayeye.live/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=osi59md3wq2v&aqid=s7E5Zo-KGcuAxdwPhqeAGA&pbt=bs&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=7%7C0%7C743%7C71%7C50&lle=0&ifv=1&hpt=0 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-iK6Gk5PpknSfr14R4RI2hQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Tue, 07 May 2024 04:44:37 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=50x7st984kth&aqid=s7E5Zo-KGcuAxdwPhqeAGA&psid=9330244380&pbt=bv&adbx=406.66668701171875&adby=134.64999389648438&adbh=554&adbw=467&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=36%7C0%7C714%7C71%7C50&lle=0&ifv=1&hpt=0	216.58.211.14	204 No Content	0 B
URL GET HTTP/3 www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=50x7st984kth&aqid=s7E5Zo-KGcuAxdwPhqeAGA&psid=9330244380&pbt=bv&adbx=406.66668701171875&adby=134.64999389648438&adbh=554&adbw=467&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=36%7C0%7C714%7C71%7C50&lle=0&ifv=1&hpt=0 IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by https://hemayeye.live/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=50x7st984kth&aqid=s7E5Zo-KGcuAxdwPhqeAGA&psid=9330244380&pbt=bv&adbx=406.66668701171875&adby=134.64999389648438&adbh=554&adbw=467&adbah=178%2C178%2C178&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=36%7C0%7C714%7C71%7C50&lle=0&ifv=1&hpt=0 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-sdmywioYDxKq5ZO2SNf8pw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Tue, 07 May 2024 04:44:38 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=gq6kjcxc5xhs&aqid=s7E5Zo-KGcuAxdwPhqeAGA&pbt=bv&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=7%7C0%7C743%7C71%7C50&lle=0&ifv=1&hpt=0	216.58.211.14	204 No Content	0 B
URL GET HTTP/3 www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=gq6kjcxc5xhs&aqid=s7E5Zo-KGcuAxdwPhqeAGA&pbt=bv&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=7%7C0%7C743%7C71%7C50&lle=0&ifv=1&hpt=0 IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by https://hemayeye.live/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=gq6kjcxc5xhs&aqid=s7E5Zo-KGcuAxdwPhqeAGA&pbt=bv&adbx=490&adby=807.6500244140625&adbh=17&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=629216002&csala=7%7C0%7C743%7C71%7C50&lle=0&ifv=1&hpt=0 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-fWQ8VR_3L7_6sVAv9O4QRA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Tue, 07 May 2024 04:44:38 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.adsensecustomsearchads.com/adsense/domains/caf.js	216.58.211.14	200 OK	190 kB
URL GET HTTP/3 www.adsensecustomsearchads.com/adsense/domains/caf.js IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=exp-0051%2Cauxa-control-1%2C35961519&client=dp-sedo85_3ph&r=m&hl=no&ivt=0&rpbu=https%3A%2F%2Fhemayeye.live%2Fcaf%2F%3Fses%3DY3JlPTE3MTUwNTcwNzQmdGNpZD1oZW1heWV5ZS5saXZlNjYzOWIxYjI1ZTBmZTYuNTc2OTAzMDgmdGFzaz1zZWFyY2gmZG9tYWluPWhlbWF5ZXllLmxpdmUmYV9pZD0zJnNlc3Npb249ZksxZ25ZOVJUOW4xbHhIMmZjUlc%3D&type=3&uiopt=false&swp=as-drid-2249301175844733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r3%7Cs&nocache=3661715057075196&num=0&output=afd_ads&domain_name=hemayeye.live&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1715057075211&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=997&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=629216002&rurl=https%3A%2F%2Fhemayeye.live%2F Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type JavaScript source, ASCII text, with very long lines (2247) Size 190 kB (190028 bytes) Hash b5e49ab63ec3da61b2fbecfaf10ac338 5f7945f7fbbf996947b764482183c9b71c1badf9 7ca38cdea54b4b92556c90045e1bc302d8bc957cef043f27cf491140f7ccc94b HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Tue, 07 May 2024 04:44:35 GMT expires: Tue, 07 May 2024 04:44:35 GMT cache-control: private, max-age=3600 etag: "15804660649526306264" x-content-type-options: nosniff link: <https://www.adsensecustomsearchads.com>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true	142.250.74.164	200 OK	190 kB
URL GET HTTP/2 www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true IP 142.250.74.164:443 ASN #15169 GOOGLE Requested by https://hemayeye.live/ Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT File type JavaScript source, ASCII text, with very long lines (2247) Size 190 kB (190021 bytes) Hash 64d6f99efa3924822947ca354b516e6a e73d8408f832712f026a1e9968091d3945be7dae 117a49c7aba207ff5094947bb6d7df4c5f3eef2a7f813f64c7f05fde6a29875b HTTP Headers `GET /adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hemayeye.live/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Tue, 07 May 2024 04:44:35 GMT expires: Tue, 07 May 2024 04:44:35 GMT cache-control: private, max-age=3600 etag: "3626911887027227978" x-content-type-options: nosniff link: <https://www.adsensecustomsearchads.com>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	hemayeye.live/	91.195.240.123	200 OK	23 kB
URL User Request GET HTTP/2 hemayeye.live/ IP 91.195.240.123:443 ASN #47846 SEDO GmbH Certificate IssuerDigiCert Inc Subjecthemayeye.live Fingerprint50:CE:F3:86:3F:25:61:FC:5E:03:4F:F8:8C:02:09:0B:7D:62:D0:A9 ValiditySun, 24 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT File type Size 23 kB (23190 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: hemayeye.live User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding: gzip content-type: text/html; charset=UTF-8 date: Tue, 07 May 2024 04:44:34 GMT expires: Mon, 26 Jul 1997 05:00:00 GMT last-modified: Tue, 07 May 2024 04:44:34 GMT pragma: no-cache server: NginX vary: Accept-Encoding x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_Vy/CsWyfUgBfRkrpR2swhC2rfIDe4Y0bLNmGhP5ySSjjXJGg9avupAOo1VHla+V9CaSZ9YGP2hlq85CMkoEP5w== x-cache-miss-from: parking-7cbf88ff6b-bsk5t x-powered-by: PHP/8.1.17 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL GET HTTP/2

IP

ASN

Requested by