Report - hicherri.com/f/71360wsmkhij

Report Overview

Submitted URL
hicherri.com/f/71360wsmkhij
IP
104.21.41.234
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 08:32:35
Access
public
Website Title
StreamWish
Final URL
hicherri.com/f/71360wsmkhij
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
xw.milordsupbbore.com	unknown	unknown	No data	No data	415 B	1.5 kB	188.42.108.108
hicherri.com	unknown	2022-03-16	2022-03-16	2024-01-04	5.1 kB	270 kB	104.21.41.234
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	419 B	102 kB	142.250.74.136

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	milordsupbbore.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	hicherri.com/wish_dark/js/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-05-19
Pretty URL hicherri.com/wish_dark/js/jquery-3.2.1.min.js IP 104.21.41.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-19 16:10:37 Times Seen68022 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	hicherri.com/wish_dark/js/app.js	120 B	2023-05-24	2024-05-15
Pretty URL hicherri.com/wish_dark/js/app.js IP 104.21.41.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 01:42:36 Last Seen2024-05-15 01:00:43 Times Seen68 Hash a79f8fabfb7648a13210846a85a88cf7 6712b8182af3de12fda154bee96ff127cfc963fe ec33448e18837c25e8bad49acb1b6d8a67f9aa49b2804bcd4c8d109ae4e96754 Loading...

	hicherri.com/f/71360wsmkhij	0 B	2023-03-07	2024-05-19
Pretty URL hicherri.com/f/71360wsmkhij IP 104.21.41.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 16:16:55 Times Seen37832381 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	hicherri.com/assets/jquery/app100.js?type=mainstream&v=2.1	6.1 kB	2024-05-04	2024-05-13
Pretty URL hicherri.com/assets/jquery/app100.js?type=mainstream&v=2.1 IP 104.21.41.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 16:26:20 Last Seen2024-05-13 09:53:49 Times Seen4 Hash 4c5fab757d38b138f1d89e187c5951a3 6633148d6020396822f10f75a0fb2a02a96df624 50a951a67c5e0193b7837dd30e617ffaef63bd5e19ca42314f6c318961c01990 Loading...

	hicherri.com/wish/js/bootstrap.bundle.min.js	81 kB	2023-03-12	2024-05-18
Pretty URL hicherri.com/wish/js/bootstrap.bundle.min.js IP 104.21.41.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:15:33 Last Seen2024-05-18 22:41:48 Times Seen2151 Hash e8890063e097beea88fd37621217af9c bff78dd9c02a5008ab43642948739ce58c761b21 061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2 Loading...

	www.googletagmanager.com/gtag/js?id=G-2TL7NH453R	305 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-2TL7NH453R IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 10:32:41 Last Seen2024-05-07 10:32:42 Times Seen2 Hash 2dd1ca4f657785d3850f34f6eeb9ad72 a8be92f1a93baf78a43cf59b8891f66c386a9c4b 21f7d611cfeeeaac0f8e5afdd109ac9811abc7cf16c121b145984bd917be4253 Loading...

	hicherri.com/wish_dark/js/xupload.js?v19	10 kB	2023-11-04	2024-05-15
Pretty URL hicherri.com/wish_dark/js/xupload.js?v19 IP 104.21.41.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 13:23:38 Last Seen2024-05-15 01:00:44 Times Seen56 Hash 5ea8e76c6915ae555ff63706d19ba223 95a8cc7a097e891a5049a4f4ae9416b4afa89336 4bec193ac5584914ec823eacf7f5101de3f840385db5f0653c36e609a4f9bfac Loading...

	hicherri.com/f/71360wsmkhij	0 B	2023-03-07	2024-05-19
Pretty URL hicherri.com/f/71360wsmkhij IP 104.21.41.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 16:16:55 Times Seen37832381 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	xw.milordsupbbore.com/tu0kMwcuNvV175JT/62124	5 B	2023-03-07	2024-05-19
Pretty URL xw.milordsupbbore.com/tu0kMwcuNvV175JT/62124 IP 188.42.108.108 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:39 Last Seen2024-05-19 16:13:44 Times Seen7001 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

HTTP Transactions (13)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=G-2TL7NH453R

142.250.74.136

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-2TL7NH453R
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (101588 bytes)
Hash
2dd1ca4f657785d3850f34f6eeb9ad72
a8be92f1a93baf78a43cf59b8891f66c386a9c4b
21f7d611cfeeeaac0f8e5afdd109ac9811abc7cf16c121b145984bd917be4253

HTTP Headers

GET /gtag/js?id=G-2TL7NH453R HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 08:32:10 GMT
expires: Tue, 07 May 2024 08:32:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101588
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

xw.milordsupbbore.com/tu0kMwcuNvV175JT/62124

188.42.108.108

200 OK

25 B

URL GET HTTP/1.1
xw.milordsupbbore.com/tu0kMwcuNvV175JT/62124
IP
188.42.108.108:443
ASN
#7979 SERVERS-COM

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjectxw.milordsupbbore.com
Fingerprint21:9D:0E:39:A0:FA:39:43:CC:CE:F4:06:CA:5E:FA:73:76:90:88:7C
ValidityMon, 22 Apr 2024 06:27:57 GMT - Sun, 21 Jul 2024 06:27:56 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tu0kMwcuNvV175JT/62124 HTTP/1.1
Host: xw.milordsupbbore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 08:32:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hicherri.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Wed, 08-May-2024 08:32:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Wed, 08-May-2024 08:32:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

hicherri.com/wish_dark/images/favicon/apple-touch-icon.png?v=1

104.21.41.234

200 OK

14 kB

URL GET HTTP/3
hicherri.com/wish_dark/images/favicon/apple-touch-icon.png?v=1
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
14 kB (14386 bytes)
Hash
c41af652d0aacc20c50f21bfc575a85d
10c68a3261e74e37db73d889052dc94bc329907f
5d646cc00015083a5af78ebd95a48c8045dc711243d704b1293d9df97eba6c48

HTTP Headers

GET /wish_dark/images/favicon/apple-touch-icon.png?v=1 HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/f/71360wsmkhij
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: image/png
content-length: 14386
last-modified: Fri, 03 Nov 2023 12:06:33 GMT
etag: "3832-6093e55e14c6e"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o0s3ysFebjB66nVqWxXbFcNUwj9OWAKxDTegGeTGE9N%2FUFcp8rjkcSSfXN%2FV4zXzw3WVuJQ48RwtOXmgB4%2Bqio74uoEEuERQXxFRXwsnUyaEJUMJsHCCmIgh%2F6t%2FiEM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffdba3282756b1-OSL
alt-svc: h3=":443"; ma=86400

hicherri.com/wish_dark/images/favicon/favicon-16x16.png?v=1

104.21.41.234

200 OK

627 B

URL GET HTTP/3
hicherri.com/wish_dark/images/favicon/favicon-16x16.png?v=1
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
627 B (627 bytes)
Hash
852104566a39c0c95a6ac4cb08e145bc
ef075f389ad4625e5426b01db8dc0945114ca919
955ac708f9131264b25cde64a092e7b3e33d1f4730d2c675529e20c808503361

HTTP Headers

GET /wish_dark/images/favicon/favicon-16x16.png?v=1 HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/f/71360wsmkhij
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: image/png
content-length: 627
last-modified: Fri, 03 Nov 2023 12:06:33 GMT
etag: "273-6093e55e15ff6"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubnc1J%2FFXWV33fHYDQ5zQUnbdEB43tmPnOK2zvZ4VFepF2r1BhmVOWcuIqShOf%2BfyuL5EWGNBn54xaaj27mvcmvGp0%2BBr6nWbyDBPEL6cw%2F3lgFlhc5qt60n5Re3pDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffdba3282e56b1-OSL
alt-svc: h3=":443"; ma=86400

hicherri.com/wish_dark/css/style.css?v=37

104.21.41.234

200 OK

55 kB

URL GET HTTP/3
hicherri.com/wish_dark/css/style.css?v=37
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
ASCII text, with very long lines (392)
Size
55 kB (55287 bytes)
Hash
391921b362c0886ae7ece0a5f66fee44
84991998c18cf6cd2379be9e27715b6baa8215e2
cb9d5412609e9a02e24a2ae673d6609ea1b465bb6f4b2bcf9ac2c247ef57b776

HTTP Headers

GET /wish_dark/css/style.css?v=37 HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/f/71360wsmkhij
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: text/css
last-modified: Fri, 03 Nov 2023 13:22:24 GMT
etag: W/"4bb8a-6093f651d59e7"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NhJoqMT25LQ8SAcktff53fb%2BPiqz7oONoHHdcHkYDoCWa02T7aPGQ88RiYSqjCtlEj196Qs%2FsKBLJH%2FphKJt4BSbAb13QK%2FLvsbPdmFH1KVJPjgCJ4woRVIxcAAJCQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffdba15bc956b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hicherri.com/wish_dark/images/logo.svg?v=1

104.21.41.234

200 OK

3.0 kB

URL GET HTTP/3
hicherri.com/wish_dark/images/logo.svg?v=1
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
3.0 kB (2959 bytes)
Hash
6e4d6e8e38b260cab7fd6c3dcbbf8ec5
a9a95f7f55c0fa68d0fdd9d82879852d424a2b56
f5a0c1ed8f2ad69567fc69c6e373a428abe57230f4287fb848be3f81465eed00

HTTP Headers

GET /wish_dark/images/logo.svg?v=1 HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/f/71360wsmkhij
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: image/svg+xml
last-modified: Fri, 03 Nov 2023 12:03:33 GMT
etag: W/"1c5c-6093e4b1d7cbc"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NtkJLdLq8T8u4fZeiwUnce4SjiiI4C1yKPeG8w9kVEzhFS4eClMSazrP%2BfjDJZuuJl9nlNF0QOlSC%2B%2BvmCm%2F992nf2e3%2BcdMgEAMqQeSu7Z0cLX6P75YfWKtRQEp9ZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffdba15bd856b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hicherri.com/f/71360wsmkhij

104.21.41.234

200 OK

8.3 kB

URL User Request GET HTTP/2
hicherri.com/f/71360wsmkhij
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
HTML document, ASCII text, with very long lines (467)
Size
8.3 kB (8331 bytes)
Hash
13ce535a97ca6c3a1e6d3feefac8c7dc
bf0faabfc86e3b36f0ea9f0d493dc3de3bfb2e61
2d966b76558ec63d99c31f48e99d04db6def53cb5dae00161f663afdfbb5f808

HTTP Headers

GET /f/71360wsmkhij HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 06 May 2024 08:32:10 GMT
x-frame-options: DENY
set-cookie: lang=1; domain=.hicherri.com; path=/; HttpOnly
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBMJIkruURhqmHtzniDk68y6Y4HFW8CGcy6r31beZZlkd9uvG75tZdTJmOEl90%2FZIOuJogq1reL2JpboO7oVHBRoAQ081N%2FfOiZojJ%2Bj72FyD1cxSVJbZOsTea2b44U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ffdb9c2955b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hicherri.com/wish_dark/js/xupload.js?v19

104.21.41.234

200 OK

6.3 kB

URL GET HTTP/3
hicherri.com/wish_dark/js/xupload.js?v19
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
JavaScript source, ASCII text
Size
6.3 kB (6313 bytes)
Hash
5ea8e76c6915ae555ff63706d19ba223
95a8cc7a097e891a5049a4f4ae9416b4afa89336
4bec193ac5584914ec823eacf7f5101de3f840385db5f0653c36e609a4f9bfac

HTTP Headers

GET /wish_dark/js/xupload.js?v19 HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/f/71360wsmkhij
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 02 Nov 2023 14:17:50 GMT
etag: W/"2838-6092c0d88c51a"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6tQJ5bdo4MjhbzTWprE4aL15aVP0knXFzUqEjDhFtuRdLDiX8abW6XVXf48FZQggtJSkz4eA0uIJA6fXzOpJlHFQ0BMbFbrKUD%2B7xjnvAgGi%2FcjO9VJURWeFpKH1920%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffdba15bd556b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hicherri.com/wish_dark/js/app.js

104.21.41.234

200 OK

120 B

URL GET HTTP/3
hicherri.com/wish_dark/js/app.js
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
ASCII text, with no line terminators
Size
120 B (120 bytes)
Hash
ffa99c7e3202a8c0e9820d78e7a3c118
b1528344fb8268362b42502f698dbfba2a5403ee
4616f6164a541a9b7295a01908412c6f4e6d1000aa1602d5cacd07a631cb165e

HTTP Headers

GET /wish_dark/js/app.js HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/f/71360wsmkhij
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 02 Nov 2023 14:32:35 GMT
etag: W/"78-6092c42414f2a"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3qZ5VSCkKSYD6%2BkrEUjeYv4RneFKqIQPA176V6hmN%2Fq5quYcj7THbkD0UKFqiYK4cJmdyZY88hP5I4kkyTVsbeIkN70id9jQvwcIlnPMOP5GIr0EVNorKWaXWF3ufCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffdba15bcf56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hicherri.com/wish_dark/js/jquery-3.2.1.min.js

104.21.41.234

200 OK

87 kB

URL GET HTTP/3
hicherri.com/wish_dark/js/jquery-3.2.1.min.js
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /wish_dark/js/jquery-3.2.1.min.js HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/f/71360wsmkhij
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 02 Nov 2023 14:32:37 GMT
etag: W/"15283-6092c4269071f"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5l7fJbABMWYvk%2BnaKJ1yCidmLcifxcZja3l7bAQRN1d27SdCEQXWBm3d7o9JMCN6B0R91npLVIOmMXChIRBlmyQ0JdjOs3JEEsUmjzFr9%2BInxSnoigR9mkY1zBrHLNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffdba15bcc56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hicherri.com/assets/jquery/app100.js?type=mainstream&v=2.1

104.21.41.234

200 OK

6.1 kB

URL GET HTTP/3
hicherri.com/assets/jquery/app100.js?type=mainstream&v=2.1
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
JavaScript source, ASCII text, with very long lines (6269), with no line terminators
Size
6.1 kB (6098 bytes)
Hash
94e313207b038250f2cc57766e38bba3
f9840ecf6feb5bc5bf91e84d900734846dd32637
6b48c86a68e254e54dddcee4132df659b37bfee12aff66bd8bb5e32d440410e0

HTTP Headers

GET /assets/jquery/app100.js?type=mainstream&v=2.1 HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/f/71360wsmkhij
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: text/javascript; charset=UTF-8
expires: Mon, 06 May 2024 08:32:10 GMT
x-frame-options: DENY
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 16:24:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdSzyQyUoJYsHXvZ8Qz%2FyYQAVBDHT%2Fcx%2FFAZ3KGjwlZmZ%2BTcxdWBsYRHWcnn4GTg%2Fvkg2DJ%2By3PYtIGRTgxJ1LB27yMgfBrrLtbN%2FXADVK6qrFurENsQk7t3%2Bl5%2B8s4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffdba16bdc56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hicherri.com/wish/js/bootstrap.bundle.min.js

104.21.41.234

200 OK

81 kB

URL GET HTTP/3
hicherri.com/wish/js/bootstrap.bundle.min.js
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65292)
Size
81 kB (80599 bytes)
Hash
e8890063e097beea88fd37621217af9c
bff78dd9c02a5008ab43642948739ce58c761b21
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2

HTTP Headers

GET /wish/js/bootstrap.bundle.min.js HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/f/71360wsmkhij
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 15 Mar 2023 16:39:00 GMT
etag: W/"13ad7-5f6f2fb2b7100"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bX0r%2BTWC4wnFkjra0jtxoMmk4TL4FryEOArE8KOJD%2BcJxEWWVjUr3pE3nIgCP1Q58fV1CeNgF1%2FzS%2FtnTkTxdhhfWddBk73p7lQrVESQFQR640QvyYL4WbQteQZ6s98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffdba16bde56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hicherri.com/wish/js/app.js

104.21.41.234

200 OK

120 B

URL GET HTTP/3
hicherri.com/wish/js/app.js
IP
104.21.41.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hicherri.com/f/71360wsmkhij
Certificate
IssuerLet's Encrypt
Subjecthicherri.com
Fingerprint10:D5:75:DF:E7:0D:D0:D0:9F:62:3C:74:8B:1D:A3:FF:10:F1:F6:F1
ValidityMon, 29 Apr 2024 09:59:29 GMT - Sun, 28 Jul 2024 09:59:28 GMT

File type
ASCII text, with no line terminators
Size
120 B (120 bytes)
Hash
ffa99c7e3202a8c0e9820d78e7a3c118
b1528344fb8268362b42502f698dbfba2a5403ee
4616f6164a541a9b7295a01908412c6f4e6d1000aa1602d5cacd07a631cb165e

HTTP Headers

GET /wish/js/app.js HTTP/1.1
Host: hicherri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hicherri.com/f/71360wsmkhij
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 08:32:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 15 Mar 2023 16:39:00 GMT
etag: W/"78-5f6f2fb2b7100"
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGNrKxESvL4sFOahgur5n9oJ%2B7aWCsQtVZOzdbOFZu4aaCkmZEwliCZL7krS9JsCbJ8LE2Q1t7dBHZLxz8niASKAm6RfYVGoj7cbTWUcWWveHFOV7GjJOPCRD3PctzI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffdba16bdf56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML