Report - hopewex.com/home

Report Overview

Visited public
2025-06-04 11:30:09
Tags
Submit Tags
URL
hopewex.com/home
Finishing URL
hopewex.com/
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Title
HOPEWEX | Open the world of luck and rewards!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

116

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
hopewex.com	unknown	2025-05-27	2025-06-02	2025-06-02	52 kB	2.0 MB	104.21.32.1
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-05-28	5.7 kB	466 kB	104.18.95.41

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed
2025-06-04	medium	hopewex.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (108)

	URL	From	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 0f5f70c663ce280f24eaa73cadd43f70 17560928e2887c4d7e8a13fe8c046cc6080d1838 a4528e6c1fa74ac6d7ac9adfa26c0cc90143c18ba167053cdb6df2e1e38595e4 Loading...

	hopewex.com/fbq.js	ScriptElement	408 B	2025-03-19	2025-07-16
Pretty URL hopewex.com/fbq.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-19 10:41 Last Seen2025-07-16 13:10 Times Seen385 Hash 0b834c87557376668b3c3fde729a8db5 872448d973ce02e75d52b31641d961601167d04c cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469 Loading...

	hopewex.com/home	ScriptElement	4.6 kB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 325236725e5912d06a5bedcbae640fa3 b9687333b80970278041cb2686a5c3bb99718f26 4434d201d963f064d6189a90cfacca35702b1440d67d431a446ce3f3a5f1b175 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	hopewex.com/_next/static/chunks/main-app-df523c8931f70c0a.js	ScriptElement	464 B	2025-01-31	2025-07-16
Pretty URL hopewex.com/_next/static/chunks/main-app-df523c8931f70c0a.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-31 10:41 Last Seen2025-07-16 13:10 Times Seen396 Hash 780f1f062143f470ccc751e8e9d0ba05 c9deba27d87d3e1b411b741a1d7249479fe500b5 82b916c2ff6e9ac8cdc115f596700aff44c67c4cb3fcae2c6dad80a6baab40fa Loading...

	hopewex.com/twq.js	ScriptElement	308 B	2025-03-19	2025-07-16
Pretty URL hopewex.com/twq.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-19 10:41 Last Seen2025-07-16 13:10 Times Seen385 Hash 7f4d9e824f13f7d27acdc868f36f7208 125a712d37aefe5d3e52ce2ae8986e109eb473de d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=94a717e02fb40b3d&lang=auto	ScriptElement	123 kB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=94a717e02fb40b3d&lang=auto IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash ee9fa01f1c545e2962ed0226be8b1ba1 482aac4cd0727df0bd79983c8b48c5afc0ed9207 97aab42ca67ed2ee3d57386df1d9fb6c0851117388533479dd326539a6533217 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash c7824a6fa643365d165ea6630b5e2f57 720068315bec3cada189f613c37e978b05ce49ca 87c978d6d2b29a3c6d4130215ea75ea65f09480d490d938d17ff40cbe2a31638 Loading...

	hopewex.com/_next/static/chunks/app/(landing)/page-1e1e95bb992002f2.js	ScriptElement	19 kB	2025-06-02	2025-07-16
Pretty URL hopewex.com/_next/static/chunks/app/(landing)/page-1e1e95bb992002f2.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 08:03 Last Seen2025-07-16 13:10 Times Seen368 Hash 00f581ab6b3ba4d53e971b431f3d56e3 fae5088e4b4fd764dde98a05b5f28a70caef25f5 9453d067eb2e0b36c16c90060524bb0ccaed5aaeff960fe196c16383c63604ed Loading...

	hopewex.com/_next/static/chunks/9157-1ba04d5623695b43.js	ScriptElement	159 kB	2025-04-05	2025-07-16
Pretty URL hopewex.com/_next/static/chunks/9157-1ba04d5623695b43.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-05 22:58 Last Seen2025-07-16 13:10 Times Seen381 Hash d07df211aa09f7a327fd8f7536b1f0f1 5e3565273ec641ac5cfd756f5a472cab88fb2fbf c9a61872f0519908e071b9a59fef73f722cfd24c6b3b2800b82a5d8edef6705a Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	94 B	2024-12-12	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-17 09:58 Times Seen46307 Hash f47389d2f1abd47dbebeef3e2d3ae8a7 dde5aa75f9a647e73d3e2d3fdda68898f850f72d 30893b81b3c71cdbd5cf34b54fb52f8eef50b27d8a3f2498a28d2b89bd987fda Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 3dd2cbfd7a0e35c84c0ee68883088478 037acf3d9d861e1cd0c904b0b8af8253b013532c c2257600ad8f06807418a91793419c9662273f83f96d0dc39742fd7af5b1c09f Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash e14550c927109820d5525ef6b0eb7553 c7cbd9717e0069fee15f4190dc4fd4e641c6cdfc 38a34a9dc7c944f0756bdea73e19e24fddfc477c9fa7620f51a6422e2aec86ed Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 256502fae3d12dd2fc6ee06421ae3cc3 36c6335e4ea88f974dce89b6e2997c1b4ca90b85 9cdff9e712d3677bcc59491929e7580e1c4ff73c035b2caa4e6257d27b348477 Loading...

	hopewex.com/_next/static/chunks/app/(landing)/layout-ca81564ca7ab2f8a.js	ScriptElement	226 B	2025-03-19	2025-07-16
Pretty URL hopewex.com/_next/static/chunks/app/(landing)/layout-ca81564ca7ab2f8a.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-19 10:41 Last Seen2025-07-16 13:10 Times Seen386 Hash 7a5367f9275c124ff441c9f2dda2be9a 56f8efc747406730e680b5583b239301797b3f64 0d653de16d82ad5663b217d4f67165a5b6d771a51a38c219689792e8566c0eb8 Loading...

	hopewex.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=94a717dc5f66b518	ScriptElement	101 kB	2025-06-04	2025-06-04
Pretty URL hopewex.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=94a717dc5f66b518 IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 8f861ac7ba164e1c0fd50c13a9488fd3 f90aef56411d3f0c0eccd500efe90328eb45fa68 e90d9228721e310e3aa8d49fbaeeac76faf9332c298c69ba618b082dcf5cb6b5 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 702be96852451b9d68be4253f8444d00 319ae904a564b4883c79a12277609b1caf0ee27f 0cc27ef77883915e60cd764d5bb0666569ac971140acac4c416f856cff8326f9 Loading...

	hopewex.com/_next/static/chunks/fd9d1056-da5caefe92cdbb5c.js	ScriptElement	173 kB	2025-01-19	2025-07-16
Pretty URL hopewex.com/_next/static/chunks/fd9d1056-da5caefe92cdbb5c.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-19 23:51 Last Seen2025-07-16 13:10 Times Seen439 Hash a2e6693b6b8e2ae5167ce7ceb21dd431 625b83e4cdbc0bc71ca90f7de6633000d5908f96 a87677f28d0d640a628d81e90ec37a86c6674c1c656277318f17b14c9542d045 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	ScriptElement	4.5 kB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash c7796afce25f72486882986a8494d5d0 ed7f841233dc25a18fb60213b98e88377a94a55e cd191c112154d168a49e4f377e62a0332840c88991f7238bcb63a10d43333116 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 0b3c767ea3672c796a80773cfff4d087 47eb88e60512bd1fd42e9146e007ab02736218cd 40cd6f4383145a0f89da7198d22ded62ffac7c4b607fc32feb43cb4f445a3126 Loading...

	hopewex.com/	ScriptElement	72 B	2023-10-09	2025-07-17
Pretty URL hopewex.com/ IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-09 10:35 Last Seen2025-07-17 09:58 Times Seen17770 Hash b40cdc025a72d0b516bd11d9ef0a1776 9cd34b30af473b8071638d82dcacef0373194aaf 43ef2d3ec8d5b620ec8c5fc2bfc14c3a9836620f75a0a14a0c025ab753cf6f68 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 6dedeb6871da9adeaa8e9013b76edb40 14da139805c30df11a00d964dacfd3a66d4ce045 8cfb304cf561f99fa565152b8f01992f7dddebb9c252d306d3ac391459c26d93 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 983cca87e639b33a186636e7ccdfe5a7 91a179938f38c2f9808adcdaa0256ced4ca2a565 6b57677a28e30ed92e1ec083993f633a697d37ee3870c4875de41ea01a771b8c Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash dc5c0e534b76b9d417b38a806516beb4 263adb0467719d9e8d0aa80ed06b30bef61a06f8 f937e36e275e2a3fbb7158093e143a6b26a9394f765fadd66df66968656b9b76 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 8a2ed69c20157598f203ac891b382056 953d1a6fbd1607907fe7da6038ad56349b1ada59 0c5c6d98f7de463906e99f4c895ae4b4084d5f59df03c30f7d5094680e5117d0 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 2d15ab8abeae3263fe3758f97b8d1e6e 94cd11096e70ecfe0ee55b7d58242c53c61c8256 2fb9668a656ce008b0a3f06da7cca862dba02b917affcd101657eb23348aa90b Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 98e91784233cd2d2eb69bebbefb817b5 9ad1f598d6a86ca8cd0a09c6aa704ebb75a13fcd b671b92e5d3ee50f667326e677c863f0be2027a5c22a040c8589eae45d1168d3 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.0 kB	2025-03-02	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-03-02 18:12 Last Seen2025-07-17 09:58 Times Seen42030 Hash 6934d9d33cd2d0c005994e7d96d2e0d9 96d89030c1473585f16ec7a52050b410e44dd332 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Loading...

	hopewex.com/	ScriptElement	446 B	2025-05-09	2025-07-16
Pretty URL hopewex.com/ IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-09 22:20 Last Seen2025-07-16 13:10 Times Seen371 Hash 9d9abcaa5e5887e2fbff3fa92f3b7563 4276dc3f4863528a100f9ac7575061196d4abfd4 33b24e00e382f4f2f44e0123f63d0cabad20202830b102c6783a654761265735 Loading...

	hopewex.com/home	Eval	4 B	2023-03-07	2025-07-17
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	hopewex.com/_next/static/chunks/1651-0f34a84826c83a79.js	ScriptElement	11 kB	2025-06-02	2025-06-04
Pretty URL hopewex.com/_next/static/chunks/1651-0f34a84826c83a79.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 08:03 Last Seen2025-06-04 11:30 Times Seen2 Hash 94484ec446e252c8e0edc671573c2c22 43a5b29e56d2e60b6847e5c6ce61582cb849ced6 de17e472189f9b0699d1ea295cc1f84b20abf9587a31b705c558e010c4f08fb0 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 6544eb85befe623d1e7d6adf739c3380 bf3734041f7c7862becd5cef18bb14f25f00a704 cbdf7a4b95cc9563375acee3c652d8de73533dd9dcf9dfcea675da768f755cc4 Loading...

	hopewex.com/	ScriptElement	506 B	2025-06-04	2025-06-12
Pretty URL hopewex.com/ IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-04 11:30 Last Seen2025-06-12 15:42 Times Seen4 Hash def216f63eab2fc230adabff70ebe25a 32bd9171105540d920f67c8c5bb541e23d900919 fda150e07c591aa0fa22e441563efea63cb0bfc0f3244ed0f3c206ca662e136d Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	976 B	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 648c4218182b19ff57dc6bb829babcb4 ce298e09e4a971e36872e5ca5c4be5fc9c00192f 7e21a0cb267daf72d0095b31f7955918466dbb303db1480ee6be743f778f0141 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash eabd59b5a4fb6acc38f1050a16f4ee51 827e703268302f4a9e1c5fb8928a3a2154e9af2e bf454b9584c5f7154fedba2e456fdcf674859094ec29ddc7b6919e5c83c915e6 Loading...

	hopewex.com/home?__cf_chl_tk=6CMyosZhx05RIATPcoTi_5XgVeEyhZeAwD9oyWFOsW0-1749036574-1.0.1.1-Fu7MBPCFzxxaE4CVXsdRi3quVMuKXuKhL8D_h5k9574	Eval	1.0 kB	2025-03-02	2025-07-17
Pretty URL hopewex.com/home?__cf_chl_tk=6CMyosZhx05RIATPcoTi_5XgVeEyhZeAwD9oyWFOsW0-1749036574-1.0.1.1-Fu7MBPCFzxxaE4CVXsdRi3quVMuKXuKhL8D_h5k9574 IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-03-02 18:12 Last Seen2025-07-17 09:58 Times Seen42030 Hash 6934d9d33cd2d0c005994e7d96d2e0d9 96d89030c1473585f16ec7a52050b410e44dd332 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 2692259e325840b65c7113b79dcadebe 94feb074444731da463153cd42a3b51d812084c2 9400a0a4e3c0bf8fd4569a5157c62f4f7f0f0ef7fae766fdfbe87f03f1673482 Loading...

	hopewex.com/	ScriptElement	3.9 kB	2025-06-04	2025-06-04
Pretty URL hopewex.com/ IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 9bff04e59b2160b781c46ce5bcc4d82a c69dde5c78d3b37f14a772478c326ab9720cfc7f 3794deebff5c48d5ed0e0a1f58caea50971945b881a2e5a10a24b5642bc5b493 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	hopewex.com/_next/static/chunks/2117-75e95bc6d3a97fd2.js	ScriptElement	124 kB	2025-04-05	2025-07-16
Pretty URL hopewex.com/_next/static/chunks/2117-75e95bc6d3a97fd2.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-05 22:58 Last Seen2025-07-16 13:10 Times Seen389 Hash 8ea3db30a77daa398d15e1302f875c75 f815f87fbf3257bb181bc04980c6e9b71f2e81d7 910e0627398328c246392b8338a7074e03266ff173a8db30c7fa4f58f166538d Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash d96ec2682c6d28a05412f18e5c90c1cd 7a70718d0ab23aaf0417c33ebf9ffd7ddae1898c ab2b4f19c93b6c8ec7bf4760f7b7228ec7a6b1097cbb441a969a61340348222c Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash b92cd64789ed3a1448e2954289831f17 a6c757d5868b15c58778488b24a04701a979efed 98676517f21677f31e1cf59f0447e2b34a6edf8acc6d06789493efb7482defe7 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 9ca22707a19b8bcf07258bd87be9214f 16bd66f974eb2110513894c0f906d783dfbc179f 074b835c6763a62ced3f7a23705e91c6f01f61428f9ce570835f5af9a71edf99 Loading...

	hopewex.com/_next/static/chunks/app/not-found-7e7b0b0e9b8f6570.js	ScriptElement	822 B	2025-05-09	2025-07-16
Pretty URL hopewex.com/_next/static/chunks/app/not-found-7e7b0b0e9b8f6570.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 22:20 Last Seen2025-07-16 13:10 Times Seen376 Hash 2f06c2493bc081c4707fc2a5550cac9e 1cc684e94cf0e085930adefddbe86e95d19e8812 c483c4dab60c2392af4262eab448f856bad96b430e9fa6ac6bc7babbf05d6d40 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	hopewex.com/_next/static/chunks/5868-364f7d76599cd252.js	ScriptElement	37 kB	2025-06-04	2025-06-12
Pretty URL hopewex.com/_next/static/chunks/5868-364f7d76599cd252.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-12 15:42 Times Seen4 Hash b7384604f6eb421e0456259a2b61b244 fe3494baf11554d6aae5c9ecd75ba3327d9d7daa 6a9d9056add0423014c383a61fa88273e211dc53a3cb64bb809e009be6932e72 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash b6849889c590eca094059182f06366d3 aa327e9b1d85cf15f9b5bfbae6d1a4a4f2ebedbd 041eaa516640a4877e79f979ec953d387042c7b43e6d5452cde502768bb0a7a5 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 174d80c8baedf677d22ab309cc5ace79 5abd8b8f2e6e25f77aef6459c01f26ae01921f44 da03d2b552f6d717a30b68ca576120c75af845bcf5db3d2f9fdabe14b4aa621b Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	16 B	2024-12-12	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-17 09:58 Times Seen46355 Hash ca897fb253cc8807c5aafc947eb02fb6 25137d68712ada7d3ad424c80bc0d688a696f7bb 57f9c536daa79c4d770534dbafbe2e7b2b2aa48b9eb2617b4e670b8a78a4a4ce Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash b81f47d5d49da8c6fa33461bafcfa5f3 b60effde38454d8d7a9669fbaaabdb16164512cc 97cd82186b9058fcbbf456f6cbdb89a3721c02ffc1f11efc60bdef0cc875a6f9 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 01db4d4ec9f59912ef9dc143d86979f1 b4c315997fc4a0fd01f481448816bbf0a2cea3b2 3bfd62d6399f5406faa128ee25c8d49ee39946d9e64c469e292240d57a0ff798 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 461ef92e3ad3bce50a190ccd8a591e90 02952b79c85ad15740f6f762269265dc3d585647 e2765733cd27f192a8fa57ac93d5617f4aec3614619f3137557e9805f1e79fe3 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 15cbbf5c7c91d2ac7af1338aa2bcdc2c 7d699b8d94d043a03295ad95ebe4394e32bc57a8 bd7e9281a94c3ff4c5a55f657307e1f39a78866a008be00abe9582583ecaaed8 Loading...

	hopewex.com/	ScriptElement	636 B	2025-06-04	2025-06-04
Pretty URL hopewex.com/ IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 1a7e61b00ee13060d53821f2c142ccb5 f03413829beeabc73079d9f9905c94dfbd704d46 734f506e358318855845588c2517879f2bca4e6e7803a16db031ba1bdd51bdd5 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 443427293beecb9867179fd0df781510 bbea2ea2db405722ef1e9d9badc7a5d4609e9d08 864a0f4cbdd36d740963fa4c9f368ad8dd32d259af40edc493029cf58531cac7 Loading...

	hopewex.com/_next/static/chunks/8003-35d6c4e938d60f65.js	ScriptElement	7.1 kB	2025-03-19	2025-07-16
Pretty URL hopewex.com/_next/static/chunks/8003-35d6c4e938d60f65.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-19 10:41 Last Seen2025-07-16 13:10 Times Seen388 Hash 8014900ea0b06de9aba6c034a95c2e68 f5f9791bc97c1a2973734e6999868eb15e2096e1 bb2ba96a789f1f0c6144a6d6ddba4a09c139b4060a1c9e97af56538d29415c2d Loading...

	hopewex.com/home?__cf_chl_rt_tk=6CMyosZhx05RIATPcoTi_5XgVeEyhZeAwD9oyWFOsW0-1749036574-1.0.1.1-Fu7MBPCFzxxaE4CVXsdRi3quVMuKXuKhL8D_h5k9574	Eval	4 B	2023-03-07	2025-07-17
Pretty URL hopewex.com/home?__cf_chl_rt_tk=6CMyosZhx05RIATPcoTi_5XgVeEyhZeAwD9oyWFOsW0-1749036574-1.0.1.1-Fu7MBPCFzxxaE4CVXsdRi3quVMuKXuKhL8D_h5k9574 IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	hopewex.com/_next/static/chunks/app/global-error-fe201d1ef534f112.js	ScriptElement	1.4 kB	2025-05-09	2025-07-16
Pretty URL hopewex.com/_next/static/chunks/app/global-error-fe201d1ef534f112.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 22:20 Last Seen2025-07-16 13:10 Times Seen372 Hash 8ca48ed0d2a1a5682754bac07d67d8fd 7c9f9f86aee10c66b96aa5ef12159df0e36f0cf9 a70d13ae98e69275eac6f58c2d6aa8036ace599fc4e72660df186ad6127acc9b Loading...

	hopewex.com/_next/static/chunks/659-0563095c51424ee6.js	ScriptElement	17 kB	2025-06-02	2025-07-16
Pretty URL hopewex.com/_next/static/chunks/659-0563095c51424ee6.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 08:03 Last Seen2025-07-16 13:10 Times Seen16 Hash 915dd0e6f0873b3dde703a643b8ff666 ae53d2846b02817d569131fdabcb0c5318eb3a56 ec92e87e8f788a2f3f164e4a70af749f030a12c56850d06ba10cc5971cc3f4a3 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 26f8a610dee5813152aa7a2ab5f541e1 15a695ae2f36078e17245557e7a9d8d9ff2b9c0b f3cdb43fdc2f7f95a3378dc16013afefc2e06a74535ca4382c6b290657e9cc8b Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash cb05841ee54910385a513f47ae2ca88e 1990e6fbc5d5391125bda0b8e694b85210f2b868 cfd988eb935b60e98d6b49a550e1a9018ec845327e0dd599e42575556a9fd18a Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash b6d45f21440c39ec91f497bd93631a84 df66f939088fc7f28603854fc225bae6c28931b4 6acff0014a67ba590934b1711322913142403816f2dd2d38c1ba29079cce684b Loading...

	hopewex.com/_next/static/chunks/webpack-1fe59a572382168a.js	ScriptElement	4.1 kB	2025-06-04	2025-06-04
Pretty URL hopewex.com/_next/static/chunks/webpack-1fe59a572382168a.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 61bf53445cd31458a77fd69f6a71e268 8e598d4d25bc14b5e3857e7f2f03e5c65b828f23 f083221fef95e32e8af6aa16fd5a41c2f1386de189f9e8ed41eb71ee585ebe8a Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	14 B	2024-12-12	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-17 09:58 Times Seen46672 Hash ff03fc8f0c3179fb4dcf4389f88a1c16 05ff911d7ddf2d7c14b4316a87fd08f42c618f9f 025229ec6bb50e915572750c5045d22c5fe16851fd077f1411f41b19aa1dfece Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	14 B	2024-12-12	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-17 09:58 Times Seen46922 Hash 33ff6022e88df59f8dfc9eb546435e9c 7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4 a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a Loading...

	challenges.cloudflare.com/turnstile/v0/b/65b4351086ca/api.js?onload=tjuT4&render=explicit	ScriptElement	49 kB	2025-06-03	2025-06-05
Pretty URL challenges.cloudflare.com/turnstile/v0/b/65b4351086ca/api.js?onload=tjuT4&render=explicit IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-03 14:55 Last Seen2025-06-05 16:57 Times Seen1457 Hash 28f0b425a88f4d4b022c3a8a1ffb9dca 8efe5b5f3dd25fea437338515978c2fe74c009ad 9821825ee09b693d639254f3b03533464c19748dd03cab160eb96ea0f40ec926 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 8b30f5e433c6acac910acafeea162f6a 24c85173f9ac502680a0ded3d5fd688bcbf83fe2 1e4a323942f4476b71be2b8e5435598be7b1c59150c04847d66e506ee5167a20 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 03546e551bc0eb9a26243e9492e8ddb0 eb623ca63e7c2eebe2ae989a3c9f38d50541e34e 7c0a9dd093ef3428d101a94b70869fda7a69b98c7ce7b16bebdcc4ba8bbf8f48 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 2e66f9239b6f54cc41b45c2260068428 e68d14119b5974e3ade103e43b1826e44d7751ca 6ad99ae401ed5f9f1bc81a3785191c7d7e041e76a48718b1d3f8a192ffa7930b Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 9b441369782b225fe9af7851892137ab cc94e3d4f842cc15776b7e3fe559c42074c15bc7 cb94cf964a2ba473035cd6290f68b5798291596e88ebb4cfe49e00ae5720f2bb Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash a37768056c1197cc9d1e151a1541268e 0e3e25079d1b724854163abb0700c896f4457c24 6be4bbd4e4e054e1cfa9ba08c96d715c4fd08dd70438e0270675ceaa162475b0 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 9738b3a5a8731f7d5a7d5174e0408fc5 f52c39f03aaa93a34eb7f39388ace73ec5aa36d2 b205b8be863a055241db7587c7538ad0c6b70162eef6cd8c3fb43b66d83afa51 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 8f60199ab7efeb7cf41707ab375e611e 9c0b3820294378c285beca0e53f681d72385e75a 9ddb445c4776d344a08139c388fb023524831b26514385f1eb5b772aaa126b18 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 6c067fca400de584199d975ee9ae8c59 713d2c4e258a0dd784bfb58667fcae4798185c90 e43c2b108c2ec7841fb20ee1699541ce5591a210e9bf30480547b4ea6f891402 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 5c51f97dd92e0d9346ee70b40f7b964f b1fcf7c66486d765ad5813c97020fb39ade64106 f8e09d47134d91d5fc4de73f3a636cdf9077c7dca8e22260cd06bab258080801 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	hopewex.com/	ScriptElement	393 B	2025-06-04	2025-06-04
Pretty URL hopewex.com/ IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 5505d5ff14ae3eaac1e505a2c8574482 4c631f771c4aa0c3f3cf7e5d3782ff28cb85b823 00647df9a7187f4ec4023c4e7ddc101d20e36837b6f1f0337e204a689bbfb032 Loading...

	hopewex.com/home	Eval	1.3 MB	2025-06-04	2025-06-04
Pretty URL hopewex.com/home IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-04 11:30 Last Seen2025-06-04 11:30 Times Seen1 Hash 42f7ffe3d66b786aa44e2a2db8ede1b6 649de068c02a8eb1d7b101e69de808132b87237e eb85ed8695fb6d53116129a1eee07cee0eced92a24c2784043cbb4f7af59cae7 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	87 B	2025-02-20	2025-07-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-02-20 12:03 Last Seen2025-07-15 10:35 Times Seen17569 Hash 1d2acc5165080dd018feaf08ea69e588 26698128d62a4d0c2c902723f8eb8d62043dab06 6d5c9f536080a954f2b1bfcc1f1273fda5a5d464111900b8fe9c7c49c6f2b9dc Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen418873 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07 01:03	2025-07-17 09:58
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-07-17 09:58 Times Seen107040 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (66)

URL IP Response Size

GET hopewex.com/new/custom/drake.svg

104.21.32.1

200 OK

994 B

URL GET
hopewex.com/new/custom/drake.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
SVG Scalable Vector Graphics image
Size
994 B (994 bytes)
Hash
9157fc1e16230982704a52c10d132cfa
e59fc00b313f92e0287ece46eeeb873c4617a079
6fcb1ca10c1306014c803fff33536479c191a46759d284173b9613abe95f8b1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/custom/drake.svg HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpsxCaH3KAfmjeRhtSAHpdsdw4m96IM8PhOS06S1etx5SCNtlPG%2FrBYPo7CRxkbid8dv3AtGh2h1wtTfV9lppMWmbUxxxPbHg8%2F9dqDQf2vaeiGrDPXnC%2B8YG4LD7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
last-modified: Thu, 06 Mar 2025 13:31:53 GMT
etag: W/"3e2-1956ba7cc8c"
vary: Accept-Encoding
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 94a718339bdfb500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1546&min_rtt=562&rtt_var=652&sent=431&recv=219&lost=0&retrans=0&sent_bytes=309629&recv_bytes=51037&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14253&x=80"

GET hopewex.com/_next/static/css/317691348e35dd2f.css

104.21.32.1

200 OK

2.1 kB

URL GET
hopewex.com/_next/static/css/317691348e35dd2f.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with very long lines (2131), with no line terminators
Size
2.1 kB (2131 bytes)
Hash
c66423fb88d7272cc42515b5c255800c
622df8403db965331f0108ad5e532c6a1831fd1c
28de71941d77d94d371ac216119d39292e7a92b5baf7c36feede5a4db9cc4437

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/317691348e35dd2f.css HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gA51ebLM7eD0h1obVDgeDtLXhdzaBqiEkQB%2FTkXKSvXldN5QASmUHFrLBU2BowRNxLXdJdEon7y5yZxd2m3TiTKblWJ9CYWxvjkuyslivqHNAuzUHTjv29ZxWAMJrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"853-197243ee26e"
vary: Accept-Encoding
content-encoding: gzip
age: 300189
cf-cache-status: HIT
cf-ray: 94a718339be3b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1700&min_rtt=562&rtt_var=1136&sent=253&recv=200&lost=0&retrans=0&sent_bytes=122578&recv_bytes=38778&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14116&x=80"

GET hopewex.com/home

104.21.32.1

403 Forbidden

7.1 kB

URL User Request GET
hopewex.com/home
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
HTML document, ASCII text, with very long lines (7068), with no line terminators
Size
7.1 kB (7068 bytes)
Hash
c842e78216bf463c56b19119285af542
b76b742720c7b621b399ee75968b6b1c9e57adbe
64e9301bc480b82400f15716869000cc910dbd7b3ac6c2ee249e84f4bfa21045

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /home HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Wed, 04 Jun 2025 11:29:33 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 94a717db4de5b518-OSL
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6aWa2j7NgWvP%2FtL7T2LWZ0uqKonbpnDYVmz15HbOXkEsasEAdVOvDZPV8kIf%2B2Hxcma0t3S%2FRwPymBf%2FWFBQXWduD%2BE%2F5ZxOhPAqEIT8L5dATvsxu3AVCMoT26uxTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="94a717db4de5b518", cfL4;desc="?proto=TCP&rtt=525&min_rtt=453&rtt_var=157&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1125&delivery_rate=6522522&cwnd=253&unsent_bytes=0&cid=ae1345807cbbbd14&ts=39&x=0"
X-Firefox-Spdy: h2

GET hopewex.com/_next/static/chunks/app/(landing)/layout-ca81564ca7ab2f8a.js

104.21.32.1

200 OK

226 B

URL GET
hopewex.com/_next/static/chunks/app/(landing)/layout-ca81564ca7ab2f8a.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with no line terminators
Size
226 B (226 bytes)
Hash
7a5367f9275c124ff441c9f2dda2be9a
56f8efc747406730e680b5583b239301797b3f64
0d653de16d82ad5663b217d4f67165a5b6d771a51a38c219689792e8566c0eb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/app/(landing)/layout-ca81564ca7ab2f8a.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2BD2Xr%2B1EiaYk7l7vbS4d1oO7yTCeD4W7XbR83LJRWjZlrPembIpUlGt2iQ82vY2z8PgVX9amrkeJWhbLs3wEZcicuNsiDz%2FUL9FbRNxMn9m7BB3byE05QR9LyGyCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"e2-197243ee24a"
vary: Accept-Encoding
age: 300189
cf-cache-status: HIT
content-encoding: br
cf-ray: 94a71833abedb500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1524&min_rtt=562&rtt_var=952&sent=267&recv=206&lost=0&retrans=0&sent_bytes=132366&recv_bytes=42585&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14122&x=80"

GET hopewex.com/_next/static/chunks/app/not-found-7e7b0b0e9b8f6570.js

104.21.32.1

200 OK

822 B

URL GET
hopewex.com/_next/static/chunks/app/not-found-7e7b0b0e9b8f6570.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (822), with no line terminators
Size
822 B (822 bytes)
Hash
2f06c2493bc081c4707fc2a5550cac9e
1cc684e94cf0e085930adefddbe86e95d19e8812
c483c4dab60c2392af4262eab448f856bad96b430e9fa6ac6bc7babbf05d6d40

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/app/not-found-7e7b0b0e9b8f6570.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aANEpZ648xRMF52OuiPcJrxx78hgjG6hE4%2BOEScKXUfGeehYR3Ab1Z7CWzqjIjvOuZA7tO2wlg4%2BXsPyCvpCsYExqVFiypArwpBZup19fS01Cxor67UkT3RflB6zow%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"336-197243ee24a"
vary: Accept-Encoding
age: 300189
cf-cache-status: HIT
content-encoding: br
cf-ray: 94a71833abf0b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1426&min_rtt=562&rtt_var=909&sent=316&recv=210&lost=0&retrans=0&sent_bytes=184044&recv_bytes=46379&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=51600&unsent_bytes=0&cid=3174b6042b2f0118&ts=14127&x=80"

GET hopewex.com/_next/static/chunks/5868-364f7d76599cd252.js

104.21.32.1

200 OK

37 kB

URL GET
hopewex.com/_next/static/chunks/5868-364f7d76599cd252.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (36869), with no line terminators
Size
37 kB (36869 bytes)
Hash
b7384604f6eb421e0456259a2b61b244
fe3494baf11554d6aae5c9ecd75ba3327d9d7daa
6a9d9056add0423014c383a61fa88273e211dc53a3cb64bb809e009be6932e72

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5868-364f7d76599cd252.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w7IYoIQBaJe2mxTxk2AscoqYmwoj6bLHKc2iBNjQxYffJTVu3%2FxQAyQ8W0utBLbrbAqrmP0a7%2B3%2FDqdR%2Bvk%2F0a8SofNO906Npid0scZoVYpF9cIo1Weav35hqxh8qw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 04 Jun 2025 01:23:33 GMT
etag: W/"9005-19738895287"
vary: Accept-Encoding
content-encoding: gzip
age: 23993
cf-cache-status: HIT
cf-ray: 94a71833abefb500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1426&min_rtt=562&rtt_var=909&sent=315&recv=209&lost=0&retrans=0&sent_bytes=184018&recv_bytes=45117&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=51600&unsent_bytes=0&cid=3174b6042b2f0118&ts=14126&x=80"

GET hopewex.com/new/landing/block1Bg.webp

104.21.32.1

200 OK

24 kB

URL GET
hopewex.com/new/landing/block1Bg.webp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1450x480, Scaling: [none]x[none], YUV color, decoders should clamp
Size
24 kB (24446 bytes)
Hash
43ecadeebe099275233f25da3d5d7b25
939a8734db86195892ca05078d12bcc5ab0cbedc
64cc10e9de9290364654d6f2387eb1333e22f59931d05f9d3626102670f1eea3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/landing/block1Bg.webp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/webp
content-length: 24446
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uYw0C2yNO7X%2BUuLWl5he04Zb60re2ggp84gaYqYEIxAdRWCShwO4g5pWVNIFqsfVB63U0z4to3ldpml0tzDwnwa5XVqE3QUJ%2FpwRBXrs16l18sPK%2BmCEjaeCdJlLfw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Tue, 07 Jan 2025 22:31:13 GMT
etag: W/"5f7e-19442e4b771"
cf-cache-status: EXPIRED
cf-ray: 94a71833bbf9b500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1418&min_rtt=562&rtt_var=596&sent=437&recv=221&lost=0&retrans=0&sent_bytes=312547&recv_bytes=51128&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14280&x=80"

GET hopewex.com/new/landing/block1BgM.webp

104.21.32.1

200 OK

30 kB

URL GET
hopewex.com/new/landing/block1BgM.webp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
30 kB (30510 bytes)
Hash
f1d26004f83735bd2521a49722ea6c06
6eae79b2d1c8a1539bee33abae3ee09825468b54
7a5783cd7895fd743a8efa30ee7de9402deedc294d8eeb71ea22f676b787ea10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/landing/block1BgM.webp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/webp
content-length: 30510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KElMGQR%2F9SpBX%2BZrOZps%2FAvZblL2AZ7KOC3MQAS8NDFSucp1aNG58b7DPObGl%2Fm7XvilLvGVMqDY6s0QiJblPK21LPIj1eDzTjekJ%2BRQ757D4m2GnXfbIqJKlrl4GA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Tue, 07 Jan 2025 22:31:13 GMT
etag: W/"772e-19442e4b771"
cf-cache-status: EXPIRED
cf-ray: 94a71833bbfab500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1213&min_rtt=562&rtt_var=557&sent=459&recv=226&lost=0&retrans=0&sent_bytes=331734&recv_bytes=53247&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14291&x=80"

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=94a717e02fb40b3d&lang=auto

104.18.95.41

200 OK

123 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=94a717e02fb40b3d&lang=auto
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
123 kB (123386 bytes)
Hash
ee9fa01f1c545e2962ed0226be8b1ba1
482aac4cd0727df0bd79983c8b48c5afc0ed9207
97aab42ca67ed2ee3d57386df1d9fb6c0851117388533479dd326539a6533217

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=94a717e02fb40b3d&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:34 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 94a717e118be0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

POST hopewex.com/

104.21.32.1

302 Found

26 kB

URL User Request POST
hopewex.com/
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type

Size
26 kB (26110 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST / HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3587
Referer: https://hopewex.com/home?__cf_chl_tk=6CMyosZhx05RIATPcoTi_5XgVeEyhZeAwD9oyWFOsW0-1749036574-1.0.1.1-Fu7MBPCFzxxaE4CVXsdRi3quVMuKXuKhL8D_h5k9574
Origin: https://hopewex.com
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 04 Jun 2025 11:29:47 GMT
content-type: text/html
server: cloudflare
cf-ray: 94a718313bd1b500-OSL
location: /home
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ZRwA2c9Bg59yIJ8kOcjrJsiA7yjRjDP%2FdGqqZHcH9at5XDYf2Nf%2FtlK9Ujb8n4Kf2sWlekSvz0Sf1HbaH8Dh4e80p%2FAwzJbXf85XJM5wV%2BiNjLPaNnymBy0ZpNLjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding

GET hopewex.com/_next/static/css/33d281c8208aa46a.css

104.21.32.1

200 OK

2.6 kB

URL GET
hopewex.com/_next/static/css/33d281c8208aa46a.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with very long lines (2644), with no line terminators
Size
2.6 kB (2644 bytes)
Hash
9d935283d4552afa39b54bab1beea66b
144c949c211c4280cba0fd88949206f468e1357a
5f91900db8f97cf0c851424457aaed6b05a56fa946ef6845cdad4403375ee67c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/33d281c8208aa46a.css HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvGMka%2BdpU7YxVU2bDRJD%2Fr%2Bj4oy1%2FkwQWjAySzomzL9QD9km2AQkK2qEONkEeKPTavImm%2BiYAdoj5Jm2VH7s7DnsQ%2FQ3V3vf421SjlK5TN0bXRpFcf0Pd8DXEo4yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 04 Jun 2025 01:23:33 GMT
etag: W/"a54-1973889528b"
vary: Accept-Encoding
content-encoding: gzip
age: 32201
cf-cache-status: HIT
cf-ray: 94a718339be4b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1818&min_rtt=562&rtt_var=1200&sent=247&recv=199&lost=0&retrans=0&sent_bytes=118294&recv_bytes=38730&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14114&x=80"

GET hopewex.com/_next/static/chunks/2117-75e95bc6d3a97fd2.js

104.21.32.1

200 OK

124 kB

URL GET
hopewex.com/_next/static/chunks/2117-75e95bc6d3a97fd2.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
124 kB (123529 bytes)
Hash
8ea3db30a77daa398d15e1302f875c75
f815f87fbf3257bb181bc04980c6e9b71f2e81d7
910e0627398328c246392b8338a7074e03266ff173a8db30c7fa4f58f166538d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/2117-75e95bc6d3a97fd2.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OR0sFSXOREP3%2B0impYxk5%2FG0Um1S%2BPo%2BCb24zN6uNsDry0gVyuCZSSasOcis7zV%2Fq2C2LnK3K0acOv7eNP9Ji2HQom5hZqFsvYKXTsum5dyevb4OOzTGjx%2BybFWwcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"1e289-197243ee266"
vary: Accept-Encoding
content-encoding: gzip
age: 139015
cf-cache-status: HIT
cf-ray: 94a71833abeab500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1426&min_rtt=562&rtt_var=909&sent=316&recv=210&lost=0&retrans=0&sent_bytes=184044&recv_bytes=46379&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=51600&unsent_bytes=0&cid=3174b6042b2f0118&ts=14126&x=80"

GET hopewex.com/new/custom/drake.jpg

104.21.32.1

200 OK

192 kB

URL GET
hopewex.com/new/custom/drake.jpg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3
Size
192 kB (191859 bytes)
Hash
abfe052a39687b4bb56e7fd7daaf1d3d
4b92110f42604456facda1e716f0b9044f1a76c4
bd8a385ed06b2ec1563cd80b0e7408bd245b208f485128198cbe4d774cefe353

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/custom/drake.jpg HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/jpeg
content-length: 191859
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B0yRBjAa8BYNEgcYNU0aQM3GQFoLAo9A5evR2vQ%2B8L3AoB%2BE6QsOJIsmCNf%2BLOH2EDYWWyElqc%2Bh9OpusvDrbLR2Rz7m7ch8J56IL1jKmjBAx3DvUzyW%2B8ixA%2BJzEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Thu, 06 Mar 2025 13:31:53 GMT
etag: W/"2ed73-1956ba7cc8c"
cf-cache-status: EXPIRED
cf-ray: 94a71833dc02b500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1213&min_rtt=562&rtt_var=557&sent=458&recv=226&lost=0&retrans=0&sent_bytes=331055&recv_bytes=53247&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14291&x=80"

GET hopewex.com/fonts/ttnorms/TTNorms-ExtraBoldItalic.woff

104.21.32.1

200 OK

35 kB

URL GET
hopewex.com/fonts/ttnorms/TTNorms-ExtraBoldItalic.woff
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
Web Open Font Format, TrueType, length 34680, version 0.0
Size
35 kB (34680 bytes)
Hash
9a30e8f0dd95fceaa89cf08605ea7236
1d44d7d9c95c173576f844b081ce9300873099cd
8adb6b1b4270089cb85b970e5f1a9dafa6187d864534bb55a3f9775b4b957528

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/ttnorms/TTNorms-ExtraBoldItalic.woff HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/fonts/ttnorms/stylesheet.css
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: font/woff
content-length: 34680
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0VMqaTUByl8f5S6e9N3ZUX33Rj3RMPfq6V6Fa%2FVtRAHw8FV0R0fef0kpuEydMmQ5bE70rHLx0RC3k2b1Oa1PpEREOOlih%2FxCTcCYkyIjISI%2FFcBVnZus4Asr28zMw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"8778-1943b5f4ab5"
cf-cache-status: MISS
cf-ray: 94a71835cc0fb500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1832&min_rtt=562&rtt_var=991&sent=1132&recv=251&lost=0&retrans=0&sent_bytes=1119745&recv_bytes=58252&delivery_rate=21002985&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=339600&unsent_bytes=0&cid=3174b6042b2f0118&ts=14556&x=80"

GET hopewex.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=94a717dc5f66b518

104.21.32.1

200 OK

101 kB

URL GET
hopewex.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=94a717dc5f66b518
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/home
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
101 kB (100807 bytes)
Hash
8f861ac7ba164e1c0fd50c13a9488fd3
f90aef56411d3f0c0eccd500efe90328eb45fa68
e90d9228721e310e3aa8d49fbaeeac76faf9332c298c69ba618b082dcf5cb6b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=94a717dc5f66b518 HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hopewex.com/home?__cf_chl_rt_tk=6CMyosZhx05RIATPcoTi_5XgVeEyhZeAwD9oyWFOsW0-1749036574-1.0.1.1-Fu7MBPCFzxxaE4CVXsdRi3quVMuKXuKhL8D_h5k9574
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:34 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=scqejIKS4Mpa8qSN1UhZ9nlipQRDWVoRQaacPWvi%2FPxfrN1CudSnyTWinrrNp0dEtjz98kCbRWI8e4zOLvmu8UwoESLOygLjdgpw8ilpuRdbKspFOoOA%2Bk3hWYtNPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-ray: 94a717dd9990b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4090&min_rtt=562&rtt_var=3710&sent=119&recv=153&lost=0&retrans=0&sent_bytes=9590&recv_bytes=8848&delivery_rate=304549&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=3174b6042b2f0118&ts=358&x=80"

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/94a717e02fb40b3d/1749036575260/045e409248784485d28b844498dee81535a33b310d55b2feaf67af895733214f/cn0PRYotciZ9KYJ

104.18.95.41

401 Unauthorized

1 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/94a717e02fb40b3d/1749036575260/045e409248784485d28b844498dee81535a33b310d55b2feaf67af895733214f/cn0PRYotciZ9KYJ
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/94a717e02fb40b3d/1749036575260/045e409248784485d28b844498dee81535a33b310d55b2feaf67af895733214f/cn0PRYotciZ9KYJ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Wed, 04 Jun 2025 11:29:36 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gBF5Akkh4RIXSi4REmN7oFTWjOzENVbL-r2eviVczIU8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIAReQJJIeESF0ouERJje6BU1ozsxDVWy_q9nr4lXMyFPABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIAReQJJIeESF0ouERJje6BU1ozsxDVWy_q9nr4lXMyFPABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApfbVKW9jv_cm7VCxn62oVAVC5hFmu-kZjUyoHVY59NkyKyHKMDjFTQQtwRz5WaCrisTztPUBe5IEqngHq_K6n0LVGgP-vP5_EV8Q63SdqECb9NxgQT_jnGDYKP38YIvPHP47CMaQOOm6F4tfy50OTdVLxmir-nwtG4EsjQpjbWt5h0uKnWtYHo0z3T2TGAaak3xueW6uC1Y9XvXRyQ4VLq2YT2Pj5nG5iT9qz95HGc0b9CcuEADcgyRRUmYpFDKa4E7gznEbKSul9XcN8oNCkL49spyNT1stpPVhL9fnQZz0zdIsTIdKR-iKQoy9HKyPEeNpcQhrSF7DgSPJTnR6xwIDAQAB", max-age=20
priority: u=4,i=?0
server: cloudflare
cf-ray: 94a717ea396d0b3d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET hopewex.com/_next/static/chunks/app/(landing)/page-1e1e95bb992002f2.js

104.21.32.1

200 OK

19 kB

URL GET
hopewex.com/_next/static/chunks/app/(landing)/page-1e1e95bb992002f2.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (19255), with no line terminators
Size
19 kB (19255 bytes)
Hash
00f581ab6b3ba4d53e971b431f3d56e3
fae5088e4b4fd764dde98a05b5f28a70caef25f5
9453d067eb2e0b36c16c90060524bb0ccaed5aaeff960fe196c16383c63604ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/app/(landing)/page-1e1e95bb992002f2.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZE%2BYsr6blzPj1IIDlm4JKW55BiR9rXrxzlxurj5o0eQRR%2BqBmm7g2eIOTMLqysJx0Aa5GfxZ3tpOKK5yZOahQZluKCAvdaF16vdEZSiw%2FFNRhFOi8zyeiYSA9lvIKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"4b37-197243ee24a"
vary: Accept-Encoding
content-encoding: gzip
age: 37655
cf-cache-status: HIT
cf-ray: 94a71833bbf4b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1545&min_rtt=562&rtt_var=800&sent=423&recv=216&lost=0&retrans=0&sent_bytes=302196&recv_bytes=49695&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14136&x=80"

GET hopewex.com/new/landing/block3Bg.webp

104.21.32.1

200 OK

32 kB

URL GET
hopewex.com/new/landing/block3Bg.webp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
32 kB (31968 bytes)
Hash
9e48516d30fc0185a62d4d44782d7114
8c8de6204cf95cb371c8181dfa68609b82874802
9f65b5f84da360952bf621b40cb8c01719e3d66f386154fe73122a06eed3e5f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/landing/block3Bg.webp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/webp
content-length: 31968
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35vPCKX5QVvFPSJWU7lT4GAEyVlGVirSv72C%2BrnoUhy1zIHpCecqQw5PomgbiaUz7Zj5ddpk4vji3cMusqXhQIQdf%2Ftsk7NnOpX7D3dx5KKnU3YWhaDGk1V1LGhQ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Tue, 07 Jan 2025 22:31:13 GMT
etag: W/"7ce0-19442e4b771"
cf-cache-status: EXPIRED
cf-ray: 94a71833cbfeb500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1418&min_rtt=562&rtt_var=596&sent=450&recv=221&lost=0&retrans=0&sent_bytes=326884&recv_bytes=51128&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14282&x=80"

GET hopewex.com/new/landing/block3Bg2.webp

104.21.32.1

200 OK

42 kB

URL GET
hopewex.com/new/landing/block3Bg2.webp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
42 kB (42254 bytes)
Hash
d478c3f4a716990ed217e6ace31734d3
c773fb06a91834dfa0874a7ac02e1ed063709706
5111eb0ea2e9c86e8f4c57da58821b50781c345eeb65a397dfe10799f34c21f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/landing/block3Bg2.webp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/webp
content-length: 42254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8%2BaQBbAA3JorlWIA3uDZTLl0Z7f3KX%2FLfepaj2laua%2F1N53NIfpoiUQtErxn%2FT4g2br7wcxo56bdJJHvR6IGfgjNaxWZMzE%2F719ID6MZqipEKsAE0%2Fqy%2FrzLNP1iw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Tue, 07 Jan 2025 22:31:13 GMT
etag: W/"a50e-19442e4b771"
cf-cache-status: EXPIRED
cf-ray: 94a71833cbfdb500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1338&min_rtt=562&rtt_var=606&sent=453&recv=224&lost=0&retrans=0&sent_bytes=327621&recv_bytes=53156&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14287&x=80"

GET hopewex.com/land/gifts.png

104.21.32.1

200 OK

39 kB

URL GET
hopewex.com/land/gifts.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
PNG image data, 146 x 186, 8-bit/color RGBA, non-interlaced
Size
39 kB (39210 bytes)
Hash
a28357f6c9f39f6ec64467e56d3a088f
cb234100a21aaacf188eee7b9b42de088714cc49
8ff0124600e50a161b28e2ca5bfe0af59aea0df8925436fe9930041b26b1082a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /land/gifts.png HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/png
content-length: 39210
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=arAp2px1zAgfJkHlUUQY951UuPxIlQaE3LYVqqUTlejiKIr3s%2B1o9p1IU0fVUc7uwPgfAUdi1QuUdKb%2FLENVamrzKqyfs4GVjVrP5%2BxOCYsLKdE7VtNTxDO3Ju%2FIRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"992a-1943b5f4ac1"
cf-cache-status: EXPIRED
cf-ray: 94a71833dc03b500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1174&min_rtt=562&rtt_var=498&sent=461&recv=227&lost=0&retrans=0&sent_bytes=333109&recv_bytes=53293&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14296&x=80"

GET hopewex.com/api/extra/pixel

104.21.32.1

200 OK

71 B

URL GET
hopewex.com/api/extra/pixel
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JSON text data
Size
71 B (71 bytes)
Hash
428647be4acae0d85bd0799a59237001
25b1dbe5aaaf5fe53a11fdb05fd14bcad3e92ebb
edad519cb99926a099d84224b6b7427bbfbaa60c6ecc1673c039a0723be93006

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/extra/pixel HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hopewex.com/
content-type: application/json
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsr75ASDZlmQLhFosHF9C4vbBlRUi%2BZRFjO5Vhye1vTb3Gdy%2B%2F%2Be%2BBoj3xUxxtKXLtrT3%2BdicjzXvKIIVmfIcDJXvQPhMBZtUJzIHJLB6zq2c9KQHpdhEgNpfe9NKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94a718364c14b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1663&min_rtt=562&rtt_var=845&sent=1135&recv=253&lost=0&retrans=0&sent_bytes=1121798&recv_bytes=58341&delivery_rate=21002985&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=339600&unsent_bytes=0&cid=3174b6042b2f0118&ts=14586&x=80"

GET hopewex.com/favicon.ico

104.21.32.1

200 OK

27 kB

URL GET
hopewex.com/favicon.ico
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/home
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
MS Windows icon resource - 1 icon, 80x80, 32 bits/pixel
Size
27 kB (26622 bytes)
Hash
9486eedc7adbedb673e2d13ff53d694f
593e82845889df7ac55405be300ebe67f3610694
393a5a6dfc60be0498402043769134cce07b6a878d705d47f279b03ab9f63a80

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hopewex.com/home
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:34 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YcH8KXIfP9CUOPfe%2BBHZaNI8h%2FYOm4pF2fn%2BgA5OisjpNrgXK7yS5lHlHu%2FFKEOp6mFES1LQFs%2B%2F6LB9BInYmpAKu8nzEWQypLWS0eyFMoXsRq85t%2FqFGUDk9rNdvg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"67fe-1943b5f4aa9"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 94a717de6999b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3079&min_rtt=562&rtt_var=2372&sent=160&recv=159&lost=0&retrans=0&sent_bytes=55746&recv_bytes=9678&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=530&x=80"

POST hopewex.com/cdn-cgi/challenge-platform/h/b/flow/ov1/875267301:1749032144:V12kboWIK7EhZLDK9W-ue5-Dv7h-lqzJsABe7LlX32c/94a717dc5f66b518/Jq27jCC8CStS717GtK0hrJ9Jr7h2qw8p9PueoXxTBBg-1749036574-1.2.1.1-MdHn.yy9dCZ60ysPFKiImP57LNtho.Gbps7_.kxC0jgfSbcsblPDkg0_lrOOxg96

104.21.32.1

200 OK

17 kB

URL POST
hopewex.com/cdn-cgi/challenge-platform/h/b/flow/ov1/875267301:1749032144:V12kboWIK7EhZLDK9W-ue5-Dv7h-lqzJsABe7LlX32c/94a717dc5f66b518/Jq27jCC8CStS717GtK0hrJ9Jr7h2qw8p9PueoXxTBBg-1749036574-1.2.1.1-MdHn.yy9dCZ60ysPFKiImP57LNtho.Gbps7_.kxC0jgfSbcsblPDkg0_lrOOxg96
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/home
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with very long lines (16960), with no line terminators
Size
17 kB (16960 bytes)
Hash
000db74c334fc342b73bba1d9d10830f
3d968a129cfdcfeb7588a98f499f206a27177a8b
bb7d42b2493ec79e7f8aab6378a3a6b7e444a814a60883d11e8dac6e761b8a2c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/875267301:1749032144:V12kboWIK7EhZLDK9W-ue5-Dv7h-lqzJsABe7LlX32c/94a717dc5f66b518/Jq27jCC8CStS717GtK0hrJ9Jr7h2qw8p9PueoXxTBBg-1749036574-1.2.1.1-MdHn.yy9dCZ60ysPFKiImP57LNtho.Gbps7_.kxC0jgfSbcsblPDkg0_lrOOxg96 HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hopewex.com/home
cf-chl: Jq27jCC8CStS717GtK0hrJ9Jr7h2qw8p9PueoXxTBBg-1749036574-1.2.1.1-MdHn.yy9dCZ60ysPFKiImP57LNtho.Gbps7_.kxC0jgfSbcsblPDkg0_lrOOxg96
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1781
Origin: https://hopewex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:34 GMT
content-type: text/plain; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTq1MzF8SPYd3rXqfngIMoJ%2FRsfUdeHcB%2FgH7kGn%2B%2BoT3LCWMf4SdicFasTTytfcw%2BdrTDhy5T5euFaf0edIVQqpP37%2BDyu5zA4PIQ52TmnMt4vX8RXHE3%2FkZZ22Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-chl-gen: 5twQdI0BTjp0rsxGurF3gckfF7FWl8Jem1mUUnBj89I=$jxEg9pABc4bgT87yOdQ1dw==
content-encoding: br
cf-ray: 94a717df299db500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2828&min_rtt=562&rtt_var=2280&sent=168&recv=162&lost=0&retrans=0&sent_bytes=62375&recv_bytes=12133&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=610&x=80"

GET hopewex.com/

104.21.32.1

200 OK

26 kB

URL User Request GET
hopewex.com/
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
HTML document, ASCII text, with very long lines (26110), with no line terminators
Size
26 kB (26110 bytes)
Hash
f9bfbf80444d26053993d7d594bd666c
6de04c269aae2a69153ac4471b5545149f6b28a1
712e40386399ffaa1b3ee008127572f14704d3a6e116638b884cc011d2831a96

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hopewex.com/home?__cf_chl_tk=6CMyosZhx05RIATPcoTi_5XgVeEyhZeAwD9oyWFOsW0-1749036574-1.0.1.1-Fu7MBPCFzxxaE4CVXsdRi3quVMuKXuKhL8D_h5k9574
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:47 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8pvgzdN1%2Br5DubK3w4iLx7NvgeTVCbXQhtSzHtmEmfZigQ9D7Ht83yhog9a2Wn%2BVwb5prNaOrVhRN5fy%2BcM88E44yHynLGiGgaBqMSm0j832LRyf9VJvLxr5dcapg%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94a71831dbd6b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2059&min_rtt=562&rtt_var=1417&sent=208&recv=181&lost=0&retrans=0&sent_bytes=93658&recv_bytes=27744&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=13900&x=80"

GET hopewex.com/new/custom/drake_mob.jpg

104.21.32.1

200 OK

183 kB

URL GET
hopewex.com/new/custom/drake_mob.jpg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 688x634, components 3
Size
183 kB (182938 bytes)
Hash
e963ae86a89811c64ff65ea7fbad06e4
71aa6b3c27fa1031f03310366a6437e62462d50d
c5c002db6dbca3e04f3c4232965ba87656fffcf42c1e3ef287e0ef6ad29d48c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/custom/drake_mob.jpg HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/jpeg
content-length: 182938
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sBUy8q4%2FtpNHqfERcVTQ1PThXemnsGgg%2Fg4pftcrS5DWsRMJ1c0aUvIJr5tIAodL4dc1BKiSFpSELH9%2Bvx89Da%2F7o849BzBZ5VZjtDUnfHhIX14%2FNxh8BS5X8k%2Fiw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Thu, 06 Mar 2025 13:31:53 GMT
etag: W/"2ca9a-1956ba7cc8c"
cf-cache-status: EXPIRED
cf-ray: 94a718339bdeb500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1546&min_rtt=562&rtt_var=652&sent=434&recv=219&lost=0&retrans=0&sent_bytes=310893&recv_bytes=51037&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14254&x=80"

GET hopewex.com/new/landing/block5Mobile.webp

104.21.32.1

200 OK

21 kB

URL GET
hopewex.com/new/landing/block5Mobile.webp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
21 kB (21220 bytes)
Hash
1c7fe573ca47cd563c79920b4f9c262e
d33337fe8dd023420e98e164d3744679898c5e1a
597c551769acbbb8aac81167c78718c2fac6dde65952a7a7b2925d38ba0f87dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/landing/block5Mobile.webp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/webp
content-length: 21220
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1LhrTQXtY3D8C31Liv7Vyt38%2Bro6H6o7CwR98g7IwIu9xMNFycAYdH9lAkTLwj6DLWnwMC03AtFglvKpaNits9bCyX7gxMiDt%2B4a%2FdJwVM%2F3tq%2FDAdQat8mtr%2FihmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Tue, 07 Jan 2025 22:31:13 GMT
etag: W/"52e4-19442e4b771"
cf-cache-status: EXPIRED
cf-ray: 94a71833cc01b500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1338&min_rtt=562&rtt_var=606&sent=455&recv=224&lost=0&retrans=0&sent_bytes=328993&recv_bytes=53156&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14288&x=80"

GET hopewex.com/fonts/ttnorms/TTNorms-Bold.woff

104.21.32.1

200 OK

31 kB

URL GET
hopewex.com/fonts/ttnorms/TTNorms-Bold.woff
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
Web Open Font Format, TrueType, length 31356, version 0.0
Size
31 kB (31356 bytes)
Hash
1009f03324315eb8bb66d610775afe82
0f23bd1f8f9cefd55d70e8adc0630cef4c17ca52
9e710930d6b03e68bdc6ba959f0d2c887130bfb798396be23a681052a65dac08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/ttnorms/TTNorms-Bold.woff HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/fonts/ttnorms/stylesheet.css
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: font/woff
content-length: 31356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6NJk%2FI6ddHAjxUk4O%2BbHHM95BRF3VHscUPvQmPT3xxF65hX%2B5ryZyYyNbFn2b6eoyoQ%2FUqUnfvPniyULjNCOYdjIm4eywhCHH8zSA0yEh5V3pLk894xmPCCppVZxg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"7a7c-1943b5f4ab5"
cf-cache-status: EXPIRED
cf-ray: 94a71835cc0eb500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1832&min_rtt=562&rtt_var=991&sent=1131&recv=251&lost=0&retrans=0&sent_bytes=1119058&recv_bytes=58252&delivery_rate=21002985&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=339600&unsent_bytes=0&cid=3174b6042b2f0118&ts=14556&x=80"

GET hopewex.com/_next/static/chunks/9157-1ba04d5623695b43.js

104.21.32.1

200 OK

159 kB

URL GET
hopewex.com/_next/static/chunks/9157-1ba04d5623695b43.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
159 kB (159124 bytes)
Hash
d07df211aa09f7a327fd8f7536b1f0f1
5e3565273ec641ac5cfd756f5a472cab88fb2fbf
c9a61872f0519908e071b9a59fef73f722cfd24c6b3b2800b82a5d8edef6705a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/9157-1ba04d5623695b43.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mzXcTVKc7OiqzEShvskreJpU339TPNZt%2FxkfXpKNz819vZonUBNi5JZM%2BqILxu84fsEMvprVpH%2BXXMkGbTjJcI8KAmXrrg4hh9N%2FoAyZSL%2FE6O1389OEuloFmlD3Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"26d94-197243ee25e"
vary: Accept-Encoding
content-encoding: gzip
age: 139015
cf-cache-status: HIT
cf-ray: 94a71833abeeb500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1412&min_rtt=562&rtt_var=711&sent=364&recv=212&lost=0&retrans=0&sent_bytes=238039&recv_bytes=47690&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=103200&unsent_bytes=0&cid=3174b6042b2f0118&ts=14128&x=80"

GET hopewex.com/_next/static/chunks/659-0563095c51424ee6.js

104.21.32.1

200 OK

17 kB

URL GET
hopewex.com/_next/static/chunks/659-0563095c51424ee6.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (16885), with no line terminators
Size
17 kB (16885 bytes)
Hash
915dd0e6f0873b3dde703a643b8ff666
ae53d2846b02817d569131fdabcb0c5318eb3a56
ec92e87e8f788a2f3f164e4a70af749f030a12c56850d06ba10cc5971cc3f4a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/659-0563095c51424ee6.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2FWQ02AUDeqyG1BffK9m69RXjvlwq7yPLdoU6JSxZieSGxRSbWMXkU9aa1S5jYPOJF1%2Fr2gvp72gVF0f3khjEwjIlb%2FhDIlFNjgYkWqyrtFZyVEJYnNpysmYWiaN9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"41f5-197243ee266"
vary: Accept-Encoding
content-encoding: gzip
age: 300189
cf-cache-status: HIT
cf-ray: 94a71833bbf2b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1412&min_rtt=562&rtt_var=711&sent=406&recv=213&lost=0&retrans=0&sent_bytes=287266&recv_bytes=48341&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=103200&unsent_bytes=0&cid=3174b6042b2f0118&ts=14129&x=80"

GET hopewex.com/_next/static/chunks/1651-0f34a84826c83a79.js

104.21.32.1

200 OK

11 kB

URL GET
hopewex.com/_next/static/chunks/1651-0f34a84826c83a79.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (11196), with no line terminators
Size
11 kB (11196 bytes)
Hash
94484ec446e252c8e0edc671573c2c22
43a5b29e56d2e60b6847e5c6ce61582cb849ced6
de17e472189f9b0699d1ea295cc1f84b20abf9587a31b705c558e010c4f08fb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1651-0f34a84826c83a79.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5YpHZddFcOewoAiFlPFnizWJIkheAFRoGpeN4Pl6ut4joNbF25hkcqI6k9QZITqzejt0Qzz26IIu%2BLlv4KY4cWqnRvUj5kAJixdsvMnnXj6i%2FyaJlUCViIVLLGpa5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"2bbc-197243ee26a"
vary: Accept-Encoding
content-encoding: gzip
age: 300189
cf-cache-status: HIT
cf-ray: 94a71833bbf6b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1412&min_rtt=562&rtt_var=711&sent=406&recv=213&lost=0&retrans=0&sent_bytes=287266&recv_bytes=48341&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=103200&unsent_bytes=0&cid=3174b6042b2f0118&ts=14133&x=80"

GET hopewex.com/new/landing/block2_2.webp

104.21.32.1

200 OK

60 kB

URL GET
hopewex.com/new/landing/block2_2.webp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
60 kB (59542 bytes)
Hash
e84373a6466299fa094ba5363b7b5611
b664588840cddc484127d918b9e723a7150ae1fd
e40b65c3cb0a0765e299a82e05a7b5e093eea9997af4d8f09338efb2e84a2ede

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/landing/block2_2.webp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/webp
content-length: 59542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xCPhZ3uMr3ssnkL4x5489M%2FaM9d70Qvr9ZzRQHGRyMtJbAY2LkMFujWNN9kH%2B5w0GMdabR6d%2BUFOgqADaGcH7qQa%2Btf0HSH5eviT2d%2Bdi3e9aRz6IPSzKLyYi5zvNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Tue, 07 Jan 2025 22:31:13 GMT
etag: W/"e896-19442e4b771"
cf-cache-status: EXPIRED
cf-ray: 94a71833bbfcb500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1213&min_rtt=562&rtt_var=557&sent=459&recv=226&lost=0&retrans=0&sent_bytes=331734&recv_bytes=53247&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14291&x=80"

GET challenges.cloudflare.com/turnstile/v0/b/65b4351086ca/api.js?onload=tjuT4&render=explicit

104.18.95.41

200 OK

49 kB

URL GET
challenges.cloudflare.com/turnstile/v0/b/65b4351086ca/api.js?onload=tjuT4&render=explicit
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/home
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
JavaScript source, ASCII text, with very long lines (48865)
Size
49 kB (48866 bytes)
Hash
28f0b425a88f4d4b022c3a8a1ffb9dca
8efe5b5f3dd25fea437338515978c2fe74c009ad
9821825ee09b693d639254f3b03533464c19748dd03cab160eb96ea0f40ec926

HTTP Headers

GET /turnstile/v0/b/65b4351086ca/api.js?onload=tjuT4&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hopewex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 04 Jun 2025 11:29:34 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 28 May 2025 10:40:55 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 94a717de9fe256bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST hopewex.com/home

104.21.32.1

307 Temporary Redirect

26 kB

URL User Request POST
hopewex.com/home
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type

Size
26 kB (26110 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /home HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hopewex.com/home?__cf_chl_tk=6CMyosZhx05RIATPcoTi_5XgVeEyhZeAwD9oyWFOsW0-1749036574-1.0.1.1-Fu7MBPCFzxxaE4CVXsdRi3quVMuKXuKhL8D_h5k9574
Content-Type: application/x-www-form-urlencoded
Content-Length: 3587
Origin: https://hopewex.com
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 307 Temporary Redirect
date: Wed, 04 Jun 2025 11:29:47 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGueG%2FO7moOLt%2FC%2FoGYvbJKp%2FlKdvoG3RwKCqEQQqhxjy8mbNdEmJGcty%2FC%2BdycxjMNnJOAJnSeagx552MC5Cwwm0Cdq1XPLxBAPF9RN0WqYLRALI%2F7DVznZdWJ2Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
location: /
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 94a718306bc4b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2467&min_rtt=562&rtt_var=1905&sent=193&recv=172&lost=0&retrans=0&sent_bytes=81232&recv_bytes=21494&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=13711&x=80"

GET hopewex.com/fbq.js

104.21.32.1

200 OK

408 B

URL GET
hopewex.com/fbq.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text
Size
408 B (408 bytes)
Hash
0b834c87557376668b3c3fde729a8db5
872448d973ce02e75d52b31641d961601167d04c
cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fbq.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxYEsAvvaQCd4g6ShYfHrIZ67wZYyH9i%2BOYCkaiepbhNmkwzHSg6b2qYdmhEw9XyVUAsJBq8jGAEi%2Ft38aokam%2BP662rHIcaQNXqn271%2FB2YOPTFIbGLxnfyWq8UfA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"198-1943b5f4aa9"
vary: Accept-Encoding
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 94a71833bbf5b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1492&min_rtt=562&rtt_var=596&sent=435&recv=220&lost=0&retrans=0&sent_bytes=311570&recv_bytes=51083&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14269&x=80"

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/94a717e02fb40b3d/1749036575259/x4sdr96RMAzUTx3

104.18.95.41

200 OK

214 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/94a717e02fb40b3d/1749036575259/x4sdr96RMAzUTx3
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
PNG image data, 34 x 29, 8-bit/color RGBA, non-interlaced
Size
214 B (214 bytes)
Hash
351994f3b7786ac63d33b99edbe32ed4
cb12d33f2b1dc2c24cc4c19893ac478d372a8b78
dd34c6ba6f52ac8aed9394b1323b6f3ef94a221fa8355cbde8737377f0aee5dd

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/d/94a717e02fb40b3d/1749036575259/x4sdr96RMAzUTx3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:36 GMT
content-type: image/png
content-length: 214
priority: u=4,i=?0
server: cloudflare
cf-ray: 94a717e9082a0b3d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET hopewex.com/new/landing/block5BgMobile.webp

104.21.32.1

200 OK

49 kB

URL GET
hopewex.com/new/landing/block5BgMobile.webp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
49 kB (49074 bytes)
Hash
3ce596f2875175161c32cc277e495175
de336df23f662cb35e35030d7ac43105fd6f75af
3f6626eb2f59ea9fc3a1297d7fb2aa365f5270f0ae3a84586a3eca83dd243ec1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/landing/block5BgMobile.webp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/webp
content-length: 49074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2daJKq28i%2FuvbYRz%2F7orTnTx%2FpQiEX7lLefExMOSCHgM0EJtuqVOSGys0%2FbSuZ%2FqeDu7e4W3%2BZPvrVbuS5qqeMrHAKxvgl%2Bm0N7SqfW69yq%2BQzUXkYFalU%2B3ncnbkg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Tue, 07 Jan 2025 22:31:13 GMT
etag: W/"bfb2-19442e4b771"
cf-cache-status: EXPIRED
cf-ray: 94a71833cc00b500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1338&min_rtt=562&rtt_var=606&sent=456&recv=224&lost=0&retrans=0&sent_bytes=329680&recv_bytes=53156&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14288&x=80"

GET hopewex.com/favicon.ico

104.21.32.1

200 OK

27 kB

URL GET
hopewex.com/favicon.ico
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
MS Windows icon resource - 1 icon, 80x80, 32 bits/pixel
Size
27 kB (26622 bytes)
Hash
9486eedc7adbedb673e2d13ff53d694f
593e82845889df7ac55405be300ebe67f3610694
393a5a6dfc60be0498402043769134cce07b6a878d705d47f279b03ab9f63a80

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iu%2FqBYHST6ZkOPyKRhI6v7Sg4TOQ13kMfR%2BjPF9tBCUYU6CrE2EwSM5oPy7ekgE0f8iyJtSWPyWSicWkMOhg5gmnCb6%2BD4J5cKf91DE1qJEEn9TQRuZHpokWRenUiA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"67fe-1943b5f4aa9"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 94a71836fc1ab500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1547&min_rtt=562&rtt_var=757&sent=1250&recv=260&lost=0&retrans=0&sent_bytes=1254792&recv_bytes=59255&delivery_rate=21002985&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=339600&unsent_bytes=0&cid=3174b6042b2f0118&ts=14696&x=80"

GET hopewex.com/favicon.ico

104.21.32.1

200 OK

27 kB

URL GET
hopewex.com/favicon.ico
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/home
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
MS Windows icon resource - 1 icon, 80x80, 32 bits/pixel
Size
27 kB (26622 bytes)
Hash
9486eedc7adbedb673e2d13ff53d694f
593e82845889df7ac55405be300ebe67f3610694
393a5a6dfc60be0498402043769134cce07b6a878d705d47f279b03ab9f63a80

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hopewex.com/home?__cf_chl_rt_tk=6CMyosZhx05RIATPcoTi_5XgVeEyhZeAwD9oyWFOsW0-1749036574-1.0.1.1-Fu7MBPCFzxxaE4CVXsdRi3quVMuKXuKhL8D_h5k9574
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:34 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDO%2B4nVp16A5MeK3wy1fCRF2mHSJnV%2B%2FdrDoVmOVVsEPL4LW%2Bh6ECxEGrkSmE7GGq%2BULZQhD0gZmCa7NR2j99pNlBwctCcYkY69BkuwnoKzlo%2FTtQ0EaRl13NGxNKw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"67fe-1943b5f4aa9"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 94a717ddc991b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3107&min_rtt=562&rtt_var=3086&sent=154&recv=158&lost=0&retrans=0&sent_bytes=49171&recv_bytes=9633&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=477&x=80"

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/

104.18.95.41

200 OK

28 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/home
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
HTML document, ASCII text, with very long lines (22243)
Size
28 kB (27929 bytes)
Hash
f3e30827b8152734876c5b7ba75ddc96
167a00bf93d51c61f4fccae4e49731f46dc0c08a
d4e9b76e9837432bdca9745634da03ff2d3bd85e4c3ee6cae3642d864e7aa52b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:34 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-1h8GxnbyrlbXGvKA' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 94a717e02fb40b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1

104.18.95.41

200 OK

86 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced
Size
86 B (86 bytes)
Hash
70c202196187ab3c11b4e094c20c6de1
9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863
6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:34 GMT
content-type: image/png
content-length: 86
priority: u=4,i=?0
server: cloudflare
cf-ray: 94a717e0f8980b3d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET hopewex.com/new/landing/triangles.webp

104.21.32.1

200 OK

12 kB

URL GET
hopewex.com/new/landing/triangles.webp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11792 bytes)
Hash
f05371865ecf62cab6e1001717f97449
00d6417678f2f685bfc86621c08404ce4253bd5e
002a8352268a2601a960a8e9b0d195162969c477e0588d706db73ff7311b8ced

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/landing/triangles.webp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/webp
content-length: 11792
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hl86m5O8ZMRjwe4eBnF6ZcH6rMfjNIHBkqpoNSizL6cfHGMUSVxj3sYPl9IeyrMK38jeEawD2UxjuhnVh%2B84OOUl66IKTvEbHnl539KqMVlDSsSE9XBUCCNcxtmZTw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Tue, 07 Jan 2025 22:31:13 GMT
etag: W/"2e10-19442e4b771"
cf-cache-status: EXPIRED
cf-ray: 94a71833bbf8b500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1418&min_rtt=562&rtt_var=596&sent=438&recv=221&lost=0&retrans=0&sent_bytes=313230&recv_bytes=51128&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14282&x=80"

GET hopewex.com/_next/static/css/f89cf37e5720cb55.css

104.21.32.1

200 OK

650 B

URL GET
hopewex.com/_next/static/css/f89cf37e5720cb55.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with very long lines (650), with no line terminators
Size
650 B (650 bytes)
Hash
8941179a0958254af7b2b3c49420d795
21d5e6c630b1c669d1678081d2c2479b5f9836ac
c6076ab0276d8e1c5227243e112c7703fd9f873a548ab185c1d0db493b7ed602

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/f89cf37e5720cb55.css HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1IaWolE6osd01TgZx6wDghAZB9HdAeg7JMG5kgmtqSiG%2F7dA2CirDiJy1EC7LKrXC%2Bvd4gHern%2F5hhlXiEJ5VRDSE2yN7OKFX0xEzNu7TTO8G9t6s2htz6MLvdOnsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"28a-197243ee26e"
vary: Accept-Encoding
age: 37655
cf-cache-status: HIT
content-encoding: br
cf-ray: 94a718339be0b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1412&min_rtt=562&rtt_var=711&sent=406&recv=213&lost=0&retrans=0&sent_bytes=287266&recv_bytes=48341&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=103200&unsent_bytes=0&cid=3174b6042b2f0118&ts=14130&x=80"

GET hopewex.com/_next/static/chunks/fd9d1056-da5caefe92cdbb5c.js

104.21.32.1

200 OK

173 kB

URL GET
hopewex.com/_next/static/chunks/fd9d1056-da5caefe92cdbb5c.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
173 kB (172835 bytes)
Hash
a2e6693b6b8e2ae5167ce7ceb21dd431
625b83e4cdbc0bc71ca90f7de6633000d5908f96
a87677f28d0d640a628d81e90ec37a86c6674c1c656277318f17b14c9542d045

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/fd9d1056-da5caefe92cdbb5c.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ySzw9tbAV50YHsNd7HIFHV%2BqYfqi4lUgcy3NIU%2FIZQ9CWxZIR1rIN9BH0jMkjwxrDokym3NInqsdSBi%2F2tw%2BHY7YrBuCLMvSml4JU1XhQTZzjZTH1CyOoq9sFKsE0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"2a323-197243ee25e"
vary: Accept-Encoding
content-encoding: gzip
age: 300189
cf-cache-status: HIT
cf-ray: 94a718339be9b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1622&min_rtt=562&rtt_var=1008&sent=262&recv=203&lost=0&retrans=0&sent_bytes=128292&recv_bytes=40695&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14118&x=80"

GET hopewex.com/new/landing/block2_1.webp

104.21.32.1

200 OK

35 kB

URL GET
hopewex.com/new/landing/block2_1.webp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
35 kB (35336 bytes)
Hash
27af9080beb8306cddacd1a9037925bc
be2a7157460eb6ecec53392c3a0a4b403e86ff48
64f67f85d1e3bbdf632351a794605b742e8293f29c762897dcf855ecbcda6d4b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/landing/block2_1.webp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/webp
content-length: 35336
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHQnCaLjRtoHTfwI8bthh60L3GcHMTxrlOICsAjl7SP0PG6nD6kCHWqlAryZcYdK89EoUax1eQW4KhpT3m0xz5HDk5syvFZNAddqRUSgRSiInyzauOe%2FXooSfBUKyw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Tue, 07 Jan 2025 22:31:13 GMT
etag: W/"8a08-19442e4b771"
cf-cache-status: EXPIRED
cf-ray: 94a71833bbfbb500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1338&min_rtt=562&rtt_var=606&sent=457&recv=224&lost=0&retrans=0&sent_bytes=330373&recv_bytes=53156&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14289&x=80"

GET hopewex.com/home

104.21.32.1

301 Moved Permanently

6.6 kB

URL User Request GET
hopewex.com/home
IP
104.21.32.1:80
ASN
#13335 CLOUDFLARENET

File type

Size
6.6 kB (6599 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /home HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 04 Jun 2025 11:29:34 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 04 Jun 2025 12:29:34 GMT
Location: https://hopewex.com/home
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Qc9O4ZsUz8OHCf0kA7nPzVp0y%2BKtUGVpkj2p0pZz5hgbKsbOuAEKq6JzTrMWi0qqTgc%2F6WXfxEFeBJ5%2BFTpQLx3oMo%2FnIiWHkk7qfx7SR2%2FBfQy6v3GEU%2FI8d7THQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 94a717dc1d7d5687-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=457&min_rtt=457&rtt_var=228&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=400&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

GET hopewex.com/_next/static/chunks/webpack-1fe59a572382168a.js

104.21.32.1

200 OK

4.1 kB

URL GET
hopewex.com/_next/static/chunks/webpack-1fe59a572382168a.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (4146), with no line terminators
Size
4.1 kB (4146 bytes)
Hash
61bf53445cd31458a77fd69f6a71e268
8e598d4d25bc14b5e3857e7f2f03e5c65b828f23
f083221fef95e32e8af6aa16fd5a41c2f1386de189f9e8ed41eb71ee585ebe8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/webpack-1fe59a572382168a.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oIJ2DDVWBtD1bptCAZzgZjJUefqe%2BoPEMsfr9XUSn%2FNMJIGhAw5oebjzmAi0383T1XiwZ5LY9yxgZ7TgGP51dl7CvhOf7Icoqmd112AS2%2Bu1BDOL3HKEoMVEUXsnLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 04 Jun 2025 01:23:33 GMT
etag: W/"1032-19738895287"
vary: Accept-Encoding
content-encoding: gzip
age: 32201
cf-cache-status: HIT
cf-ray: 94a718339be7b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1700&min_rtt=562&rtt_var=1136&sent=256&recv=201&lost=0&retrans=0&sent_bytes=124017&recv_bytes=39416&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14117&x=80"

GET hopewex.com/fonts/ttnorms/TTNorms-Black.woff

104.21.32.1

200 OK

31 kB

URL GET
hopewex.com/fonts/ttnorms/TTNorms-Black.woff
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
Web Open Font Format, TrueType, length 31216, version 0.0
Size
31 kB (31216 bytes)
Hash
5a246f88fc7f4539fa8d90711016d1c0
9eb704fe64bf328ada5b4fc909fc03b135e96813
5f48c991bdc64557d6496e3e290d351881e3f10ae469fdfc332b03aca7a2ca02

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/ttnorms/TTNorms-Black.woff HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/fonts/ttnorms/stylesheet.css
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: font/woff
content-length: 31216
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skHGnnf6fY%2B3QVSo%2Fk0FFzPFP8xmaFuyOfNMoAbD0ahr9%2BMDOiLpFEWbPLu3q7F97zu2iw6eiO0mh04Hs0jh4wFgXDM2vZr2QNKMt75GmR5PzoIcTUc7D5Eud%2BiYbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"79f0-1943b5f4ab5"
cf-cache-status: EXPIRED
cf-ray: 94a71835cc0db500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1832&min_rtt=562&rtt_var=991&sent=1133&recv=251&lost=0&retrans=0&sent_bytes=1120426&recv_bytes=58252&delivery_rate=21002985&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=339600&unsent_bytes=0&cid=3174b6042b2f0118&ts=14557&x=80"

POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/210332801:1749035585:SD02KJ_XqvVP3MztPKEeb5UgBy-kgTAotjrcbth93VI/94a717e02fb40b3d/gPUPg3SwGhdqincsWk7U5YY1AugLo4ALG7hxBkf40kw-1749036574-1.2.1.1-n2hPmcLRizg69aU7MTcyetb7uvJIGdmOjdp_o4A2jmMArcbqj1wYIpPOeWAAdSPV

104.18.95.41

200 OK

231 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/210332801:1749035585:SD02KJ_XqvVP3MztPKEeb5UgBy-kgTAotjrcbth93VI/94a717e02fb40b3d/gPUPg3SwGhdqincsWk7U5YY1AugLo4ALG7hxBkf40kw-1749036574-1.2.1.1-n2hPmcLRizg69aU7MTcyetb7uvJIGdmOjdp_o4A2jmMArcbqj1wYIpPOeWAAdSPV
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
231 kB (230716 bytes)
Hash
0e2602fa3371677a18efc53f639cc030
499cd5e299dfa6c7969c81463c59628a5ae42c20
1fc4690310608d22c1b999da25616fbc61292eff913e16c3d1bcd6c8af492516

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/210332801:1749035585:SD02KJ_XqvVP3MztPKEeb5UgBy-kgTAotjrcbth93VI/94a717e02fb40b3d/gPUPg3SwGhdqincsWk7U5YY1AugLo4ALG7hxBkf40kw-1749036574-1.2.1.1-n2hPmcLRizg69aU7MTcyetb7uvJIGdmOjdp_o4A2jmMArcbqj1wYIpPOeWAAdSPV HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
cf-chl: gPUPg3SwGhdqincsWk7U5YY1AugLo4ALG7hxBkf40kw-1749036574-1.2.1.1-n2hPmcLRizg69aU7MTcyetb7uvJIGdmOjdp_o4A2jmMArcbqj1wYIpPOeWAAdSPV
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3987
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:35 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: g6k0niCNrUPV6sIwumwpMa28MwH8++bYMWEXeGcn2cJNROjowS7bBb8PUjesH/Cbr80UY29he0DbDnvnLQTWCrmwzMnU3VAsMjuB+DggZBlLCQvK+R0j8DUYVb143EzjlmUMU4qXiBqsdTvQIegfXhGgL5Pw0bmtgTwnmi9rSBuimlwPkPrkbV1YQaZu1/qSsouaOpCBsXDKz8ucvikWtcEgkNUSsKZ4eBx8DrpBRhe5QQnrxTX6qafdDnbmuiamelKEzjeGT2PzTh9q/9Oz0J/NnlHY67H3WK5a6mD+jSBlk8nwHX6SIN2kSUvKXvulfYFNTyvJor265UpWzFk6DTJbiM3fXalpM3ekn8zeggd8yv7aEqJf48N9AbWqQ+tI2makKB3zJw6VOojMHFZ+yKLki/HTAEovQ2WfkUPH8uZ4ooLuZCQeh3WvURnCUrO04XkjQjt95g2DnrebljT8Xfr4QTdIWxJaB1duKcFexIch0gTaALD9xYEsifC8ZFpQV73cgzRBeXoGUwSpYigOEYqBPI8jOHSyxZ39cl8vjgZwTuWYTXUKH22qVbL4/jUtP5fjqwjT+rxfaP3jy96Q0ubObJskSTlY7Xe1cwDI0t/zMOogIPopOZE7mbfwtCZ8QYxl/BDT9UanGJ2OQkjGMyVcW76LNMpo3NgZvaHWnE9WOtbNwUaWArOeZgZ6TWGeZR4med5XJk9qWkCwUokuPRB7ytM6jvFOrrT8IXmMK1zUu50OTbCaw1mRF9AmPQtRtoy2LLVmeIyPxmdI5HRYrLfbwip/H1RLrBz4Jie69bKfwr/qIUatCdFzLkv8hMaa$qs/W3rFjNOmcMoVi5C2bBA==
priority: u=3,i=?0
server: cloudflare
cf-ray: 94a717e34ac80b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET hopewex.com/_next/static/css/3b1fd672ed5608bd.css

104.21.32.1

200 OK

8.1 kB

URL GET
hopewex.com/_next/static/css/3b1fd672ed5608bd.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with very long lines (8080), with no line terminators
Size
8.1 kB (8080 bytes)
Hash
3cb1044f342a57e47b25329d72d5dced
9c88092e249745f7791f53c2abc08aa02c512e4c
e760ce7ee0492f732a5d1cd0cf1924b01a209edf24613d6582c29b872f7d20d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/3b1fd672ed5608bd.css HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8tjp6VmHRbBEj1tpy1fcG2q%2B20DmAe%2Fg4BvBkUpGu%2FOVv3BatwFWJ6FY2F3yjaR46u7nurRcuBhvGXfwrrAqi8MjuPjsuxc7IWLSWbnSNaIjlrX5OrsY%2FZTkMQzOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"1f90-197243ee272"
vary: Accept-Encoding
content-encoding: gzip
age: 139015
cf-cache-status: HIT
cf-ray: 94a718339be5b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1818&min_rtt=562&rtt_var=1200&sent=250&recv=199&lost=0&retrans=0&sent_bytes=119949&recv_bytes=38730&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14115&x=80"

GET hopewex.com/fonts/ttnorms/stylesheet.css

104.21.32.1

200 OK

7.0 kB

URL GET
hopewex.com/fonts/ttnorms/stylesheet.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text
Size
7.0 kB (6983 bytes)
Hash
13a30e1d1d98980f8d05fd08ec50bb35
6ea5a517edd970ae8f3ac4d194c27d6bf5ff5433
474eb22e42e75ae5cd195e8b724c0c35ac1f40bb1b6cedb21e7e7f290aa9792c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/ttnorms/stylesheet.css HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/_next/static/css/f89cf37e5720cb55.css
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z06sVlgW7n5fN0nqSlrQxSLxsm9dHnVruCqfAFFKdWVN2EqOGrZlYwWDOjrkp%2Fy454LBLs5H2U8PXjjeTvoMkYVkjPTWgPYhwHaI6B%2FD8X8XbQTIJ5Cl8wj5Pm5IZw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"1b47-1943b5f4abd"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 94a71834bc09b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1545&min_rtt=562&rtt_var=529&sent=623&recv=233&lost=0&retrans=0&sent_bytes=521204&recv_bytes=53578&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14399&x=80"

GET hopewex.com/api/extra/promoIp

104.21.32.1

200 OK

16 B

URL GET
hopewex.com/api/extra/promoIp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/extra/promoIp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hopewex.com/
content-type: application/json
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/json
content-length: 16
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGPnsX4YZzmaTiGi3Hetk27e66iZch341Qe0vwQtVXBZZYKtp%2BE9PTRjX7EExr%2FWIu4BCwBjUTp0scfTicjlM3a3ZDHxfWyZn%2BBN8nLMHfjpRbvRhlBRebA3haFAtg%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin
cf-cache-status: DYNAMIC
cf-ray: 94a718364c15b500-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1660&min_rtt=562&rtt_var=710&sent=1248&recv=258&lost=0&retrans=0&sent_bytes=1254140&recv_bytes=58569&delivery_rate=21002985&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=339600&unsent_bytes=0&cid=3174b6042b2f0118&ts=14633&x=80"

GET hopewex.com/_next/static/css/8608792f3b5f7f74.css

104.21.32.1

200 OK

8.5 kB

URL GET
hopewex.com/_next/static/css/8608792f3b5f7f74.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with very long lines (8528), with no line terminators
Size
8.5 kB (8528 bytes)
Hash
f6eea2c332af5e9f6c1a95b382e645e9
8826e8c79885c8a1b68061395c9cd8ff2bdc4074
23bc36de0472509a2d230a105eaa19f08784668e62510939c78a5876636459ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/8608792f3b5f7f74.css HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VU1sRECGDnSfONGFcgkwhl4LCcmhn9VWeNYx%2FxkJ9Wjz5L6M7BZcZsHUjQ7FdLOC49IS35hncAootDpqB8fX3Eyn%2B8jkVRgNqP0ckG2wgyaCvyJ3K5FBFxWHGRUKGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"2150-197243ee26e"
vary: Accept-Encoding
content-encoding: gzip
age: 300189
cf-cache-status: HIT
cf-ray: 94a718339be1b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1900&min_rtt=562&rtt_var=1383&sent=230&recv=195&lost=0&retrans=0&sent_bytes=101698&recv_bytes=36776&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14111&x=80"

GET hopewex.com/_next/static/css/0d7f01007d4df3d7.css

104.21.32.1

200 OK

74 kB

URL GET
hopewex.com/_next/static/css/0d7f01007d4df3d7.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
74 kB (74291 bytes)
Hash
1484703337977a45b1b502303cfd48ac
7684aab03879447d2748f903f71b033930ebbd57
8a8588c246b1b89aab105b253baa3eaa7056809c7dce14b153cbe6b2452383c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/0d7f01007d4df3d7.css HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HH80qYy%2FSc%2Fr%2BqK7HsoEAQikwtHVWtsJBen0mdT00xgn%2Fi4bnp3umq6kuJlRHwPrsHop4M7m1Ba9J1Yh6uuYHbc4KVxYE93S4qg88DUhK7nQWI3ujBLLq6AOfECwDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"12233-197243ee26e"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 300190
cf-ray: 94a718339be2b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1818&min_rtt=562&rtt_var=1200&sent=234&recv=198&lost=0&retrans=0&sent_bytes=104655&recv_bytes=38098&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14113&x=80"

GET hopewex.com/twq.js

104.21.32.1

200 OK

308 B

URL GET
hopewex.com/twq.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
CSV ASCII text
Size
308 B (308 bytes)
Hash
7f4d9e824f13f7d27acdc868f36f7208
125a712d37aefe5d3e52ce2ae8986e109eb473de
d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /twq.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s3gauRqd4Pn6t4jVajomO3OrZEOMkVb3dVL3AtU5EQwK1dmbp8jTEiWPfhbAFL3Xw7PKjBrwOuGDBg2D3mDxtuLAJ8xpVE%2BYixCpY5PBI3cCe4Sjg7t%2Br7bEnUQElw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"134-1943b5f4b05"
vary: Accept-Encoding
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 94a71833bbf7b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1418&min_rtt=562&rtt_var=596&sent=438&recv=221&lost=0&retrans=0&sent_bytes=313230&recv_bytes=51128&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14282&x=80"

GET hopewex.com/fonts/inter/stylesheet.css

104.21.32.1

200 OK

6.3 kB

URL GET
hopewex.com/fonts/inter/stylesheet.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text
Size
6.3 kB (6311 bytes)
Hash
bdf5a025fbabbaa5d6f4abca1d0e67aa
b039f5f4911a96afdeaa786c89b2ade709bb5956
fb1c3b9832b8b6cc300b0da8665955e7c05f63dae8fe6cd820b351eb79cacaaa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/inter/stylesheet.css HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/_next/static/css/f89cf37e5720cb55.css
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8pOm6i0Mu0S2IiW1XA7PFvRHGXpHsdqpJstT9jP1e9lNSBLz6iI4f%2Fmh9i0rJO51ePQ%2BU0G%2FF72Svc2JjoikQ84jDqDz5Bh47wplInEXdiz6TJ%2FXeGbvb2%2Bz3qA1A%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"18a7-1943b5f4ab1"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 94a71834bc08b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1492&min_rtt=562&rtt_var=503&sent=625&recv=234&lost=0&retrans=0&sent_bytes=522713&recv_bytes=53627&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14401&x=80"

GET hopewex.com/_next/static/chunks/app/global-error-fe201d1ef534f112.js

104.21.32.1

200 OK

1.4 kB

URL GET
hopewex.com/_next/static/chunks/app/global-error-fe201d1ef534f112.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (1388), with no line terminators
Size
1.4 kB (1388 bytes)
Hash
8ca48ed0d2a1a5682754bac07d67d8fd
7c9f9f86aee10c66b96aa5ef12159df0e36f0cf9
a70d13ae98e69275eac6f58c2d6aa8036ace599fc4e72660df186ad6127acc9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/app/global-error-fe201d1ef534f112.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjnlYf6DIMgACMoezZieUQb%2F3vGimzdTZrtNMJjLyX0VjnTuJToO6VecmrLJ7uJlPyEi6uRvvnvUKBYrTTN2v1ddjt1%2Bf4jrN4OM8MNSpcl2w1rFs0yfDRHs0dQ3IA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"56c-197243ee24a"
vary: Accept-Encoding
content-encoding: gzip
age: 37655
cf-cache-status: HIT
cf-ray: 94a71833bbf1b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1545&min_rtt=562&rtt_var=800&sent=420&recv=215&lost=0&retrans=0&sent_bytes=300735&recv_bytes=49042&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14134&x=80"

GET hopewex.com/new/landing/block5Bg.webp

104.21.32.1

200 OK

54 kB

URL GET
hopewex.com/new/landing/block5Bg.webp
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
RIFF (little-endian) data, Web/P image
Size
54 kB (53544 bytes)
Hash
c6d0567946b20d3f91228186c8425ade
90e84b04c251dbbe1cfd12cd2220f07beed207f2
5782471d28353cb1ae76e0d8463801d81bef491501aa62f3146004df0fc8ede4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/landing/block5Bg.webp HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: image/webp
content-length: 53544
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZldLi16yYgkl0767pXFdR5UczKSZ%2BEsIq9dc%2BuvdiGDkeiL%2BoBSpkaeOUKQGL1BLqNrykS9FElsA40Y0cYtspl0YhNy0pAfCFDIYNvLrO2UbzzIIPOKKMPxGUrvfw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Tue, 07 Jan 2025 22:31:13 GMT
etag: W/"d128-19442e4b771"
cf-cache-status: EXPIRED
cf-ray: 94a71833cbffb500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1338&min_rtt=562&rtt_var=606&sent=454&recv=224&lost=0&retrans=0&sent_bytes=328309&recv_bytes=53156&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14288&x=80"

GET hopewex.com/home

104.21.32.1

403 Forbidden

6.6 kB

URL User Request GET
hopewex.com/home
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
HTML document, ASCII text, with very long lines (6599), with no line terminators
Size
6.6 kB (6599 bytes)
Hash
7768f588ce0c5620ad4300eb5ec4e050
6f0692e08488dab63473ac02739ebd3eee78cc7c
f41497069178b0b8945b3f01300958903e920e8245aaa0df7d2c4aa0cc7424a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /home HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Wed, 04 Jun 2025 11:29:34 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 94a717dc5f66b518-OSL
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1vOp9Ai0wYvYdMQrFPHQ3eGycyJaO0tJ1%2Fj6fFqgTEq9U4ps8x54FzBS0%2FYO6W9o4Wm9MNFjT41iTGm6fJlRTgNPa0V4L29bQHSWSxko6lBQOwPYfXC0zteymg5rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="94a717dc5f66b518", cfL4;desc="?proto=TCP&rtt=2695&min_rtt=453&rtt_var=4211&sent=14&recv=14&lost=0&retrans=0&sent_bytes=9414&recv_bytes=1195&delivery_rate=8153153&cwnd=256&unsent_bytes=0&cid=ae1345807cbbbd14&ts=204&x=0"
X-Firefox-Spdy: h2

GET hopewex.com/_next/static/css/2b3198649a078c56.css

104.21.32.1

200 OK

2.0 kB

URL GET
hopewex.com/_next/static/css/2b3198649a078c56.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with very long lines (1956), with no line terminators
Size
2.0 kB (1956 bytes)
Hash
a40a0db04beb37ff985968da200beeb9
43599a6376c0e01d48e68a6a16325b01def3191a
c6ce83ab109eb73ee51d309e1b8996660a62a5a0b9b724b54bcbd31dba3bb9de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/2b3198649a078c56.css HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2bOzbiZdfQYeNihzQUhhQptMQjUrk6Uzk%2F7t9aQNmz72148dLfwqNkF7fS8pQAzeBTF4uUmh%2BmHBGKRiaAJ%2FntJmRWuozzMT4KzBt4IoKUjz5ir81nXUK5q21RWN8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"7a4-197243ee272"
vary: Accept-Encoding
content-encoding: gzip
age: 37655
cf-cache-status: HIT
cf-ray: 94a718339be6b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1622&min_rtt=562&rtt_var=1008&sent=259&recv=202&lost=0&retrans=0&sent_bytes=126822&recv_bytes=39463&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14117&x=80"

GET hopewex.com/_next/static/chunks/main-app-df523c8931f70c0a.js

104.21.32.1

200 OK

464 B

URL GET
hopewex.com/_next/static/chunks/main-app-df523c8931f70c0a.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with very long lines (464), with no line terminators
Size
464 B (464 bytes)
Hash
780f1f062143f470ccc751e8e9d0ba05
c9deba27d87d3e1b411b741a1d7249479fe500b5
82b916c2ff6e9ac8cdc115f596700aff44c67c4cb3fcae2c6dad80a6baab40fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-app-df523c8931f70c0a.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OIbY0Lrt0NO%2BRVxPxoHY6bsIMmHSLXVrV%2BanQBRrKvdKs%2B2HMmDl0NcbMX3sFz9ZddrHLQeqYrPb%2FWdkyXwYwUn%2Fu7dVjr5u2LfRc%2B2MNXZPdn206%2BvkRdUNX5EJNA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"1d0-197243ee24a"
vary: Accept-Encoding
age: 300189
cf-cache-status: HIT
content-encoding: br
cf-ray: 94a71833abebb500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1524&min_rtt=562&rtt_var=952&sent=306&recv=206&lost=0&retrans=0&sent_bytes=176318&recv_bytes=42585&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14123&x=80"

GET hopewex.com/fonts/ttnorms/TTNorms-Regular.woff

104.21.32.1

200 OK

31 kB

URL GET
hopewex.com/fonts/ttnorms/TTNorms-Regular.woff
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
Web Open Font Format, TrueType, length 31112, version 0.0
Size
31 kB (31112 bytes)
Hash
33f150c6ac81219f18b55864e087dd12
7e3f9fee0b08c64fd733aaf64029c2947130b9a3
0d9f772dcc9cd484c98410488a12c0865b31531a79e8e9c1926945e7b5e66a95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/ttnorms/TTNorms-Regular.woff HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/fonts/ttnorms/stylesheet.css
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: font/woff
content-length: 31112
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5x92dlf1BfiCZjjSDSHuCquEUO7M%2Fwg2TBO4HRmZXELaPpXOxrHQEXm7smccnJHqEHE9yBgCJ5uXAo%2B0K5%2FZ6oFZj1R9JftVPPgsNkIObtJWawt5Pef1YFHE%2B%2Fz7cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"7988-1943b5f4abd"
cf-cache-status: EXPIRED
cf-ray: 94a71835cc0cb500-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1728&min_rtt=562&rtt_var=951&sent=1134&recv=252&lost=0&retrans=0&sent_bytes=1121110&recv_bytes=58296&delivery_rate=21002985&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=339600&unsent_bytes=0&cid=3174b6042b2f0118&ts=14563&x=80"

GET hopewex.com/fonts/source-sans-3/stylesheet.css

104.21.32.1

200 OK

656 B

URL GET
hopewex.com/fonts/source-sans-3/stylesheet.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text
Size
656 B (656 bytes)
Hash
6ce52493af310d12e72f2ad2530edff1
b63019c9de65d20c5bd68f2506ebc6945d93610c
90f72aaf12432622c732eb030a37c0d97b80368c13bb14f1184ff06332d3b868

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/source-sans-3/stylesheet.css HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/_next/static/css/f89cf37e5720cb55.css
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XA8lZcfni29ommzQHN7eEhPWONQFyCOeR6rWJ5uPuFTofD%2FsPSimPbuE3J0hF1H52RH%2BNlA8x9WSJJ5pN%2FG8KEtuWeRdTUJjdxdGq7W1Hh1K%2FqoWrfZsX0SGGv%2BqVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
last-modified: Mon, 06 Jan 2025 11:28:08 GMT
etag: W/"290-1943b5f4ab5"
vary: Accept-Encoding
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 94a71834bc07b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1473&min_rtt=562&rtt_var=456&sent=785&recv=241&lost=0&retrans=0&sent_bytes=711452&recv_bytes=53966&delivery_rate=21002985&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=206400&unsent_bytes=0&cid=3174b6042b2f0118&ts=14406&x=80"

104.18.95.41

200 OK

28 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/210332801:1749035585:SD02KJ_XqvVP3MztPKEeb5UgBy-kgTAotjrcbth93VI/94a717e02fb40b3d/gPUPg3SwGhdqincsWk7U5YY1AugLo4ALG7hxBkf40kw-1749036574-1.2.1.1-n2hPmcLRizg69aU7MTcyetb7uvJIGdmOjdp_o4A2jmMArcbqj1wYIpPOeWAAdSPV
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
ASCII text, with very long lines (28204), with no line terminators
Size
28 kB (28204 bytes)
Hash
1363bb0324b4d4c4bfed12c76bbd8609
fea44ed4194f09f33c9ac1ca59ab09dca7939583
5ee873940414799947ec295c191346977ea9051328e54e4c8029be12c6c563c2

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/210332801:1749035585:SD02KJ_XqvVP3MztPKEeb5UgBy-kgTAotjrcbth93VI/94a717e02fb40b3d/gPUPg3SwGhdqincsWk7U5YY1AugLo4ALG7hxBkf40kw-1749036574-1.2.1.1-n2hPmcLRizg69aU7MTcyetb7uvJIGdmOjdp_o4A2jmMArcbqj1wYIpPOeWAAdSPV HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/ia3wa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
cf-chl: gPUPg3SwGhdqincsWk7U5YY1AugLo4ALG7hxBkf40kw-1749036574-1.2.1.1-n2hPmcLRizg69aU7MTcyetb7uvJIGdmOjdp_o4A2jmMArcbqj1wYIpPOeWAAdSPV
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 34597
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:40 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 4+cR5snIbKaRFhGEnkChnpHuEBvFubDmI2GUspTY+zYvik6pzDLnU2sayWvUEU56$A/LyutSHKEN8S5om2SKXwQ==
priority: u=3,i=?0
server: cloudflare
cf-ray: 94a7180238280b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

104.21.32.1

200 OK

4.2 kB

URL POST
hopewex.com/cdn-cgi/challenge-platform/h/b/flow/ov1/875267301:1749032144:V12kboWIK7EhZLDK9W-ue5-Dv7h-lqzJsABe7LlX32c/94a717dc5f66b518/Jq27jCC8CStS717GtK0hrJ9Jr7h2qw8p9PueoXxTBBg-1749036574-1.2.1.1-MdHn.yy9dCZ60ysPFKiImP57LNtho.Gbps7_.kxC0jgfSbcsblPDkg0_lrOOxg96
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/home
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
ASCII text, with very long lines (4168), with no line terminators
Size
4.2 kB (4168 bytes)
Hash
387f6be25e404a6209c72462efe3806c
f1fceee7bd1a40beace5b41e0e203b53829eef88
1fb05c72eb9a984c25285fc0bb000bb1c4efac00f62904f9e91d3135a978af09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/875267301:1749032144:V12kboWIK7EhZLDK9W-ue5-Dv7h-lqzJsABe7LlX32c/94a717dc5f66b518/Jq27jCC8CStS717GtK0hrJ9Jr7h2qw8p9PueoXxTBBg-1749036574-1.2.1.1-MdHn.yy9dCZ60ysPFKiImP57LNtho.Gbps7_.kxC0jgfSbcsblPDkg0_lrOOxg96 HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hopewex.com/home
cf-chl: Jq27jCC8CStS717GtK0hrJ9Jr7h2qw8p9PueoXxTBBg-1749036574-1.2.1.1-MdHn.yy9dCZ60ysPFKiImP57LNtho.Gbps7_.kxC0jgfSbcsblPDkg0_lrOOxg96
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 4023
Origin: https://hopewex.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:47 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBADZQukz9FhLEYZ2jCqsWMKgPrSw2Nlt41AI9c%2FfeuE2tjcjFUevOdP3EAqySYIqtP5Ms%2FiwI35EkmoGvfdI1Nmme75aFgoG2Ju7YCcCgyucYpNqQjf%2BIfASuc5Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-chl-out-s: 30xOIxcxfr9t/+AKR43PRAcy4SrgrjmwP3TUer6BLPgLVYtAChXlD8HkQfB/ixw1Fe8qGY04860WiX9RX/Wu2uEbXqIh9zmA+3tiXjdAyMOoGpIicM+CuFfG9HgRriCx848UQDZ+/PryvaI992s1Zl4kKPoHRqHSu7CVjJ7T5kzOO0+7XOF0HLq55xzKWoPi4jmHLsYZaqsSec5luNm5loDljsYO/9boocVH03lM7pQ+uugwdCONnDiBFFzpj+Zft+JYAXw1IGZBGkxv7L+73Dq+XQdKmxlbvvDHbSwBpr5OGSzykZ9NmucsPLc/NhwZp5Z9VDlpE5bexx0ekS5q1ZEM+JQIvrAvejY0CnWEL9+ng9mDiZylMPcrDjP6p+6tLOdEUaOXObDHrWzGQjApkaJuXdie6OV14rr1RI55rc5CeEaJ0pXv6u6exbVEctoVoi9ib4fJWI9WRxr5fng02OiJiLfd03E8NjM2ufpXAcjCVcSfV/hXnN5wFH9wxvAs8EJbaHFznnbK7ShV6AUKHYcyxdTQ56toQTxeqJFzzE1+PJrjeljrtyMNc1lD0GiYW92wVhVXeF2cg3ARNRZ5LQ==$CbzJuYdON63cUquR2QT49Q==
set-cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=hopewex.com; Expires=Thu, 04 Jun 2026 11:29:47 GMT
cf-chl-out: LTdXSKZ3dH3YKVzYmzOp8pOfh1/imQga7iMNkz4TXK1lcp1f6PuMEuVQbqEK3PQBygzYkO66swK3mN7YFjUPzA==$ENSA95ITVcfFnhLkx9yPZw==
content-encoding: br
cf-ray: 94a7182f4bbdb500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2627&min_rtt=562&rtt_var=2112&sent=184&recv=167&lost=0&retrans=0&sent_bytes=76190&recv_bytes=16915&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=13485&x=80"

GET hopewex.com/home

104.21.32.1

307 Temporary Redirect

26 kB

URL User Request GET
hopewex.com/home
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type

Size
26 kB (26110 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /home HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hopewex.com/home?__cf_chl_tk=6CMyosZhx05RIATPcoTi_5XgVeEyhZeAwD9oyWFOsW0-1749036574-1.0.1.1-Fu7MBPCFzxxaE4CVXsdRi3quVMuKXuKhL8D_h5k9574
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 307 Temporary Redirect
date: Wed, 04 Jun 2025 11:29:47 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBFr0aVzlOBFHMTKxVHlQaSP4bqklV%2FhEzsjLsO3RfYBScWLGaZieJ4cpKvNWluDwLaXlLqbyzZfxxS3yO7kuwgXYwGT9%2Bn35z2MgnTvH3aOA3Uezc5A4DIJwlJ27Q%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
location: /
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 94a718314bd3b500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2157&min_rtt=562&rtt_var=1631&sent=201&recv=179&lost=0&retrans=0&sent_bytes=87719&recv_bytes=26908&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=13813&x=80"

GET hopewex.com/_next/static/chunks/8003-35d6c4e938d60f65.js

104.21.32.1

200 OK

7.1 kB

URL GET
hopewex.com/_next/static/chunks/8003-35d6c4e938d60f65.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hopewex.com/
Certificate
IssuerGoogle Trust Services
Subjecthopewex.com
Fingerprint27:AF:D3:FC:13:82:9A:38:20:47:C4:DF:E1:79:06:AC:CC:EC:36:3F
ValiditySat, 31 May 2025 16:39:39 GMT - Fri, 29 Aug 2025 17:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (7119), with no line terminators
Size
7.1 kB (7119 bytes)
Hash
8014900ea0b06de9aba6c034a95c2e68
f5f9791bc97c1a2973734e6999868eb15e2096e1
bb2ba96a789f1f0c6144a6d6ddba4a09c139b4060a1c9e97af56538d29415c2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8003-35d6c4e938d60f65.js HTTP/1.1
Host: hopewex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hopewex.com/
Cookie: cf_clearance=.88RSerBd4T9Bagg08NxQ7MSTTMyLVbWB6YnGoIx0WM-1749036587-1.2.1.1-XAugML7MJcUx7VSiL6J84Jnh9JXC59h7TrtC786aYLz9Z9n294xz65U82xHtJsehIjro3bo7r5Lj_GpQwxlsxwN6_Y9nOphPAGDWLZsNudCh4rbSDB92lkM3jCujQ2EF9q1iJ4rzc.jWp7m5k402TzP9xCEOYJkgpv6Vogf6M2unFqlj6naxuFc1SuOMydEOGR7nwi4AC9nDR9f90ikVfwUvL70r_3PM3sNcC6F8sf1KkvhKH9_6yNzC16GLz9yCmkr0ldYo1Z20qqSXG4OTjOOHPYe00XyBcFKHvt5_enafU5CoG6Ecmy8pE_0w_EA5Fat0lvybUDR2_vi7Da8Q59Y26puBlL9oV4RcE_RgyiBUviqiQZ49fs.ReCoyoL5R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 04 Jun 2025 11:29:48 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWo%2BI68LW3gIYoEYb2EJIvI9QcOvfOsoI3%2BgICNCOZj8IJyZeB6p0OPz53h7%2BPrt8TiqOXMw%2Fs4M4DXsYJp9DbS5ZDNR%2BnkZ4jfE%2FpTkFLqQE1FtC1ADDKYITnnvtg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sat, 31 May 2025 02:49:50 GMT
etag: W/"1bcf-197243ee262"
vary: Accept-Encoding
content-encoding: gzip
age: 139015
cf-cache-status: HIT
cf-ray: 94a71833abecb500-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1622&min_rtt=562&rtt_var=1008&sent=263&recv=203&lost=0&retrans=0&sent_bytes=129005&recv_bytes=40695&delivery_rate=17872249&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=3174b6042b2f0118&ts=14120&x=80"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (108)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML