Report - valuesportal.com/?fallback=true&channelId=1453101420&programId=476943523&at_gd=E936FF1E98D8BFCF73B070FB637CEF60355066A8

Report Overview

Visited public
2024-10-09 03:00:32
Tags
Submit Tags
URL
valuesportal.com/?fallback=true&channelId=1453101420&programId=476943523&at_gd=E936FF1E98D8BFCF73B070FB637CEF60355066A8
Finishing URL
valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
IP / ASN
54.240.174.75
#16509 AMAZON-02
Title
Länken är inte längre aktiv... men det finns annat!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
to.bjornborg.com	unknown	2001-11-04	2020-11-30 13:35:21	2024-09-23 01:46:01	443 B	35 kB	13.49.53.120
www.buttericks.se	unknown	1995-11-11	2014-03-13 07:52:51	2024-09-25 16:04:49	498 B	47 kB	104.21.1.24
www.pierrerobert.se	unknown	2006-09-19	2014-11-27 05:54:07	2024-09-26 10:41:23	560 B	218 kB	104.18.239.215
dialogtrail-prod.s3-eu-west-1.amazonaws.com	unknown	2005-08-18	2019-06-26 10:26:48	2024-09-25 10:55:01	470 B	78 kB	52.218.62.48
consentcdn.cookiebot.com	5676	2010-01-21	2018-05-23 07:13:43	2024-10-07 18:12:04	531 B	1.0 kB	2.20.163.160
fast.fonts.net	2905	1999-03-03	2013-07-13 06:08:03	2024-10-07 18:15:09	5.3 kB	109 kB	104.16.40.28
cdn.valuesportal.com	unknown	2020-04-21	2021-03-24 14:17:01	2024-10-07 19:28:22	3.6 kB	81 kB	143.204.55.38
imgsct.cookiebot.com	unknown	2010-01-21	2023-11-22 14:44:39	2024-10-08 18:12:05	477 B	723 B	2.20.163.160
js.intercomcdn.com	2440	2013-04-25	2020-02-19 12:43:00	2024-10-08 18:20:30	823 B	385 kB	54.240.174.93
api-iam.intercom.io	2892	2011-08-15	2018-08-02 22:07:54	2024-10-08 18:13:19	516 B	5.1 kB	52.7.22.181
valuesportal.com	unknown	2020-04-21	2020-07-24 17:17:09	2024-10-04 13:45:24	5.3 kB	795 kB	54.240.174.77
api.adtraction.net	unknown	2007-04-18	2020-02-13 21:43:22	2024-10-04 13:45:24	1.2 kB	7.1 kB	13.53.50.32
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-10-08 11:33:55	2.3 kB	412 kB	142.250.74.168
external.adtraction.com	unknown	2002-12-09	2014-10-24 09:42:28	2024-09-26 10:41:23	1.3 kB	237 kB	3.126.121.212
widget.intercom.io	2417	2011-08-15	2020-07-20 14:16:46	2024-10-08 03:51:13	423 B	3.4 kB	143.204.55.8
nexus-websocket-a.intercom.io	2137	2011-08-15	2015-06-26 12:17:57	2024-10-07 18:13:42	1.5 kB	564 B	34.237.73.95
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-10-07 19:37:44	327 B	887 B	23.33.119.57
consent.cookiebot.com	4972	2010-01-21	2014-02-26 15:48:42	2024-10-08 18:12:06	954 B	121 kB	23.36.79.153
images.bubbleroom.no	unknown	2020-07-21	2017-07-31 09:13:39	2024-09-28 16:54:37	457 B	411 kB	104.26.3.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-10-09	medium	fast.fonts.net/dv2/14/d50cd608-e926-4d34-8f6c-f26e9daebc97.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5	meth_get_eip

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x	ScriptElement	212 kB	2024-10-11	2024-10-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 08:43 Last Seen2024-10-11 08:43 Times Seen1 Hash 1ae79b9e24da2d7cf3da1d66fddbac32 720522ede835f193cb95d473b0763095b9974c7d aac1d72e2027f32d2c16833933b2e3357f6324acc322567c7c8c8d43d8f9d1d1 Loading...

	www.googletagmanager.com/gtag/js?id=G-FFXNYXD7GX&l=dataLayer&cx=c	ScriptElement	326 kB	2024-10-11	2024-10-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-FFXNYXD7GX&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 08:43 Last Seen2024-10-11 08:43 Times Seen1 Hash 67dd7b51c8efc07a9d160776fb9c0cb4 c5b33f3e093ae390eee085d7e9706b4091e9a070 71f15a8cbc777dbcd12492d661b2225eb04714f6d630df216dad4c01ab399d6c Loading...

	unknown	ScriptElement	434 B	2023-05-09	2025-06-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 03:12 Last Seen2025-06-03 22:00 Times Seen427 Hash 554e6fe88384c0a14d4f592de8088652 af264aa1753758abdd7c42bd404c2fb00a233945 2149907a3641128d1316fda1d5dcb25918a1de46cd6afa5e12c4b1326605f077 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x	ScriptElement	212 kB	2024-10-11	2024-10-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 08:43 Last Seen2024-10-11 08:43 Times Seen1 Hash 9c14138f209ccdc5acb6732e83d80ed4 a4ca3e11feedba52c6bc97a17bdd066d0456a146 f2b977084db0e3847375263063bcd32cd645bc1e2a72cdb242e51355585a30c4 Loading...

	consent.cookiebot.com/uc.js?cbid=cd1b3576-b285-4ba1-b23f-5f46a28bca9a	ScriptElement	113 kB	2024-10-07	2024-10-11
Pretty URL consent.cookiebot.com/uc.js?cbid=cd1b3576-b285-4ba1-b23f-5f46a28bca9a IP 23.36.79.153 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-07 11:53 Last Seen2024-10-11 09:09 Times Seen25 Hash bdb6b82e438e56de836eef356b7d2656 a6b7c406e553f1ac3fed58e227e0f1bfbb9e697f ae1062717e422bb6d61122c2b54684a66c27c71f7154d49e16be57aea3241be1 Loading...

	valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true	ScriptElement	45 B	2023-05-09	2024-10-21
Pretty URL valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true IP 54.240.174.77 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-09 03:12 Last Seen2024-10-21 18:48 Times Seen424 Hash 198327a19ccbb3892374f866f360e1c5 f908782f7aeab91ce234a56928c435e9fee8914a c8ea0e2d8937fe37b59b56b8e3ad65a44ef0e2089cfb685fa7ada1ba86fd44ce Loading...

	valuesportal.com/static/js/main.d41238da.chunk.js	ScriptElement	26 kB	2024-08-14	2024-10-21
Pretty URL valuesportal.com/static/js/main.d41238da.chunk.js IP 54.240.174.77 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-14 16:17 Last Seen2024-10-21 18:48 Times Seen194 Hash 23848636fbdf98182c6b5c43d196be53 98b74144d92495044ae8ab753681e0ffe1674ba1 e18d3151c68631cc63247bb65fc236f28487bae808c6d6bdf43541692691ab72 Loading...

	js.intercomcdn.com/frame.85ab212b.js	ScriptElement	860 kB	2024-10-08	2024-10-11
Pretty URL js.intercomcdn.com/frame.85ab212b.js IP 54.240.174.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-08 23:58 Last Seen2024-10-11 08:45 Times Seen23 Hash 792700ab4e428e9952646bacfacd294a 13ffcc50d392ad86735b0ebcdf24173e320002b3 485672eee0e4eb9896709623fccef67cc64b4a33c9662d3a475c29f6647c9002 Loading...

	valuesportal.com/static/js/2.abce0daa.chunk.js	ScriptElement	357 kB	2024-07-09	2025-06-03
Pretty URL valuesportal.com/static/js/2.abce0daa.chunk.js IP 54.240.174.77 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-09 21:02 Last Seen2025-06-03 22:00 Times Seen317 Hash 5296ec55ccbb14d27aa6b18194d80b13 c8e8e56b30b39392bb7357cf0e6a773a9ce3c505 0924a634995e3542e108cf1c8683da65014bd8b7e2d2770461aed746d86f5d6a Loading...

	js.intercomcdn.com/vendor.c8c34991.js	ScriptElement	622 kB	2024-10-08	2024-10-22
Pretty URL js.intercomcdn.com/vendor.c8c34991.js IP 54.240.174.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-08 17:40 Last Seen2024-10-22 12:52 Times Seen207 Hash fbaf82f8758d908018796213a4417422 6f024a0bb170510444df34e0874df48c7bf23eae 3321556de59f523813c0302863320f341100844e80cc6c1d76eed08562602c27 Loading...

	valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true	ScriptElement	685 B	2024-08-14	2024-10-21
Pretty URL valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true IP 54.240.174.77 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-14 16:17 Last Seen2024-10-21 18:48 Times Seen194 Hash 1e8c94ee628acf65c6743e3923d720c7 64cd88ea4ba43129c5f59369d13d6085f62dd681 b7a390a6b46fc2263f7a4f11db420af3fc30794ad0a318d83398a91dfc9d6cac Loading...

	widget.intercom.io/widget/dsoe5ay3	ScriptElement	6.7 kB	2024-10-08	2024-10-11
Pretty URL widget.intercom.io/widget/dsoe5ay3 IP 143.204.55.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-08 23:58 Last Seen2024-10-11 08:45 Times Seen22 Hash deabebbc37ae592eed2357fa0afb71ba c44936ac1d5d6f5624eb8772fe1ae2b6238ad612 bd70b08fb30bb3b89373c8bca8bd9e400c3bf16f6d829096708214e2ca05ffcb Loading...

	valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true	ScriptElement	1.5 kB	2023-05-09	2025-01-12
Pretty URL valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true IP 54.240.174.77 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-09 03:12 Last Seen2025-01-12 23:09 Times Seen426 Hash 6a7c020c0815d61f660b378082152e53 cbc7d2c207cfdceffd66c126fd274260faacbb14 a399bc55ff17d6bbf8459d46ab874953dd597eec406ae9e2144a165c82cc1c5b Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x	ScriptElement	212 kB	2024-10-11	2024-10-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 08:43 Last Seen2024-10-11 08:43 Times Seen1 Hash d0c5d07f2a70ac54f103638dd562180f 2690e22540d573f37bc9dac8d547638991f63409 7895a136d227bb090fb5631dd1b1d29bcb8ae702f72b45d503b565d84e5f93a8 Loading...

	consent.cookiebot.com/cd1b3576-b285-4ba1-b23f-5f46a28bca9a/cc.js?renew=false&referer=valuesportal.com&dnt=true&init=false	ScriptElement	297 kB	2024-10-07	2024-10-11
Pretty URL consent.cookiebot.com/cd1b3576-b285-4ba1-b23f-5f46a28bca9a/cc.js?renew=false&referer=valuesportal.com&dnt=true&init=false IP 23.36.79.153 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-07 19:28 Last Seen2024-10-11 09:03 Times Seen8 Hash faf46b6ceb9108ef1c20be020b34840d 09d07f01cee6bed343b226694d72b22021f3f445 187556983575603dc2d86d763f953f21974a849ddd90ea200b8f7e90701158ba Loading...

	consentcdn.cookiebot.com/sdk/bc-v4.min.html	ScriptElement	585 B	2023-04-05	2025-03-02
Pretty URL consentcdn.cookiebot.com/sdk/bc-v4.min.html IP 2.20.163.160 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 07:33 Last Seen2025-03-02 03:53 Times Seen11999 Hash 019b8aaa9f25d986d68395a8c6277be0 4d07e0b8c06f0a26b5be2caaf5c03d72b7c3d630 9ba37511ff74e293467e2c283d7045d2d63d999a1e700a41467f6bcf845329a2 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x	ScriptElement	212 kB	2024-10-11	2024-10-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 08:43 Last Seen2024-10-11 08:43 Times Seen1 Hash 11d9cd9b0beb561e3e2a3f0bf2d658f1 dc6dc8e7c867844a80aeb5d0320559ef993f1742 d9256fe1d1894011de68c62b15b7841dee0e841592c5a748f5842dcf13844d6e Loading...

		Size	First Seen	Last Seen
	#1 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07 01:02	2025-07-04 05:49
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-07-04 05:49 Times Seen24155 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (49)

URL IP Response Size

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
33985775df7b619cb33f4050d88c5fb9
cf0b2ff92cd2f7e12ce788a164a73d75dea5da83
b6db380f5eeb73aa56abf90afa43b52cc9f51b01f33ad1eefeccc473a41ffb86

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B6DB380F5EEB73AA56ABF90AFA43B52CC9F51B01F33AD1EEFECCC473A41FFB86"
Last-Modified: Tue, 08 Oct 2024 11:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4305
Expires: Wed, 09 Oct 2024 04:11:48 GMT
Date: Wed, 09 Oct 2024 03:00:03 GMT
Connection: keep-alive

valuesportal.com/?fallback=true&channelId=1453101420&programId=476943523&at_gd=E936FF1E98D8BFCF73B070FB637CEF60355066A8

54.240.174.77

5.5 kB

URL
valuesportal.com/?fallback=true&channelId=1453101420&programId=476943523&at_gd=E936FF1E98D8BFCF73B070FB637CEF60355066A8
IP
54.240.174.77:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (5538), with no line terminators
Size
5.5 kB (5538 bytes)
Hash
f318003d430468ca25d988ae70e655d9
52e9c76ba4e0ff18b772320a76b1e518a5637b10
f137e6b0ec8a12371262b070253ee13c91ba96be2ed436e6456f2b2ccf065547

HTTP Headers

GET /?fallback=true&channelId=1453101420&programId=476943523&at_gd=E936FF1E98D8BFCF73B070FB637CEF60355066A8 HTTP/1.1
Host: valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 5538
date: Wed, 09 Oct 2024 03:00:04 GMT
last-modified: Wed, 14 Aug 2024 07:50:42 GMT
etag: "f318003d430468ca25d988ae70e655d9"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q1b2RadMMhkWjWUmK_pakvElIJ0OgR-iYUVEIGlpM66OwePCV21npA==
X-Firefox-Spdy: h2

GET valuesportal.com/static/css/main.e3177414.chunk.css

54.240.174.77

200 OK

7.8 kB

URL GET HTTP/2
valuesportal.com/static/css/main.e3177414.chunk.css
IP
54.240.174.77:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectvaluesportal.com
Fingerprint36:1E:EE:65:2E:D8:C2:3F:38:51:EF:09:62:11:A7:02:25:45:2B:FE
ValiditySat, 23 Dec 2023 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ASCII text, with very long lines (7721)
Size
7.8 kB (7773 bytes)
Hash
07032aca5d602dbe63913884f4daec6c
f63855f24c1ffeaefae56a6d0d85a02bebd0f568
3822a71c915e9e53822e7f6dde0efe2c43764ea736809de961f7e8a5a4fdc52d

HTTP Headers

GET /static/css/main.e3177414.chunk.css HTTP/1.1
Host: valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/?fallback=true&channelId=1453101420&programId=476943523&at_gd=E936FF1E98D8BFCF73B070FB637CEF60355066A8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 7773
date: Tue, 08 Oct 2024 03:49:17 GMT
last-modified: Wed, 14 Aug 2024 07:50:42 GMT
etag: "07032aca5d602dbe63913884f4daec6c"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VwaJOdWzzpiQGzGXjWQgfw6zRHRJD2jPGVYXyzYQ6aYUZf3dtmZPUA==
age: 83447
X-Firefox-Spdy: h2

GET valuesportal.com/static/js/main.d41238da.chunk.js

54.240.174.77

200 OK

26 kB

URL GET HTTP/2
valuesportal.com/static/js/main.d41238da.chunk.js
IP
54.240.174.77:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectvaluesportal.com
Fingerprint36:1E:EE:65:2E:D8:C2:3F:38:51:EF:09:62:11:A7:02:25:45:2B:FE
ValiditySat, 23 Dec 2023 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (25776)
Size
26 kB (25824 bytes)
Hash
23848636fbdf98182c6b5c43d196be53
98b74144d92495044ae8ab753681e0ffe1674ba1
e18d3151c68631cc63247bb65fc236f28487bae808c6d6bdf43541692691ab72

HTTP Headers

GET /static/js/main.d41238da.chunk.js HTTP/1.1
Host: valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/?fallback=true&channelId=1453101420&programId=476943523&at_gd=E936FF1E98D8BFCF73B070FB637CEF60355066A8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
content-length: 25824
last-modified: Wed, 14 Aug 2024 07:50:42 GMT
server: AmazonS3
date: Wed, 09 Oct 2024 02:30:17 GMT
etag: "23848636fbdf98182c6b5c43d196be53"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: os-BcbIz2rb2L0URIU6boM6rZdhLM-_ksKN0uZwYq81FjP-lPqbpvg==
age: 5262
X-Firefox-Spdy: h2

GET valuesportal.com/static/js/2.abce0daa.chunk.js

54.240.174.77

200 OK

357 kB

URL GET HTTP/2
valuesportal.com/static/js/2.abce0daa.chunk.js
IP
54.240.174.77:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectvaluesportal.com
Fingerprint36:1E:EE:65:2E:D8:C2:3F:38:51:EF:09:62:11:A7:02:25:45:2B:FE
ValiditySat, 23 Dec 2023 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65462)
Size
357 kB (356780 bytes)
Hash
5296ec55ccbb14d27aa6b18194d80b13
c8e8e56b30b39392bb7357cf0e6a773a9ce3c505
0924a634995e3542e108cf1c8683da65014bd8b7e2d2770461aed746d86f5d6a

HTTP Headers

GET /static/js/2.abce0daa.chunk.js HTTP/1.1
Host: valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/?fallback=true&channelId=1453101420&programId=476943523&at_gd=E936FF1E98D8BFCF73B070FB637CEF60355066A8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
content-length: 356780
last-modified: Wed, 14 Aug 2024 07:50:42 GMT
server: AmazonS3
date: Wed, 09 Oct 2024 02:30:17 GMT
etag: "5296ec55ccbb14d27aa6b18194d80b13"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 642nCHKTV_UgI2BQPurnRsGKZRj2AiOW2cJ-j55nOkXhSvjhyLaViA==
age: 3896
X-Firefox-Spdy: h2

GET fast.fonts.net/t/1.css?apiType=css&projectid=471ca280-8790-45a9-8ee0-00cc46dd75b5

104.16.40.28

200 OK

0 B

URL GET HTTP/2
fast.fonts.net/t/1.css?apiType=css&projectid=471ca280-8790-45a9-8ee0-00cc46dd75b5
IP
104.16.40.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subjectfonts.net
Fingerprint8E:60:D4:A0:26:37:FA:46:97:04:45:95:79:E4:F0:B9:09:83:E9:23
ValiditySat, 28 Sep 2024 08:32:23 GMT - Fri, 27 Dec 2024 08:32:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/1.css?apiType=css&projectid=471ca280-8790-45a9-8ee0-00cc46dd75b5 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/cssapi/471ca280-8790-45a9-8ee0-00cc46dd75b5.css
Cookie: __cf_bm=DBXdVLJCJR2seSLMsmXIf7AzRjyNlRzHEawNdZJnpIk-1728442803-1.0.1.1-hXwk4dxohruzKSchZ3uTQaBB5e2SjSiqJKEHtqV6hkF7A_wUZhQA1U6w4C38_fHzbm.F.O0fW2EzD_hBakOAng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:04 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: BYo+QwcfRRpKrq/h4R0JeSYj/s4X9dtNpqr4b/EKdkf7S+P3/+PFoINA6EgXOVkL9De1xAXVrCU=
x-amz-request-id: 2HYY8V56J7CSFG6F
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=1
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 5996099
expires: Wed, 09 Oct 2024 03:00:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cfb1e456bafabe6-CPH
X-Firefox-Spdy: h2

GET fast.fonts.net/dv2/14/7afb413d-536f-439c-bcca-ba53e24cda07.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5

104.16.40.28

200 OK

23 kB

URL GET HTTP/2
fast.fonts.net/dv2/14/7afb413d-536f-439c-bcca-ba53e24cda07.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5
IP
104.16.40.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subjectfonts.net
Fingerprint8E:60:D4:A0:26:37:FA:46:97:04:45:95:79:E4:F0:B9:09:83:E9:23
ValiditySat, 28 Sep 2024 08:32:23 GMT - Fri, 27 Dec 2024 08:32:22 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22780, version 1.655
Size
23 kB (22780 bytes)
Hash
55869c8e46db57941ac383d6ebddc58e
b93e0dcdf32fc6a544a1b8494c708d614def461e
aa8036a3bd8115dddd4291b13091050f61b1032c1ae4dfd245071559809c2ec6

HTTP Headers

GET /dv2/14/7afb413d-536f-439c-bcca-ba53e24cda07.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://valuesportal.com
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:04 GMT
content-type: application/octet-stream
content-length: 22780
x-amz-id-2: 4izxYZm4kMGoJwaLsFq65wyS0Gy6Yj8p8FmzG14Br7TFL/s0wDZJrbZ/lx3WcMryU6EoBIrAGyk=
x-amz-request-id: PB6GXA2YBGH0X14A
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 14 Nov 2020 01:25:54 GMT
etag: "55869c8e46db57941ac383d6ebddc58e"
x-amz-meta-mtime: 1418698085
x-amz-version-id: null
cf-cache-status: HIT
age: 6098718
expires: Thu, 10 Oct 2024 03:00:04 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
set-cookie: __cf_bm=1JRorW4Zgxdpuli72zbLJGJi3yFD897RABn2pc1MCZE-1728442804-1.0.1.1-SDVq5KDPI3tpdf59GKKyHQfmw3ZQmV6j3fGrUrYxq5h3D_O59ov5iDDmEl8GnwfMLZKEvmaOuho5g0_tRgn5yg; path=/; expires=Wed, 09-Oct-24 03:30:04 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cfb1e45cbd8abe6-CPH
X-Firefox-Spdy: h2

api.adtraction.net/ptn/link/fallback/1453101420/476943523

13.53.50.32

315 B

URL
api.adtraction.net/ptn/link/fallback/1453101420/476943523
IP
13.53.50.32:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (315), with no line terminators
Size
315 B (315 bytes)
Hash
0829fb536c3a25f90fb1aab7d97d846c
1dcf5d232912532d1a51804d6b25cf2bccfe00e9
c1a18782b20177f88e00620039246eead6aea475670839d31b2f3d2c1777f833

HTTP Headers

GET /ptn/link/fallback/1453101420/476943523 HTTP/1.1
Host: api.adtraction.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://valuesportal.com
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
Content-Type: application/json
Content-Length: 315
Date: Wed, 09 Oct 2024 03:00:03 GMT
Connection: close

GET valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true

54.240.174.77

200 OK

5.5 kB

URL User Request GET HTTP/2
valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
IP
54.240.174.77:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectvaluesportal.com
Fingerprint36:1E:EE:65:2E:D8:C2:3F:38:51:EF:09:62:11:A7:02:25:45:2B:FE
ValiditySat, 23 Dec 2023 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (5538), with no line terminators
Size
5.5 kB (5538 bytes)
Hash
f318003d430468ca25d988ae70e655d9
52e9c76ba4e0ff18b772320a76b1e518a5637b10
f137e6b0ec8a12371262b070253ee13c91ba96be2ed436e6456f2b2ccf065547

HTTP Headers

GET /?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true HTTP/1.1
Host: valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/?fallback=true&channelId=1453101420&programId=476943523&at_gd=E936FF1E98D8BFCF73B070FB637CEF60355066A8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 5538
date: Wed, 09 Oct 2024 03:00:05 GMT
last-modified: Wed, 14 Aug 2024 07:50:42 GMT
etag: "f318003d430468ca25d988ae70e655d9"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M35gLwh1Uzo-RY-0GIPFqE1iJeeLuVxxfdzVpHOBxWHWenOySmbdkg==
X-Firefox-Spdy: h2

GET valuesportal.com/static/css/main.e3177414.chunk.css

54.240.174.77

200 OK

7.8 kB

URL GET HTTP/2
valuesportal.com/static/css/main.e3177414.chunk.css
IP
54.240.174.77:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectvaluesportal.com
Fingerprint36:1E:EE:65:2E:D8:C2:3F:38:51:EF:09:62:11:A7:02:25:45:2B:FE
ValiditySat, 23 Dec 2023 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ASCII text, with very long lines (7721)
Size
7.8 kB (7773 bytes)
Hash
07032aca5d602dbe63913884f4daec6c
f63855f24c1ffeaefae56a6d0d85a02bebd0f568
3822a71c915e9e53822e7f6dde0efe2c43764ea736809de961f7e8a5a4fdc52d

HTTP Headers

GET /static/css/main.e3177414.chunk.css HTTP/1.1
Host: valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 7773
date: Tue, 08 Oct 2024 03:49:17 GMT
last-modified: Wed, 14 Aug 2024 07:50:42 GMT
etag: "07032aca5d602dbe63913884f4daec6c"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cEBWvHDdFrMa072M1-4KDIhswDoNj4S5XfYMt2_l4Uf6k4OKofRdyA==
age: 83448
X-Firefox-Spdy: h2

GET valuesportal.com/static/js/2.abce0daa.chunk.js

54.240.174.77

200 OK

357 kB

URL GET HTTP/2
valuesportal.com/static/js/2.abce0daa.chunk.js
IP
54.240.174.77:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectvaluesportal.com
Fingerprint36:1E:EE:65:2E:D8:C2:3F:38:51:EF:09:62:11:A7:02:25:45:2B:FE
ValiditySat, 23 Dec 2023 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65462)
Size
357 kB (356780 bytes)
Hash
5296ec55ccbb14d27aa6b18194d80b13
c8e8e56b30b39392bb7357cf0e6a773a9ce3c505
0924a634995e3542e108cf1c8683da65014bd8b7e2d2770461aed746d86f5d6a

HTTP Headers

GET /static/js/2.abce0daa.chunk.js HTTP/1.1
Host: valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
content-length: 356780
last-modified: Wed, 14 Aug 2024 07:50:42 GMT
server: AmazonS3
date: Wed, 09 Oct 2024 02:30:17 GMT
etag: "5296ec55ccbb14d27aa6b18194d80b13"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SgnKZdtRI1YV1EpnNo8vpJEmF4ibaPJzgmAZeOvD6durHZAzLPbbbg==
age: 3897
X-Firefox-Spdy: h2

GET valuesportal.com/static/js/main.d41238da.chunk.js

54.240.174.77

200 OK

26 kB

URL GET HTTP/2
valuesportal.com/static/js/main.d41238da.chunk.js
IP
54.240.174.77:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectvaluesportal.com
Fingerprint36:1E:EE:65:2E:D8:C2:3F:38:51:EF:09:62:11:A7:02:25:45:2B:FE
ValiditySat, 23 Dec 2023 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (25776)
Size
26 kB (25824 bytes)
Hash
23848636fbdf98182c6b5c43d196be53
98b74144d92495044ae8ab753681e0ffe1674ba1
e18d3151c68631cc63247bb65fc236f28487bae808c6d6bdf43541692691ab72

HTTP Headers

GET /static/js/main.d41238da.chunk.js HTTP/1.1
Host: valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
content-length: 25824
last-modified: Wed, 14 Aug 2024 07:50:42 GMT
server: AmazonS3
date: Wed, 09 Oct 2024 02:30:17 GMT
etag: "23848636fbdf98182c6b5c43d196be53"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -_psCFmJPNwRPUVnkowt_tO1dqbtRggHdfHVriWYiazCj0erUhWYQQ==
age: 5263
X-Firefox-Spdy: h2

GET fast.fonts.net/t/1.css?apiType=css&projectid=471ca280-8790-45a9-8ee0-00cc46dd75b5

104.16.40.28

200 OK

0 B

URL GET HTTP/2
fast.fonts.net/t/1.css?apiType=css&projectid=471ca280-8790-45a9-8ee0-00cc46dd75b5
IP
104.16.40.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subjectfonts.net
Fingerprint8E:60:D4:A0:26:37:FA:46:97:04:45:95:79:E4:F0:B9:09:83:E9:23
ValiditySat, 28 Sep 2024 08:32:23 GMT - Fri, 27 Dec 2024 08:32:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/1.css?apiType=css&projectid=471ca280-8790-45a9-8ee0-00cc46dd75b5 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/cssapi/471ca280-8790-45a9-8ee0-00cc46dd75b5.css
Cookie: __cf_bm=DBXdVLJCJR2seSLMsmXIf7AzRjyNlRzHEawNdZJnpIk-1728442803-1.0.1.1-hXwk4dxohruzKSchZ3uTQaBB5e2SjSiqJKEHtqV6hkF7A_wUZhQA1U6w4C38_fHzbm.F.O0fW2EzD_hBakOAng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:04 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: BYo+QwcfRRpKrq/h4R0JeSYj/s4X9dtNpqr4b/EKdkf7S+P3/+PFoINA6EgXOVkL9De1xAXVrCU=
x-amz-request-id: 2HYY8V56J7CSFG6F
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=1
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 5996099
expires: Wed, 09 Oct 2024 03:00:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cfb1e48bde3abe6-CPH
X-Firefox-Spdy: h2

104.16.40.28

200 OK

23 kB

URL GET HTTP/2
fast.fonts.net/dv2/14/7afb413d-536f-439c-bcca-ba53e24cda07.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5
IP
104.16.40.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subjectfonts.net
Fingerprint8E:60:D4:A0:26:37:FA:46:97:04:45:95:79:E4:F0:B9:09:83:E9:23
ValiditySat, 28 Sep 2024 08:32:23 GMT - Fri, 27 Dec 2024 08:32:22 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22780, version 1.655
Size
23 kB (22780 bytes)
Hash
55869c8e46db57941ac383d6ebddc58e
b93e0dcdf32fc6a544a1b8494c708d614def461e
aa8036a3bd8115dddd4291b13091050f61b1032c1ae4dfd245071559809c2ec6

HTTP Headers

GET /dv2/14/7afb413d-536f-439c-bcca-ba53e24cda07.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://valuesportal.com
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:04 GMT
content-type: application/octet-stream
content-length: 22780
x-amz-id-2: 4izxYZm4kMGoJwaLsFq65wyS0Gy6Yj8p8FmzG14Br7TFL/s0wDZJrbZ/lx3WcMryU6EoBIrAGyk=
x-amz-request-id: PB6GXA2YBGH0X14A
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 14 Nov 2020 01:25:54 GMT
etag: "55869c8e46db57941ac383d6ebddc58e"
x-amz-meta-mtime: 1418698085
x-amz-version-id: null
cf-cache-status: HIT
age: 6098718
expires: Thu, 10 Oct 2024 03:00:04 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
set-cookie: __cf_bm=7XcdKKvLvQsB09cUF4_KsvhXpatq1AEqJT9TPtiJ_bo-1728442804-1.0.1.1-RKoxcJwU9Fenc.CN8z3A6O51pYuYbQafk1kaIvBzA9CYVD8pf7cxPCXs1cNFt7qU3yCSdBHgrUmTj5ZfwF4vQA; path=/; expires=Wed, 09-Oct-24 03:30:04 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cfb1e493e37abe6-CPH
X-Firefox-Spdy: h2

GET fast.fonts.net/dv2/14/30a72170-8872-4260-8db3-dc070ad9d5ac.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5

104.16.40.28

200 OK

23 kB

URL GET HTTP/2
fast.fonts.net/dv2/14/30a72170-8872-4260-8db3-dc070ad9d5ac.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5
IP
104.16.40.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subjectfonts.net
Fingerprint8E:60:D4:A0:26:37:FA:46:97:04:45:95:79:E4:F0:B9:09:83:E9:23
ValiditySat, 28 Sep 2024 08:32:23 GMT - Fri, 27 Dec 2024 08:32:22 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22564, version 1.655
Size
23 kB (22564 bytes)
Hash
5ee09f611ba1f84b99da01c08651f3e7
6722e6d4fabde6befc1aad6682f3a2860b7d5444
c95cc14b29604ab5e35794a9c15d8eca8367269a3a0787659e526d8bac3d1bc3

HTTP Headers

GET /dv2/14/30a72170-8872-4260-8db3-dc070ad9d5ac.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://valuesportal.com
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:04 GMT
content-type: application/octet-stream
content-length: 22564
x-amz-id-2: UlYkF40OhRMrCzNW+WL+j1tuhAqSwwCS8mdH//qT4rb4gOswjyl5p0rbXcKOvkf0BckV1POURnk=
x-amz-request-id: ZRR7PM2RSDZJTWA5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 13 Nov 2020 02:20:33 GMT
etag: "5ee09f611ba1f84b99da01c08651f3e7"
x-amz-meta-mtime: 1418697637
x-amz-version-id: null
cf-cache-status: HIT
age: 6098718
expires: Thu, 10 Oct 2024 03:00:04 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
set-cookie: __cf_bm=Y_t1Wp2AshnRRtg64W.L81Fj8YcPV8KDTfYKYPHTGiU-1728442804-1.0.1.1-_bYyeUJelMxvnVdemfeRg2c.GtbM_I9OZznLe.TRiCq7N4uP9iHUYqiZd3ZP_6htOMcYFq3yx94dOohh9v9kzQ; path=/; expires=Wed, 09-Oct-24 03:30:04 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cfb1e499e74abe6-CPH
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x

142.250.74.168

200 OK

75 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (2565)
Size
75 kB (74591 bytes)
Hash
11d9cd9b0beb561e3e2a3f0bf2d658f1
dc6dc8e7c867844a80aeb5d0320559ef993f1742
d9256fe1d1894011de68c62b15b7841dee0e841592c5a748f5842dcf13844d6e

HTTP Headers

GET /gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Oct 2024 03:00:04 GMT
expires: Wed, 09 Oct 2024 03:00:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
server: Google Tag Manager
content-length: 74591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x

142.250.74.168

200 OK

75 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (2565)
Size
75 kB (74616 bytes)
Hash
9c14138f209ccdc5acb6732e83d80ed4
a4ca3e11feedba52c6bc97a17bdd066d0456a146
f2b977084db0e3847375263063bcd32cd645bc1e2a72cdb242e51355585a30c4

HTTP Headers

GET /gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Oct 2024 03:00:04 GMT
expires: Wed, 09 Oct 2024 03:00:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
server: Google Tag Manager
content-length: 74616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET api.adtraction.net/ptn/portal/eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q/sv?&fallback=true

13.53.50.32

200

5.7 kB

URL GET HTTP/1.1
api.adtraction.net/ptn/portal/eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q/sv?&fallback=true
IP
13.53.50.32:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerLet's Encrypt
Subjectadtraction.net
FingerprintF8:07:95:EE:CC:C2:2C:D6:95:36:BC:56:A3:14:9A:3C:34:05:FF:D3
ValidityThu, 12 Sep 2024 07:35:35 GMT - Wed, 11 Dec 2024 07:35:34 GMT

File type
JSON text data
Size
5.7 kB (5729 bytes)
Hash
e19f7ec556601a91c820f5ab8b1e65bf
443b2cccfeb25646c0d9f9ee1c2430fc91e71997
140d0d5b85ba88130a5babaa7814aee320fb19fc9df163729934f1499e2f757a

HTTP Headers

GET /ptn/portal/eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q/sv?&fallback=true HTTP/1.1
Host: api.adtraction.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://valuesportal.com
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=60560EA2A01BA70A17CAD7D8DBEC773C; Path=/; Secure; HttpOnly
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
Content-Type: application/json
Transfer-Encoding: chunked
Date: Wed, 09 Oct 2024 03:00:04 GMT
Connection: close

GET fast.fonts.net/dv2/14/d50cd608-e926-4d34-8f6c-f26e9daebc97.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5

104.16.40.28

200 OK

23 kB

URL GET HTTP/2
fast.fonts.net/dv2/14/d50cd608-e926-4d34-8f6c-f26e9daebc97.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5
IP
104.16.40.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subjectfonts.net
Fingerprint8E:60:D4:A0:26:37:FA:46:97:04:45:95:79:E4:F0:B9:09:83:E9:23
ValiditySat, 28 Sep 2024 08:32:23 GMT - Fri, 27 Dec 2024 08:32:22 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22744, version 1.655
Size
23 kB (22744 bytes)
Hash
58e7accf24a11bb6d2334e4865f1bc20
3990f7645a182ef62f3ae7e92cdf124452f15e63
717b560dcafb133d868ff5db064f89953323cc7d88dd5fd000a7228a667a832a

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

HTTP Headers

GET /dv2/14/d50cd608-e926-4d34-8f6c-f26e9daebc97.woff2?d44f19a684109620e484157ba590e8185be0d7df7f2067549bc507cfb10c00cc7757d298bbcc1ed5e3f0f7a809cb9d8a069dc1a24127111df187494d6df9b51e899a005461c59b34f45ba5f320dfcb1482fbb3f893fed27b7c5a42992ab71e4fc3e47ca65858de48636188c26edf9fbd996d7b17e3c3c229b205&projectId=471ca280-8790-45a9-8ee0-00cc46dd75b5 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://valuesportal.com
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:05 GMT
content-type: application/octet-stream
content-length: 22744
x-amz-id-2: uAa/Garw0ZijMpVAnIWHGTgUN0DzbT9yNuX8HS9B7Iczl6oD7kf+V+4lAj4BdD65Jo8B9s0O2ok=
x-amz-request-id: F3VMJ64Q3BVPX8DB
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 14 Nov 2020 20:18:06 GMT
etag: "58e7accf24a11bb6d2334e4865f1bc20"
x-amz-meta-mtime: 1418700764
x-amz-version-id: null
cf-cache-status: HIT
age: 6102775
expires: Thu, 10 Oct 2024 03:00:05 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
set-cookie: __cf_bm=Fb06579qHSSg4_zJeFzyh8DgR3Sr7apXOjP2oj1iiO0-1728442805-1.0.1.1-R3vnJFQZkoVHK52w8qkwKM6Tj47aKBSEIf3WK1N1dIt86F1zC1.f6k1ZGAO4Wq16nB_PLGRoDLDdf6oFHKabTA; path=/; expires=Wed, 09-Oct-24 03:30:05 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cfb1e4c8ff9abe6-CPH
X-Firefox-Spdy: h2

GET images.bubbleroom.no/data/pagewidget/2720w/d-branding-6_4.jpg

104.26.3.170

200 OK

410 kB

URL GET HTTP/2
images.bubbleroom.no/data/pagewidget/2720w/d-branding-6_4.jpg
IP
104.26.3.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subjectbubbleroom.no
FingerprintE4:47:2F:87:5E:A7:C1:EF:AD:05:C2:F4:4E:7D:D6:20:B2:9C:BB:6B
ValidityMon, 09 Sep 2024 21:44:38 GMT - Sun, 08 Dec 2024 21:44:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 2720x1442, Scaling: [none]x[none], YUV color, decoders should clamp
Size
410 kB (410152 bytes)
Hash
7ebeb17b8bb54179c37e87dd9ec778a4
7d2ea234f86db443e629703c402db0fc9bc39c8f
b41f1ce71b77f1777954105c42c47f22370f233514a9f819a98674847a5ef8d9

HTTP Headers

GET /data/pagewidget/2720w/d-branding-6_4.jpg HTTP/1.1
Host: images.bubbleroom.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:05 GMT
content-type: image/webp
content-length: 410152
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=1145797
content-disposition: inline; filename="d-branding-6_4.webp"
vary: Accept
etag: "de4970a37a95da1:0"
last-modified: Tue, 23 Apr 2024 12:34:52 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 1055797
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fY3W5D0mKgfF8f8C1zPTBGaDN1XqNaPD%2FRjeOolNUyPj9noSHHQ7xKpzkKF0eUvLfd3Q8gI08wDs5ER0M9vnWTEhLJRpWckxz2naAH4rX1ff0rXdDIRoDgtgYafVsVXNaKStHtZq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
permissions-policy: microphone 'none'; camera 'none'
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8cfb1e4ca98956bd-OSL
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x

142.250.74.168

200 OK

75 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (2565)
Size
75 kB (74592 bytes)
Hash
d0c5d07f2a70ac54f103638dd562180f
2690e22540d573f37bc9dac8d547638991f63409
7895a136d227bb090fb5631dd1b1d29bcb8ae702f72b45d503b565d84e5f93a8

HTTP Headers

GET /gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Oct 2024 03:00:05 GMT
expires: Wed, 09 Oct 2024 03:00:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
server: Google Tag Manager
content-length: 74592
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x

142.250.74.168

200 OK

75 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (2565)
Size
75 kB (74616 bytes)
Hash
1ae79b9e24da2d7cf3da1d66fddbac32
720522ede835f193cb95d473b0763095b9974c7d
aac1d72e2027f32d2c16833933b2e3357f6324acc322567c7c8c8d43d8f9d1d1

HTTP Headers

GET /gtm.js?id=GTM-KH5RQTF&gtm_auth=&gtm_preview=&gtm_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Oct 2024 03:00:05 GMT
expires: Wed, 09 Oct 2024 03:00:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
server: Google Tag Manager
content-length: 74616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.googletagmanager.com/gtag/js?id=G-FFXNYXD7GX&l=dataLayer&cx=c

142.250.74.168

200 OK

108 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-FFXNYXD7GX&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
108 kB (108138 bytes)
Hash
67dd7b51c8efc07a9d160776fb9c0cb4
c5b33f3e093ae390eee085d7e9706b4091e9a070
71f15a8cbc777dbcd12492d661b2225eb04714f6d630df216dad4c01ab399d6c

HTTP Headers

GET /gtag/js?id=G-FFXNYXD7GX&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Oct 2024 03:00:05 GMT
expires: Wed, 09 Oct 2024 03:00:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 108138
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET to.bjornborg.com/t/t?a=1616919455&as=1&t=1&tk=1

13.49.53.120

200

35 kB

URL GET HTTP/1.1
to.bjornborg.com/t/t?a=1616919455&as=1&t=1&tk=1
IP
13.49.53.120:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerLet's Encrypt
Subjectto.bjornborg.com
FingerprintAF:E1:B2:F6:17:8A:9E:C0:54:C6:40:A3:3E:43:92:2A:F4:D7:9A:F0
ValidityTue, 03 Sep 2024 07:33:23 GMT - Mon, 02 Dec 2024 07:33:22 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3
Size
35 kB (34953 bytes)
Hash
655f0c44b09e4cbd2b3e4eefd5625bf4
663bef50dda04c192d8da20da013e271d2b0459b
2bb54eab578f482e09b94f98c00c744ef4c86b0176bdc617f0ac0868b8b70953

HTTP Headers

GET /t/t?a=1616919455&as=1&t=1&tk=1 HTTP/1.1
Host: to.bjornborg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: no-cache
Access-Control-Allow-Origin: *
X-TraceId: eb9bc833-9cc0-48e1-b81e-a61381298a89
Content-Type: image/jpeg;charset=UTF-8
Transfer-Encoding: chunked
Date: Wed, 09 Oct 2024 03:00:04 GMT
Connection: close

GET cdn.valuesportal.com/image.htm?imgId=1126522824

143.204.55.38

200 OK

6.4 kB

URL GET HTTP/2
cdn.valuesportal.com/image.htm?imgId=1126522824
IP
143.204.55.38:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectcdn.valuesportal.com
Fingerprint09:82:3C:18:ED:8F:4D:9A:20:F8:CC:B7:E5:9C:29:85:47:60:79:34
ValiditySun, 24 Dec 2023 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6357 bytes)
Hash
209046ff22a91eeec59226dac7ce111b
f3507c6d7be8da5343431e082391b8fb39d89e67
fd3338faf674f656ccc59e75e73b72232046940f9ad3dff35f5d8f15ef825162

HTTP Headers

GET /image.htm?imgId=1126522824 HTTP/1.1
Host: cdn.valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 6357
cache-control: no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
date: Wed, 09 Oct 2024 03:00:05 GMT
strict-transport-security: max-age=300; includeSubDomains;
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QsK0Z27BNQ9Xrlq0jZqJUF80ai3MOkEyjaIz4ODrPPG5M-jCzZWZgA==
X-Firefox-Spdy: h2

GET cdn.valuesportal.com/image.htm?imgId=1320212378

143.204.55.38

200 OK

13 kB

URL GET HTTP/2
cdn.valuesportal.com/image.htm?imgId=1320212378
IP
143.204.55.38:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectcdn.valuesportal.com
Fingerprint09:82:3C:18:ED:8F:4D:9A:20:F8:CC:B7:E5:9C:29:85:47:60:79:34
ValiditySun, 24 Dec 2023 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced
Size
13 kB (12642 bytes)
Hash
b8e269b3f7776d8e4a00d006031e3317
007594f17cb09d08bab535841b3427002afd09fe
6b88eb8ddb753e541748902647030d66156f083f5b03bee1681397d96264e691

HTTP Headers

GET /image.htm?imgId=1320212378 HTTP/1.1
Host: cdn.valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 12642
cache-control: no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
date: Wed, 09 Oct 2024 03:00:05 GMT
strict-transport-security: max-age=300; includeSubDomains;
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mTJtDffNR8fPWBHDd7M3uJU_z8h2GZZRe4Fjk0FRCaqsUB4JITYPgw==
X-Firefox-Spdy: h2

GET cdn.valuesportal.com/image.htm?imgId=1169381320

143.204.55.38

200 OK

14 kB

URL GET HTTP/2
cdn.valuesportal.com/image.htm?imgId=1169381320
IP
143.204.55.38:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectcdn.valuesportal.com
Fingerprint09:82:3C:18:ED:8F:4D:9A:20:F8:CC:B7:E5:9C:29:85:47:60:79:34
ValiditySun, 24 Dec 2023 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, interlaced
Size
14 kB (13641 bytes)
Hash
3e29f90d5dcd86c41b4a86ee5e48e557
40294b8d227a19601aef77df4989a3a4dd4dd7bd
bfa00e39a36ba43ef632ad71d07d7d5c2d7fa2516add608087db0477ec46b31a

HTTP Headers

GET /image.htm?imgId=1169381320 HTTP/1.1
Host: cdn.valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 13641
cache-control: no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
date: Wed, 09 Oct 2024 03:00:05 GMT
strict-transport-security: max-age=300; includeSubDomains;
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZrED_Y8_qhVha9zLHzCzZ7OL_OoUGsT5_lM2ES87QYqJt7WuIbTBZg==
X-Firefox-Spdy: h2

GET cdn.valuesportal.com/image.htm?imgId=1117786216

143.204.55.38

200 OK

4.9 kB

URL GET HTTP/2
cdn.valuesportal.com/image.htm?imgId=1117786216
IP
143.204.55.38:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectcdn.valuesportal.com
Fingerprint09:82:3C:18:ED:8F:4D:9A:20:F8:CC:B7:E5:9C:29:85:47:60:79:34
ValiditySun, 24 Dec 2023 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced
Size
4.9 kB (4921 bytes)
Hash
f2d858be686c852c95d4da1f5eed4cf0
af02a5a146a65110e5298ca54a34ae3108df03b9
172c14d0ac3d8664560f745af4bbed38db77d446c032d42a3da87b9bed3ce4b5

HTTP Headers

GET /image.htm?imgId=1117786216 HTTP/1.1
Host: cdn.valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 4921
cache-control: no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
date: Wed, 09 Oct 2024 03:00:05 GMT
strict-transport-security: max-age=300; includeSubDomains;
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VMl1LuyUM5E-4CUiXMT_iIizapEZwkM5Ev0CkLPM7Y-CELQeyvnvWg==
X-Firefox-Spdy: h2

GET cdn.valuesportal.com/image.htm?imgId=462891020

143.204.55.38

200 OK

5.3 kB

URL GET HTTP/2
cdn.valuesportal.com/image.htm?imgId=462891020
IP
143.204.55.38:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectcdn.valuesportal.com
Fingerprint09:82:3C:18:ED:8F:4D:9A:20:F8:CC:B7:E5:9C:29:85:47:60:79:34
ValiditySun, 24 Dec 2023 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced
Size
5.3 kB (5259 bytes)
Hash
3c7e0fdb99ec9ceba0b6c7ee8ca69d6a
a54a1287be654fcb16d462237ed00512fd8960b7
d93523fc73281e54c936b2df073f1654ad94990392ca8a75933a6be05084ccbb

HTTP Headers

GET /image.htm?imgId=462891020 HTTP/1.1
Host: cdn.valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 5259
cache-control: no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
date: Wed, 09 Oct 2024 03:00:05 GMT
strict-transport-security: max-age=300; includeSubDomains;
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jNvHbroqRuhmdFXSVk6SXYGdFksIl7TrcNLnwuq4EfWyk3GMbBDo7g==
X-Firefox-Spdy: h2

GET cdn.valuesportal.com/image.htm?imgId=1113974688

143.204.55.38

200 OK

10 kB

URL GET HTTP/2
cdn.valuesportal.com/image.htm?imgId=1113974688
IP
143.204.55.38:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectcdn.valuesportal.com
Fingerprint09:82:3C:18:ED:8F:4D:9A:20:F8:CC:B7:E5:9C:29:85:47:60:79:34
ValiditySun, 24 Dec 2023 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced
Size
10 kB (10513 bytes)
Hash
901ede546dbe0a39c67cf4f8637638fe
1227a04ff5dc6c74d6b8e9e5bec51bfc4779a3cc
8a080b005b966dc8cb68e16fd9ef14c38f200d82b626c23d5bdd4ae356668e92

HTTP Headers

GET /image.htm?imgId=1113974688 HTTP/1.1
Host: cdn.valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 10513
cache-control: no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
date: Wed, 09 Oct 2024 03:00:05 GMT
strict-transport-security: max-age=300; includeSubDomains;
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aNtnQcyn6Ae2DA1sjD153KEX2ZF6meWIeiDvvWYOLDSIBuK4DzADSg==
X-Firefox-Spdy: h2

GET external.adtraction.com/adtraction-plus/polarnpyret.jpg

3.126.121.212

200 OK

21 kB

URL GET HTTP/1.1
external.adtraction.com/adtraction-plus/polarnpyret.jpg
IP
3.126.121.212:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerLet's Encrypt
Subjectexternal.adtraction.com
Fingerprint9B:EA:49:83:7C:DD:71:F5:1E:1F:D3:20:C4:D0:2F:EF:46:29:CA:C9
ValidityWed, 25 Sep 2024 08:03:19 GMT - Tue, 24 Dec 2024 08:03:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2, software=Pixelmator Pro 3.5.6], baseline, precision 8, 500x315, components 3
Size
21 kB (21320 bytes)
Hash
c8df921127b51c97f5ef43272327f049
177a3af0711d2f4a5765884532296c1526635013
7af97fb0a0de28bad6860549922acc83297a842528e58c5ad3b9f2662a13d2b8

HTTP Headers

GET /adtraction-plus/polarnpyret.jpg HTTP/1.1
Host: external.adtraction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 09 Oct 2024 03:00:05 GMT
Server: Apache
Last-Modified: Thu, 22 Feb 2024 08:12:13 GMT
ETag: "5348-611f4003b8b0a"
Accept-Ranges: bytes
Content-Length: 21320
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

GET fast.fonts.net/cssapi/471ca280-8790-45a9-8ee0-00cc46dd75b5.css

104.16.40.28

200 OK

12 kB

URL GET HTTP/2
fast.fonts.net/cssapi/471ca280-8790-45a9-8ee0-00cc46dd75b5.css
IP
104.16.40.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subjectfonts.net
Fingerprint8E:60:D4:A0:26:37:FA:46:97:04:45:95:79:E4:F0:B9:09:83:E9:23
ValiditySat, 28 Sep 2024 08:32:23 GMT - Fri, 27 Dec 2024 08:32:22 GMT

File type
gzip compressed data, from Unix
Size
12 kB (11782 bytes)
Hash
581b805b117ca19fa5e7466b1d2a5b72
fcb42818d6481e488605a1021c9d1e7d37ff2274
f2deeea1819614aa84f4b807be53f2426eb30552e7abac93617997dbc432c881

HTTP Headers

GET /cssapi/471ca280-8790-45a9-8ee0-00cc46dd75b5.css HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Cookie: __cf_bm=DBXdVLJCJR2seSLMsmXIf7AzRjyNlRzHEawNdZJnpIk-1728442803-1.0.1.1-hXwk4dxohruzKSchZ3uTQaBB5e2SjSiqJKEHtqV6hkF7A_wUZhQA1U6w4C38_fHzbm.F.O0fW2EzD_hBakOAng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:04 GMT
content-type: text/css; charset=utf-8
x-amz-id-2: uXeXeSAABY2xVndw6fKmcHd4R7d8fgc0sacWHaDuIK2kHE1t3P0hCl6tVfx1Vb+o1YIsySQX768=
x-amz-request-id: S3ZE1Q295V7DKBCK
last-modified: Wed, 17 Feb 2021 00:33:13 GMT
etag: W/"e8006cf9860acddf78fa46e224f02f58"
x-amz-meta-mtime: 1601890193
x-amz-version-id: null
cf-cache-status: HIT
age: 6099550
expires: Wed, 09 Oct 2024 03:05:04 GMT
cache-control: public, max-age=300
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cfb1e481d8eabe6-CPH
content-encoding: gzip
X-Firefox-Spdy: h2

GET www.buttericks.se/media/Startsidan/Banners/nypuff-ballonger.jpg?color=189-197-218&width=300&height=565

104.21.1.24

200 OK

46 kB

URL GET HTTP/2
www.buttericks.se/media/Startsidan/Banners/nypuff-ballonger.jpg?color=189-197-218&width=300&height=565
IP
104.21.1.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerGoogle Trust Services
Subjectbuttericks.se
Fingerprint85:D4:5D:72:62:E1:54:6F:0F:36:A6:0F:11:B7:1B:E3:FF:23:E0:A9
ValidityMon, 30 Sep 2024 12:03:17 GMT - Sun, 29 Dec 2024 12:03:16 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.1 (Windows), datetime=2021:02:23 19:11:49], baseline, precision 8, 300x565, components 3
Size
46 kB (46055 bytes)
Hash
d84c2f19d1518a27ba371d266b5fc66e
b2d63c3a1ce7d23083144659936d63e2726efe70
e5a0e83f2c7923147c85b09fb642b5d612cdbd96d24b5877fdd7211081410cb9

HTTP Headers

GET /media/Startsidan/Banners/nypuff-ballonger.jpg?color=189-197-218&width=300&height=565 HTTP/1.1
Host: www.buttericks.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:05 GMT
content-type: image/jpeg
content-length: 46055
last-modified: Tue, 23 Feb 2021 18:29:38 GMT
etag: "60354992-b3e7"
expires: Fri, 13 Jun 2025 11:04:53 GMT
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 10166112
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QHtJmQaevqDWpts30MC7hPghxB0S4MzHKiiznRZUzTKU58mcgGgxZaQ01JMh4GPSXJql86ot%2BPQYDFQ1nZy3EGGZk2mqO5csrVjxnY2ZYLgMKhPeYUSK3zuyXxHistsi2rrFtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cfb1e4faeb70b06-OSL
X-Firefox-Spdy: h2

GET consent.cookiebot.com/uc.js?cbid=cd1b3576-b285-4ba1-b23f-5f46a28bca9a

23.36.79.153

200 OK

34 kB

URL GET HTTP/2
consent.cookiebot.com/uc.js?cbid=cd1b3576-b285-4ba1-b23f-5f46a28bca9a
IP
23.36.79.153:443
ASN
#20940 Akamai International B.V.

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerDigiCert Inc
Subjectconsent.cookiebot.com
Fingerprint9C:D0:2D:35:87:79:5D:86:02:35:BA:C6:AD:A9:15:00:B1:92:EF:03
ValidityWed, 28 Feb 2024 00:00:00 GMT - Thu, 27 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65499)
Size
34 kB (34532 bytes)
Hash
bdb6b82e438e56de836eef356b7d2656
a6b7c406e553f1ac3fed58e227e0f1bfbb9e697f
ae1062717e422bb6d61122c2b54684a66c27c71f7154d49e16be57aea3241be1

HTTP Headers

GET /uc.js?cbid=cd1b3576-b285-4ba1-b23f-5f46a28bca9a HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 07 Oct 2024 08:46:34 GMT
accept-ranges: bytes
etag: "2786a6a9518db1:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 34532
cache-control: public, max-age=163
expires: Wed, 09 Oct 2024 03:02:48 GMT
date: Wed, 09 Oct 2024 03:00:05 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2

GET external.adtraction.com/adtraction-plus/hudoteket.jpg

3.126.121.212

200 OK

85 kB

URL GET HTTP/1.1
external.adtraction.com/adtraction-plus/hudoteket.jpg
IP
3.126.121.212:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerLet's Encrypt
Subjectexternal.adtraction.com
Fingerprint9B:EA:49:83:7C:DD:71:F5:1E:1F:D3:20:C4:D0:2F:EF:46:29:CA:C9
ValidityWed, 25 Sep 2024 08:03:19 GMT - Tue, 24 Dec 2024 08:03:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, description=Sandra Melin, orientation=upper-left, xresolution=148, yresolution=156, resolutionunit=2, software=Pixelmator Pro 2.3.5, datetime=2020:05:03 18:32:24], baseline, precision 8, 500x334, components 3
Size
85 kB (84949 bytes)
Hash
ac7585febb815ac4d383912286563c3e
46b275aa9bc5de4ccc558839c6508f1ca368b628
8bb6e71550ba42b8c3e18fcbd54ed927648ac7acf125a25b6e3e7e7c69139214

HTTP Headers

GET /adtraction-plus/hudoteket.jpg HTTP/1.1
Host: external.adtraction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 09 Oct 2024 03:00:05 GMT
Server: Apache
Last-Modified: Mon, 14 Mar 2022 09:26:32 GMT
ETag: "14bd5-5da2a46a4dfd0"
Accept-Ranges: bytes
Content-Length: 84949
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

GET cdn.valuesportal.com/image.htm?imgId=1080267558

143.204.55.38

200 OK

12 kB

URL GET HTTP/2
cdn.valuesportal.com/image.htm?imgId=1080267558
IP
143.204.55.38:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectcdn.valuesportal.com
Fingerprint09:82:3C:18:ED:8F:4D:9A:20:F8:CC:B7:E5:9C:29:85:47:60:79:34
ValiditySun, 24 Dec 2023 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced
Size
12 kB (12363 bytes)
Hash
272137ac203cfd69f48f2d709dc85a80
cef4f7a719146d2e3c92e7632cafa6643a9474e3
3bc484901d907cdb2cf0e7ef1179da3d3ca00103f1a5aab56159c50cb1d07b8e

HTTP Headers

GET /image.htm?imgId=1080267558 HTTP/1.1
Host: cdn.valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 12363
cache-control: no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
date: Wed, 09 Oct 2024 03:00:05 GMT
strict-transport-security: max-age=300; includeSubDomains;
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BOGi6ibtKMDRgWs5EwWjEI9YrQwNwlD9bVZJT98MFX0tM_6EOfYPag==
X-Firefox-Spdy: h2

GET www.pierrerobert.se/on/demandware.static/-/Sites-Orkla-PRG-Library/default/dw8588eaa5/Banners/Category%20Banners/AW20/Jenny_Skavlan_Category_Banner_2-20_559x349.jpg

104.18.239.215

200 OK

218 kB

URL GET HTTP/2
www.pierrerobert.se/on/demandware.static/-/Sites-Orkla-PRG-Library/default/dw8588eaa5/Banners/Category%20Banners/AW20/Jenny_Skavlan_Category_Banner_2-20_559x349.jpg
IP
104.18.239.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerSectigo Limited
Subjectpierre-robert.com
FingerprintD1:C9:1C:37:D8:94:50:43:EB:15:79:65:B9:D4:EE:53:01:BC:2A:7F
ValidityTue, 21 Nov 2023 00:00:00 GMT - Wed, 20 Nov 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 559x349, components 3
Size
218 kB (217596 bytes)
Hash
4ebbd0ef1ce675efb04a6051c622494f
d31daa4e817dda9a020f4e6fda19467be8339f89
74f0c030ead9535cc8e79ac691249b333671f8becaf88d700a561e8fac16fae3

HTTP Headers

GET /on/demandware.static/-/Sites-Orkla-PRG-Library/default/dw8588eaa5/Banners/Category%20Banners/AW20/Jenny_Skavlan_Category_Banner_2-20_559x349.jpg HTTP/1.1
Host: www.pierrerobert.se
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:05 GMT
content-type: image/jpeg
content-length: 217596
cache-control: public, max-age=2592000
cf-bgj: h2pri
cross-origin-resource-policy: cross-origin
expires: Thu, 03 Oct 2024 07:27:01 GMT
last-modified: Tue, 25 Aug 2020 07:35:12 GMT
x-dw-request-base-id: ALNceOrrtGUBAAB_
cf-cache-status: HIT
age: 2373998
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cfb1e4fb99fb4fa-OSL
X-Firefox-Spdy: h2

GET external.adtraction.com/adtraction-plus/klockia.jpg

3.126.121.212

200 OK

130 kB

URL GET HTTP/1.1
external.adtraction.com/adtraction-plus/klockia.jpg
IP
3.126.121.212:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerLet's Encrypt
Subjectexternal.adtraction.com
Fingerprint9B:EA:49:83:7C:DD:71:F5:1E:1F:D3:20:C4:D0:2F:EF:46:29:CA:C9
ValidityWed, 25 Sep 2024 08:03:19 GMT - Tue, 24 Dec 2024 08:03:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Pixelmator 3.9, datetime=2020:10:02 14:10:80], baseline, precision 8, 952x415, components 3
Size
130 kB (130193 bytes)
Hash
96bd65f8017847f50cef9d50b648186f
0ce46f4ae55416d91f7f7da332ebc84f8bc7c3f0
268db2f3039c8da849da77e818e0e93c9ee196582db94c2cc72759d272a49b23

HTTP Headers

GET /adtraction-plus/klockia.jpg HTTP/1.1
Host: external.adtraction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 09 Oct 2024 03:00:05 GMT
Server: Apache
Last-Modified: Fri, 02 Oct 2020 12:40:41 GMT
ETag: "1fc91-5b0af70c43030"
Accept-Ranges: bytes
Content-Length: 130193
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

GET dialogtrail-prod.s3-eu-west-1.amazonaws.com/popup/lyko/lyko-behandling.jpg

52.218.62.48

200 OK

78 kB

URL GET HTTP/1.1
dialogtrail-prod.s3-eu-west-1.amazonaws.com/popup/lyko/lyko-behandling.jpg
IP
52.218.62.48:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint9D:EA:18:26:21:70:A9:EF:1D:A9:F2:E2:AA:B8:71:81:D1:96:1C:DB
ValiditySat, 22 Jun 2024 00:00:00 GMT - Wed, 28 May 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x670, components 3
Size
78 kB (77500 bytes)
Hash
d66000aecd0aae21f2682a8a3e993a08
5ee48f00f9e2fbe7b4abb18ad94fe3f7fab9353f
b6442d5311cc82851c2cb041e43ee6c6855f94e1a63a39ec7e55f4bcd07bb5ef

HTTP Headers

GET /popup/lyko/lyko-behandling.jpg HTTP/1.1
Host: dialogtrail-prod.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 3MYokNlo3KanevJXb57S9ZfpUfZCv7Ag+HSfS7255IWU494G2gSZWLcj+Bn4O0XHe0t31CPdjlY=
x-amz-request-id: ZHDH0YD1C42NWAKW
Date: Wed, 09 Oct 2024 03:00:06 GMT
Last-Modified: Wed, 11 Dec 2019 13:41:19 GMT
ETag: "d66000aecd0aae21f2682a8a3e993a08"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 77500

GET consentcdn.cookiebot.com/sdk/bc-v4.min.html

2.20.163.160

200 OK

392 B

URL GET HTTP/2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP
2.20.163.160:443
ASN
#16625 AKAMAI-AS

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerDigiCert Inc
Subject*.cookiebot.com
FingerprintC5:D6:6A:4A:59:31:39:1F:61:62:EE:67:A5:86:C9:58:0D:82:69:6B
ValidityMon, 26 Feb 2024 00:00:00 GMT - Wed, 26 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (627), with no line terminators
Size
392 B (392 bytes)
Hash
3d08665fa4c7bcf9fa2dcbbc7efe1d0f
ba57ecee011a4b99d4bb56707325c8e4d0fb8a2b
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

HTTP Headers

GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Thu, 09 Oct 2025 03:00:06 GMT
date: Wed, 09 Oct 2024 03:00:06 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728442806118_388255494_213200476_17_610_2_9_21";dur=1
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2

GET consent.cookiebot.com/cd1b3576-b285-4ba1-b23f-5f46a28bca9a/cc.js?renew=false&referer=valuesportal.com&dnt=true&init=false

23.36.79.153

200 OK

85 kB

URL GET HTTP/2
consent.cookiebot.com/cd1b3576-b285-4ba1-b23f-5f46a28bca9a/cc.js?renew=false&referer=valuesportal.com&dnt=true&init=false
IP
23.36.79.153:443
ASN
#20940 Akamai International B.V.

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerDigiCert Inc
Subjectconsent.cookiebot.com
Fingerprint9C:D0:2D:35:87:79:5D:86:02:35:BA:C6:AD:A9:15:00:B1:92:EF:03
ValidityWed, 28 Feb 2024 00:00:00 GMT - Thu, 27 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65499)
Size
85 kB (85432 bytes)
Hash
faf46b6ceb9108ef1c20be020b34840d
09d07f01cee6bed343b226694d72b22021f3f445
187556983575603dc2d86d763f953f21974a849ddd90ea200b8f7e90701158ba

HTTP Headers

GET /cd1b3576-b285-4ba1-b23f-5f46a28bca9a/cc.js?renew=false&referer=valuesportal.com&dnt=true&init=false HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Wed, 09 Oct 2024 03:00:06 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 85432
date: Wed, 09 Oct 2024 03:00:06 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2

GET imgsct.cookiebot.com/1.gif?dgi=cd1b3576-b285-4ba1-b23f-5f46a28bca9a

2.20.163.160

200 OK

35 B

URL GET HTTP/2
imgsct.cookiebot.com/1.gif?dgi=cd1b3576-b285-4ba1-b23f-5f46a28bca9a
IP
2.20.163.160:443
ASN
#16625 AKAMAI-AS

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerDigiCert Inc
Subject*.cookiebot.com
FingerprintC5:D6:6A:4A:59:31:39:1F:61:62:EE:67:A5:86:C9:58:0D:82:69:6B
ValidityMon, 26 Feb 2024 00:00:00 GMT - Wed, 26 Feb 2025 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /1.gif?dgi=cd1b3576-b285-4ba1-b23f-5f46a28bca9a HTTP/1.1
Host: imgsct.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-goog-generation: 1698061172769999
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 35
access-control-allow-origin: *
access-control-expose-headers: *
x-guploader-uploadid: AHmUCY25yHb6aa_YxhEwzR7Hlh-a2cmOTKMzPfGbubgZxcJs0PHhibV5VIwGYLMImh1-bQlODbjR6J2WHQ
server: UploadServer
last-modified: Mon, 23 Oct 2023 11:39:32 GMT
etag: "c2196de8ba412c60c22ab491af7b1409"
content-type: image/gif
date: Wed, 09 Oct 2024 03:00:06 GMT
cache-control: public,max-age=1800
X-Firefox-Spdy: h2

GET widget.intercom.io/widget/dsoe5ay3

143.204.55.8

200 OK

2.7 kB

URL GET HTTP/2
widget.intercom.io/widget/dsoe5ay3
IP
143.204.55.8:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subject*.intercom.com
Fingerprint84:3F:75:36:86:5B:6C:03:88:CA:23:42:18:14:5B:D4:46:C7:9D:A3
ValidityMon, 15 Jan 2024 00:00:00 GMT - Tue, 11 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6697), with no line terminators
Size
2.7 kB (2666 bytes)
Hash
deabebbc37ae592eed2357fa0afb71ba
c44936ac1d5d6f5624eb8772fe1ae2b6238ad612
bd70b08fb30bb3b89373c8bca8bd9e400c3bf16f6d829096708214e2ca05ffcb

HTTP Headers

GET /widget/dsoe5ay3 HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 2666
last-modified: Tue, 08 Oct 2024 16:11:39 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 9SczRrLw9pZKn2kLEL9xT48AFP7jcd9Z
accept-ranges: bytes
server: AmazonS3
date: Wed, 09 Oct 2024 02:55:47 GMT
cache-control: max-age=300, s-maxage=300, public
etag: "ac8137b5ef3e97cba7c099250133eb80"
x-cache: Error from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: P0bty2B2lD9PTESET2-u3tpIGq75A3w6TZ72lBlW1FjXXY3V2GPrQw==
age: 259
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

GET js.intercomcdn.com/frame.85ab212b.js

54.240.174.93

200 OK

187 kB

URL GET HTTP/2
js.intercomcdn.com/frame.85ab212b.js
IP
54.240.174.93:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subject*.intercomcdn.com
FingerprintF0:2D:F5:73:71:5F:38:F6:2E:50:83:A3:D4:8A:21:C7:7B:AA:C2:D1
ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 29 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65464)
Size
187 kB (186744 bytes)
Hash
792700ab4e428e9952646bacfacd294a
13ffcc50d392ad86735b0ebcdf24173e320002b3
485672eee0e4eb9896709623fccef67cc64b4a33c9662d3a475c29f6647c9002

HTTP Headers

GET /frame.85ab212b.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 186744
last-modified: Tue, 08 Oct 2024 16:09:19 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 68P7QJQ22_i_Y23sZOaO0GIXMeJbQsvD
accept-ranges: bytes
server: AmazonS3
date: Wed, 09 Oct 2024 02:11:48 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "3dfe05e9b413c4a2bf17d8b0bb8e7e4c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AZ9qMi6N-lvE1_W6amR_CqnHW9e0U48k_jNCp2pJiNIpHOpZiP9sKQ==
age: 2905
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2

GET js.intercomcdn.com/vendor.c8c34991.js

54.240.174.93

200 OK

197 kB

URL GET HTTP/2
js.intercomcdn.com/vendor.c8c34991.js
IP
54.240.174.93:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subject*.intercomcdn.com
FingerprintF0:2D:F5:73:71:5F:38:F6:2E:50:83:A3:D4:8A:21:C7:7B:AA:C2:D1
ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 29 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65463)
Size
197 kB (196789 bytes)
Hash
fbaf82f8758d908018796213a4417422
6f024a0bb170510444df34e0874df48c7bf23eae
3321556de59f523813c0302863320f341100844e80cc6c1d76eed08562602c27

HTTP Headers

GET /vendor.c8c34991.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 196789
last-modified: Tue, 08 Oct 2024 13:28:56 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: eW4p5_YYJXjvOsy5EMBljsIWfDCmC88o
accept-ranges: bytes
server: AmazonS3
date: Wed, 09 Oct 2024 01:31:11 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "b4f6d9682d2e831b3c7910e842b0d185"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0rpiDZ7q5DvB2WasABSYi4y636LLDdbNk22o-YWzDwABv8TmFFwnjA==
age: 5336
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2

nexus-websocket-a.intercom.io/pubsub/5-6RXh_bsU83ujcuEABBGjrLX8uzaGHA80wGkgsnscfzilglTdKu2bZfiAXdhueBlGY5QgOHMvI9ZtVtZMuP3f2iCQWVhSrRFWrJCZ?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor

34.237.73.95

0 B

URL
nexus-websocket-a.intercom.io/pubsub/5-6RXh_bsU83ujcuEABBGjrLX8uzaGHA80wGkgsnscfzilglTdKu2bZfiAXdhueBlGY5QgOHMvI9ZtVtZMuP3f2iCQWVhSrRFWrJCZ?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor
IP
34.237.73.95:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pubsub/5-6RXh_bsU83ujcuEABBGjrLX8uzaGHA80wGkgsnscfzilglTdKu2bZfiAXdhueBlGY5QgOHMvI9ZtVtZMuP3f2iCQWVhSrRFWrJCZ?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://valuesportal.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RmZdBSzqvIouqgc0z6fiBA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 09 Oct 2024 03:00:07 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZOClni2NaqvU7MG4NByw+EsyYL8=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover

GET cdn.valuesportal.com/image.htm?imgId=1058395523

143.204.55.38

200 OK

11 kB

URL GET HTTP/2
cdn.valuesportal.com/image.htm?imgId=1058395523
IP
143.204.55.38:443
ASN
#16509 AMAZON-02

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subjectcdn.valuesportal.com
Fingerprint09:82:3C:18:ED:8F:4D:9A:20:F8:CC:B7:E5:9C:29:85:47:60:79:34
ValiditySun, 24 Dec 2023 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced
Size
11 kB (11221 bytes)
Hash
f02de0b89135933d66d162fc420bb65b
3ba75d09ee12e894e5dc23a07b1af5cea742f485
3495c44a634eeb430a627603c6fe7a7de83c63323a5f2ae0c6c181b1201ea9a8

HTTP Headers

GET /image.htm?imgId=1058395523 HTTP/1.1
Host: cdn.valuesportal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 11221
cache-control: no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
date: Wed, 09 Oct 2024 03:00:05 GMT
strict-transport-security: max-age=300; includeSubDomains;
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Q_TzV6ouGAoD_fJSPAyjSntYv1Bdoguz5PfQgdcmieiBuXrLGIunlQ==
X-Firefox-Spdy: h2

POST api-iam.intercom.io/messenger/web/ping

52.7.22.181

200 OK

4.2 kB

URL POST HTTP/2
api-iam.intercom.io/messenger/web/ping
IP
52.7.22.181:443
ASN
#14618 AMAZON-AES

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerAmazon
Subject*.intercom.com
Fingerprint84:3F:75:36:86:5B:6C:03:88:CA:23:42:18:14:5B:D4:46:C7:9D:A3
ValidityMon, 15 Jan 2024 00:00:00 GMT - Tue, 11 Feb 2025 23:59:59 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (4560), with no line terminators
Size
4.2 kB (4186 bytes)
Hash
0c2f9eb9bf6160659210ce67ed5633ba
057d62d1c77088a6406a5d51aa81875150d71bc6
29ce4917e76642c6c126eaac5ff0b2a3048c8b1154664b14c0d3006c5de1332f

HTTP Headers

POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 969
Origin: https://valuesportal.com
DNT: 1
Connection: keep-alive
Referer: https://valuesportal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 09 Oct 2024 03:00:07 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://valuesportal.com
vary: Accept,Accept-Encoding
strict-transport-security: max-age=31556952; includeSubDomains; preload
access-control-expose-headers: x-request-id
x-intercom-version: b6efb6f791f43a60c5baa2b3c7ecf7a5e6ca1ed1
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-queueing: 0
x-request-id: 000816dmf2a4bkath37g
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"b783a34bad465d606aad1ebe2dafc090"
x-runtime: 0.249452
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0c835f10b74d79629
X-Firefox-Spdy: h2

GET nexus-websocket-a.intercom.io/pubsub/5-6RXh_bsU83ujcuEABBGjrLX8uzaGHA80wGkgsnscfzilglTdKu2bZfiAXdhueBlGY5QgOHMvI9ZtVtZMuP3f2iCQWVhSrRFWrJCZ?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor

34.237.73.95

101 Switching Protocols

0 B

URL GET HTTP/1.1
nexus-websocket-a.intercom.io/pubsub/5-6RXh_bsU83ujcuEABBGjrLX8uzaGHA80wGkgsnscfzilglTdKu2bZfiAXdhueBlGY5QgOHMvI9ZtVtZMuP3f2iCQWVhSrRFWrJCZ?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor
IP
34.237.73.95:443
ASN
#14618 AMAZON-AES

Requested by
https://valuesportal.com/?jwt=eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3Mjg0NDI4MDQsImFpZCI6NDc2OTQzNTIxLCJjaWQiOjE0NTMxMDE0MjAsInN1YiI6IjQ3Njk0MzUyMS0xNDUzMTAxNDIwLWEyY2I3MGEzLTJjZmYtNDJhYS05OWY1LWU3OTQzNTMwYmIzZiJ9.Fsk91a-hSKM2vtHWP1hcLlYfeGAArO_POhx7fYR3CIW0yhYfzsIsUhEgQl7nWWcQE5eTvj0CUV2qB4pefNa15Q&lang=sv&fallback=true
Certificate
IssuerDigiCert Inc
Subject*.intercom.io
FingerprintF8:35:CA:A5:F3:9E:73:E6:1D:CF:FA:1D:AC:DF:79:C2:9B:B1:AA:75
ValidityTue, 30 Jul 2024 00:00:00 GMT - Sun, 09 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pubsub/5-6RXh_bsU83ujcuEABBGjrLX8uzaGHA80wGkgsnscfzilglTdKu2bZfiAXdhueBlGY5QgOHMvI9ZtVtZMuP3f2iCQWVhSrRFWrJCZ?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://valuesportal.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RmZdBSzqvIouqgc0z6fiBA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 09 Oct 2024 03:00:07 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZOClni2NaqvU7MG4NByw+EsyYL8=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash