Report - valeurximor.com/

Report Overview

Visited public
2025-07-20 12:31:23
Tags
Submit Tags
URL
valeurximor.com/
Finishing URL
valeurximor.com/
IP / ASN
91.236.116.114
#42237 w1n ltd
Title
Valeur Ximor | Official Website Platform

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-07-16	474 B	35 kB	104.17.25.14
valeurximor.com	unknown	2025-04-18	2025-07-20	2025-07-20	53 kB	1.5 MB	91.236.116.114
edgecdnplus.com	unknown	2025-05-08	2025-05-16	2025-07-15	2.6 kB	5.4 kB	172.67.151.211
ipinfo.io	8136	2013-04-23	2013-12-16	2025-07-18	464 B	1.2 kB	34.117.59.81
edgecdn.dev	unknown	2024-03-03	2024-03-03	2025-07-20	442 B	46 kB	104.21.64.1
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-07-16	2.9 kB	407 kB	151.101.129.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-07-20 12:31:02	medium	Client IP	34.117.59.81	ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-20	medium	valeurximor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (44)

	URL	From	Size	First Seen	Last Seen
	valeurximor.com/	ScriptElement	187 B	2025-04-08	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-08 10:05 Last Seen2025-07-24 22:45 Times Seen403 Hash e42775d6a903a6037e3096277eec4952 bda36e587d25b6ac664173c3f7c76bddb4545d0d ae62d9c1ad8c4505ee0c9f99af1f98025e135e7703faa0cc7959f10049d1b6ba Loading...

	valeurximor.com/frontend/assets/en/dist/js/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-07-25
Pretty URL valeurximor.com/frontend/assets/en/dist/js/jquery-3.1.1.min.js IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-25 02:14 Times Seen119273 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	valeurximor.com/	ScriptElement	177 B	2025-04-08	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-08 10:05 Last Seen2025-07-24 22:45 Times Seen402 Hash ac3cde2d85ed9ac8902a60f7c8f8d12f 682a3690ed88c99855e612c25ce450903812f788 d916279d790ecb70e94c50dd7695d2812dbf7a58b5b82a581a4f54fe10ba8c6d Loading...

	valeurximor.com/	ScriptElement	474 B	2024-12-15	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-15 07:55 Last Seen2025-07-24 22:45 Times Seen580 Hash 43cb7fdd8c6b65ac47a7744f384eb61f 411a7ae7ac03b98a9c74c0288a2217d0c872db19 1f15ca22a1520682c15afb82ad2fe5948e844527491a8ab9a7a25dba9f008117 Loading...

	valeurximor.com/	ScriptElement	557 B	2024-12-15	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-15 07:55 Last Seen2025-07-24 22:45 Times Seen519 Hash 12e6cebaa36f0e69ac1d943d22f5e817 f3e3bb39707c9519c873d47253771b1c10cc13fe 414f038e40be940c8ea174addb48a8efcdac5072c0bd05804f7b725e325826fc Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found	ScriptElement	358 B	2023-03-10	2025-07-24
Pretty URL edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found IP 172.67.151.211 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:04 Last Seen2025-07-24 07:20 Times Seen223 Hash 54ab5c4cfcfe16c2e795964de121a0d8 19556801cc6b68f0e11081a07c6781924bc0bc65 30625e824b8626a4aeac6ebcd2ea16de8353a851054e7d522edd590e7a531835 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	24 B	2024-01-18	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2024-01-18 17:45 Last Seen2025-07-24 07:20 Times Seen159 Hash f7f1a736e7980051c0dc70dfdb30d893 591c40af056c34c8b11ab6cd73b4bc27d32cd4c7 fb7fde9ecff6d2c948d1ccdb99d88f3cd76932ab9bd882d51efda57e5c42e7ee Loading...

	valeurximor.com/frontend/assets/da/dist/js/uikit.min.js	ScriptElement	147 kB	2025-04-08	2025-07-24
Pretty URL valeurximor.com/frontend/assets/da/dist/js/uikit.min.js IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-08 10:05 Last Seen2025-07-24 22:45 Times Seen402 Hash 749a2dd79038dfbb16587c3067fb9291 d1ab89b4fdace3c084baa45bc031ee29ca84a788 9523eead7091f1929fd1c309a8df06cf02821bc7ca282f5d086d5ca2cdc164e5 Loading...

	valeurximor.com/frontend/assets/en/dist/js/script1.js	ScriptElement	17 kB	2024-12-15	2025-07-24
Pretty URL valeurximor.com/frontend/assets/en/dist/js/script1.js IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-15 07:55 Last Seen2025-07-24 22:45 Times Seen541 Hash 3d0892d336959ffc3116f3c85ac1f1ca ba9dafbc2165b509325094c33f1ebe7458fe68be a82f48e366c855affe0c103158ae6b6d02923e633e95103bd196f2195790788e Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	32 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen226 Hash fc18881b410c7fbc489a5c9b48bd6b6f fe0dc2c1f2d8e5d1f22560c44dc58e9d0c1acce3 ebc7517bbff54923fbdc0e4f9047399b74926df3af9a997b9b648f113a1c5eb6 Loading...

	edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found	ScriptElement	358 B	2023-03-10	2025-07-24
Pretty URL edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found IP 172.67.151.211 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:04 Last Seen2025-07-24 07:20 Times Seen223 Hash 54ab5c4cfcfe16c2e795964de121a0d8 19556801cc6b68f0e11081a07c6781924bc0bc65 30625e824b8626a4aeac6ebcd2ea16de8353a851054e7d522edd590e7a531835 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	22 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen221 Hash b0d576ce037ba264ea41cd1ac5e4edfb f38c656bad1b9da60baef86935e2b481aa4b2736 95620a0dc4e136663344fec965f2fe9f02a324f008d52e48afc78ed388d08143 Loading...

	valeurximor.com/	ScriptElement	5.5 kB	2025-07-20	2025-07-20
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-20 12:31 Last Seen2025-07-20 12:31 Times Seen1 Hash fd41e7183d1b4714b063b87b9c22c5d8 c3a7192ce6ff6d6ffcce94b62091014f01753b3d e8fc221a615a160b45b705dc370c07d99dd1078eb803e127765193e7b1d6da7d Loading...

	ipinfo.io/?callback=jQuery31104506561141565284_1753014662111&_=1753014662112	ScriptElement	672 B	2025-07-20	2025-07-20
Pretty URL ipinfo.io/?callback=jQuery31104506561141565284_1753014662111&_=1753014662112 IP 34.117.59.81 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-20 12:31 Last Seen2025-07-20 12:31 Times Seen1 Hash a587817b7ce9203d01f022a5e9bae81e 8c2ac174be1e821689bc60ebcf3f505a8f96ae7a 2d62a382a7680cc20782773769ee3d67147868c4cd0cc57eda15b56f70f964be Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found	ScriptElement	358 B	2023-03-10	2025-07-24
Pretty URL edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found IP 172.67.151.211 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:04 Last Seen2025-07-24 07:20 Times Seen223 Hash 54ab5c4cfcfe16c2e795964de121a0d8 19556801cc6b68f0e11081a07c6781924bc0bc65 30625e824b8626a4aeac6ebcd2ea16de8353a851054e7d522edd590e7a531835 Loading...

	valeurximor.com/	ScriptElement	249 B	2025-05-28	2025-07-20
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 23:01 Last Seen2025-07-20 12:31 Times Seen127 Hash 832c24ef48a8f00880e229ebb4e1d0db ef2f6849ee4798e11514a93549d9bdfeb26f1f11 323b35ff38f5104f3b08c798fcca1e18aeedcda5acae2ddef22aa3ca502c1a88 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js	ScriptElement	31 kB	2024-11-14	2025-07-24
Pretty URL cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-14 19:07 Last Seen2025-07-24 22:45 Times Seen615 Hash 8d7c34c441a0c73f54b225cc51f30de1 f0b6bee317c54aa421626eac803f682cb1b06fe8 5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	EventHandler	16 B	2023-04-10	2025-07-25
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-07-25 03:54 Times Seen75712 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	valeurximor.com/frontend/assets/fi/dist/js/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-07-25
Pretty URL valeurximor.com/frontend/assets/fi/dist/js/jquery-3.1.1.min.js IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-25 02:14 Times Seen119273 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	valeurximor.com/frontend/assets/fi/dist/js/init.js	ScriptElement	428 B	2025-04-08	2025-07-24
Pretty URL valeurximor.com/frontend/assets/fi/dist/js/init.js IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-08 10:05 Last Seen2025-07-24 22:45 Times Seen402 Hash eee5b49553be731b922c810493fa5754 3deced4180a2efbfea993feea10e51cb5e0bea25 47f0c19b76743f5b058b894d36a80a6515b14a10beb58532fff557f0bbde0f17 Loading...

	cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/utils.js	ScriptElement	264 kB	2024-11-14	2025-07-24
Pretty URL cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/utils.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-14 19:07 Last Seen2025-07-24 22:45 Times Seen599 Hash be8412b24dc2374a8eb8c446774e2765 c98f7005e9dbd00ec118c3cc2370bf3bfe6cf8a6 8d6246375bc856c30649b3e800b02a22d913a7f03f08d92a7b2440824ff2ce9c Loading...

	valeurximor.com/frontend/assets/da/dist/js/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-07-25
Pretty URL valeurximor.com/frontend/assets/da/dist/js/jquery-3.1.1.min.js IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-25 02:14 Times Seen119273 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js	ScriptElement	31 kB	2024-11-14	2025-07-24
Pretty URL cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-14 19:07 Last Seen2025-07-24 22:45 Times Seen615 Hash 8d7c34c441a0c73f54b225cc51f30de1 f0b6bee317c54aa421626eac803f682cb1b06fe8 5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

	cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js	ScriptElement	31 kB	2024-11-14	2025-07-24
Pretty URL cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-14 19:07 Last Seen2025-07-24 22:45 Times Seen615 Hash 8d7c34c441a0c73f54b225cc51f30de1 f0b6bee317c54aa421626eac803f682cb1b06fe8 5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7 Loading...

	valeurximor.com/frontend/assets/fi/dist/js/uikit.min.js	ScriptElement	147 kB	2025-04-08	2025-07-24
Pretty URL valeurximor.com/frontend/assets/fi/dist/js/uikit.min.js IP 91.236.116.114 ASN #42237 w1n ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-08 10:05 Last Seen2025-07-24 22:45 Times Seen402 Hash 749a2dd79038dfbb16587c3067fb9291 d1ab89b4fdace3c084baa45bc031ee29ca84a788 9523eead7091f1929fd1c309a8df06cf02821bc7ca282f5d086d5ca2cdc164e5 Loading...

	edgecdn.dev/code?code=ae5ca3d848732ff2d678885daa16a3d8	ScriptElement	45 kB	2025-05-28	2025-07-20
Pretty URL edgecdn.dev/code?code=ae5ca3d848732ff2d678885daa16a3d8 IP 104.21.64.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-28 23:01 Last Seen2025-07-20 12:31 Times Seen127 Hash 7ae194cb1702f41ed21d0785c188970f f88c3fab09fd51473ee597cccf99b8a04b788d30 c1e2cffb9530ebc34ad28acbfa5b91eeadaa6eac190108831f9c4e213e2a623d Loading...

	valeurximor.com/	DomTimer	33 B	2023-04-21	2025-07-24
Pretty URL valeurximor.com/ IP 91.236.116.114 ASN #42237 w1n ltd Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-21 22:37 Last Seen2025-07-24 07:20 Times Seen227 Hash 95c98827425423295bdd20d2f2f7197e 9ef2634dd066a7a63bfbd516f7aafc74a7e3b725 c89f372d4f4dc5ac2d5a0f8d861df96914430b8016c2fc0a842c9fb2362ce4b8 Loading...

HTTP Transactions (58)

URL IP Response Size

GET valeurximor.com/frontend/assets/en/dist/flags/en.png

91.236.116.114

200 OK

1.8 kB

URL GET
valeurximor.com/frontend/assets/en/dist/flags/en.png
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1767 bytes)
Hash
ec7233b5c80e5db85f7733b2ec25203f
d4c36fff06dc7d920b10eb13b58ea9cd9321b430
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/en/dist/flags/en.png HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/png
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 1767
date: Sun, 20 Jul 2025 12:30:59 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/nl.svg

91.236.116.114

200 OK

355 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/nl.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
355 B (355 bytes)
Hash
1932756ac7767c2f33986237417d8731
84a604da4f8df24af728a73685c4cc2cad9de962
8ca8a2dc879e29edd00a08bffc8d825f67d0988e55538d52e43861bb3af22f83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/nl.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 211
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found

172.67.151.211

200 OK

358 B

URL GET
edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found
IP
172.67.151.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valeurximor.com/
Certificate
IssuerGoogle Trust Services
Subjectedgecdnplus.com
FingerprintDF:05:E9:36:F6:5E:33:92:CF:4E:9E:28:74:2E:0C:6C:E4:3E:A2:9F
ValidityMon, 07 Jul 2025 11:39:01 GMT - Sun, 05 Oct 2025 12:37:26 GMT

File type
ASCII text, with CRLF line terminators
Size
358 B (358 bytes)
Hash
54ab5c4cfcfe16c2e795964de121a0d8
19556801cc6b68f0e11081a07c6781924bc0bc65
30625e824b8626a4aeac6ebcd2ea16de8353a851054e7d522edd590e7a531835

HTTP Headers

GET /png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found HTTP/1.1
Host: edgecdnplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: PHPSESSID=75989003lsnnlafe58kfhfreht
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 20 Jul 2025 12:31:05 GMT
content-type: text/javascript;charset=UTF-8
content-length: 134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxoXU5M%2F0lW8XexKRNGyULHTAt5OWDAHp%2B%2BKZPTWprgZ0b2h4%2B7jQQ%2Fdj7%2FAjWKj%2BbjmbHyjIgqua%2BDWwFgDs3bvqWxX%2BZmTTyrFsj1ocJiqEWDkEPAtCb2I19Rqj%2Bu16BU%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Jul 2001 06:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="CAO PSA OUR"
last-modified: Sun, 20 Jul 2025 12:31:05 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 9622793bbd34b4fd-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8016&min_rtt=1312&rtt_var=8124&sent=57&recv=60&lost=0&retrans=0&sent_bytes=7536&recv_bytes=3936&delivery_rate=598374&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=18071&unsent_bytes=0&cid=8a899559b6992d9d&ts=2531&inflight_dur=56&x=40"

GET valeurximor.com/frontend/assets/fi/dist/flags/pl.svg

91.236.116.114

200 OK

310 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/pl.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
310 B (310 bytes)
Hash
73699780fe17013ad360d5441cba044d
3e37c78fdc79aada415a05c2275c0fdf9664f062
e03d57c0f7db7d4dc8eb6a2bc359f3a40591b490130bcfa06fba08d514fbdb07

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/pl.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 186
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/images/background-2.jpeg

91.236.116.114

200 OK

79 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/images/background-2.jpeg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1280x675, components 3
Size
79 kB (78592 bytes)
Hash
2a4552b1347988124cc84773c1c4d366
8f07060e12843f32dd3aa2b5f2039a44dc3a8d7e
3ccb544dc9333afd9463709c4b1bd20ff1d6873a98bf791e20bfe86a5a4d73c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/images/background-2.jpeg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/frontend/assets/fi/dist/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/jpeg
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 78592
date: Sun, 20 Jul 2025 12:31:00 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/images/stars.jpg

91.236.116.114

200 OK

6.0 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/images/stars.jpg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 115x21, components 3
Size
6.0 kB (6035 bytes)
Hash
5ef4c4c641d720352707829c91ee4f65
b3303a5978c705ace5a95b2b46469d88658ec5a3
3dadcd11ba2b9f4c335b4131fde40367edb9f9bae6387a38b33c4bd3282dcd9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/images/stars.jpg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/jpeg
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 6035
date: Sun, 20 Jul 2025 12:31:00 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/css/main.css

91.236.116.114

200 OK

18 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/css/main.css
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
ASCII text, with CRLF line terminators
Size
18 kB (17575 bytes)
Hash
445345b06c57adc6bebba237ea3a1987
f41c545e36936b041b4070f78aaa3035c375b7d9
b0799bf121afe10ac0f92f4263a15154d278313cb5dfbf6aea0bb8f44e75b970

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/css/main.css HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=2592000
expires: Tue, 19 Aug 2025 12:30:59 GMT
content-type: text/css
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3378
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/cs.svg

91.236.116.114

200 OK

374 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/cs.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
374 B (374 bytes)
Hash
0fe0a2e4225eee5dd8a3c73a5ab5a312
c930c1341640bee697cf50053721ddfd750dae2e
2a3a7fa3da584643cbac6234aa452705982f50454ed0a259d8c8cd6a9c2fa8c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/cs.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 215
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/hu.svg

91.236.116.114

200 OK

359 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/hu.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
359 B (359 bytes)
Hash
3621c5eb449691cbe1d3bc8757c831a1
e7e3674fe42359cc9a376e543d7548418071aea0
2c1380bd6fb1a88cabcae439eaf960d4dffa929a74cfe3d44f7552084fc1150b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/hu.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 213
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/fr.svg

91.236.116.114

200 OK

352 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/fr.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
352 B (352 bytes)
Hash
e9efcfc75d8fdee9370032dc72e78bcf
77d974568d91216054eee046c19c99f71cccb9be
a7d195ab974d9555702eede5af18287b5767efcea5fc6dadf529e114dc6fb568

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/fr.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 198
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/th.svg

91.236.116.114

200 OK

367 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/th.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
367 B (367 bytes)
Hash
756f64249f1f943e61bff54780b49cd8
e4beba68e98c966f57a6cca0e40915ba60500e23
cf1c5911962ac51db0ff4e36a6a91f5ff42c1ba40246ada4067b3b5a846f21b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/th.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 211
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/de.svg

91.236.116.114

200 OK

335 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/de.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
335 B (335 bytes)
Hash
51768606d83a265da9e7ee8efbb21edb
b22c5b98344da8d3ea54ecb9baab4c5a5a7ebdb4
8fcaa96d8835e39fa6a74ff4dc781d908112d46ceb8fb81ff37c433f390a4c8b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/de.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 196
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/no.svg

91.236.116.114

200 OK

424 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/no.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
424 B (424 bytes)
Hash
ebe2b7f4aefa3c8869fa9f0a402210bb
dc0ceab0f048a8c8ac97e3277f2ed237b974f005
7021694edfe47096e0aa9a5ea85a6851181f723ae3a8806779a8e01702325804

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/no.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 234
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/zh-TW.png

91.236.116.114

200 OK

870 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/zh-TW.png
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
870 B (870 bytes)
Hash
2a2b643bc15c7363c9e58e6b47d7de30
506ab44f76022397b3aa9682e8972d7944703d54
c63293f5412adc096b8e492e88b8d8edfca5367a491acdd9071ef8d31b4ba9a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/zh-TW.png HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/png
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 870
date: Sun, 20 Jul 2025 12:30:59 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET ipinfo.io/?callback=jQuery31104506561141565284_1753014662111&_=1753014662112

34.117.59.81

200 OK

672 B

URL GET
ipinfo.io/?callback=jQuery31104506561141565284_1753014662111&_=1753014662112
IP
34.117.59.81:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectipinfo.io
Fingerprint88:A4:4C:CB:13:BE:CA:B3:D3:96:C9:57:6A:11:AC:45:CA:0A:83:02
ValidityThu, 19 Jun 2025 04:48:58 GMT - Wed, 17 Sep 2025 04:48:57 GMT

File type
JavaScript source, ASCII text, with very long lines (391)
Size
672 B (672 bytes)
Hash
a587817b7ce9203d01f022a5e9bae81e
8c2ac174be1e821689bc60ebcf3f505a8f96ae7a
2d62a382a7680cc20782773769ee3d67147868c4cd0cc57eda15b56f70f964be

HTTP Headers

GET /?callback=jQuery31104506561141565284_1753014662111&_=1753014662112 HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: text/javascript; charset=utf-8
content-encoding: gzip
date: Sun, 20 Jul 2025 12:31:02 GMT
vary: accept-encoding
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found

172.67.151.211

200 OK

358 B

URL GET
edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found
IP
172.67.151.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valeurximor.com/
Certificate
IssuerGoogle Trust Services
Subjectedgecdnplus.com
FingerprintDF:05:E9:36:F6:5E:33:92:CF:4E:9E:28:74:2E:0C:6C:E4:3E:A2:9F
ValidityMon, 07 Jul 2025 11:39:01 GMT - Sun, 05 Oct 2025 12:37:26 GMT

File type
ASCII text, with CRLF line terminators
Size
358 B (358 bytes)
Hash
54ab5c4cfcfe16c2e795964de121a0d8
19556801cc6b68f0e11081a07c6781924bc0bc65
30625e824b8626a4aeac6ebcd2ea16de8353a851054e7d522edd590e7a531835

HTTP Headers

GET /png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found HTTP/1.1
Host: edgecdnplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: PHPSESSID=75989003lsnnlafe58kfhfreht
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 20 Jul 2025 12:31:20 GMT
content-type: text/javascript;charset=UTF-8
content-length: 134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKK%2FwDzImz6tAzWPNmTCaDtHdLEaG5coJJ6I7PwZ1vWarEmYvKO%2FmyPXhzfdtCT8jXTMC4d6ayRi%2FUlXih1WEbE%2FfhrUWGJFZmvwNbZ50yxQX6hPN8QKmVKuhbTOloJ9ukg%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Jul 2001 06:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="CAO PSA OUR"
last-modified: Sun, 20 Jul 2025 12:31:20 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 9622799a9b56b4fd-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6676&min_rtt=1312&rtt_var=6883&sent=61&recv=64&lost=0&retrans=0&sent_bytes=9505&recv_bytes=4686&delivery_rate=598374&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=19988&unsent_bytes=0&cid=8a899559b6992d9d&ts=17710&inflight_dur=100&x=40"

GET valeurximor.com/frontend/assets/en/dist/js/script1.js

91.236.116.114

200 OK

17 kB

URL GET
valeurximor.com/frontend/assets/en/dist/js/script1.js
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JavaScript source, ASCII text, with very long lines (3636), with CRLF line terminators
Size
17 kB (16817 bytes)
Hash
3d0892d336959ffc3116f3c85ac1f1ca
ba9dafbc2165b509325094c33f1ebe7458fe68be
a82f48e366c855affe0c103158ae6b6d02923e633e95103bd196f2195790788e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/en/dist/js/script1.js HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=2592000
expires: Tue, 19 Aug 2025 12:30:59 GMT
content-type: text/javascript
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5454
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/images/shape-02.png

91.236.116.114

200 OK

891 B

URL GET
valeurximor.com/frontend/assets/fi/dist/images/shape-02.png
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
PNG image data, 259 x 259, 8-bit/color RGBA, non-interlaced
Size
891 B (891 bytes)
Hash
27e04debb85a890c4257f4f2191ccd4e
09c62507cfbed0678cf5e35293277acf0511afec
f5d4b2a6e469f0fec42efb17c82bad92760ebc401fbc975ebbb30972a3e90981

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/images/shape-02.png HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/frontend/assets/fi/dist/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/png
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 891
date: Sun, 20 Jul 2025 12:31:00 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET edgecdn.dev/code?code=ae5ca3d848732ff2d678885daa16a3d8

104.21.64.1

200 OK

45 kB

URL GET
edgecdn.dev/code?code=ae5ca3d848732ff2d678885daa16a3d8
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valeurximor.com/
Certificate
IssuerGoogle Trust Services
Subjectedgecdn.dev
Fingerprint97:29:DD:A2:38:67:13:03:A2:7A:CE:9C:B1:08:E9:20:75:CA:15:E9
ValidityWed, 18 Jun 2025 19:23:42 GMT - Tue, 16 Sep 2025 20:21:59 GMT

File type
ASCII text, with very long lines (44493), with CRLF line terminators
Size
45 kB (45334 bytes)
Hash
7ae194cb1702f41ed21d0785c188970f
f88c3fab09fd51473ee597cccf99b8a04b788d30
c1e2cffb9530ebc34ad28acbfa5b91eeadaa6eac190108831f9c4e213e2a623d

HTTP Headers

GET /code?code=ae5ca3d848732ff2d678885daa16a3d8 HTTP/1.1
Host: edgecdn.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Jul 2025 12:31:02 GMT
content-type: text/javascript;charset=UTF-8
content-length: 10800
server: cloudflare
p3p: CP="CAO PSA OUR"
expires: Tue, 03 Jul 2001 06:00:00 GMT
pragma: no-cache
cache-control: max-age=3600, s-max-age=84600
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Sun, 20 Jul 2025 12:31:02 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=PAqFlSBRtNAJ2cvBLAt4w8yX%2FlzO0l6Xip6R2WJgpIjb7Yfv2rq1pUFMYoEgbwX2jucUVSvbxhEGCvWM0FBouMRB8FxJoUxXMQ%3D%3D"}]}
set-cookie: PHPSESSID=s68tn99kmaj05o793tjf35tfd6; SameSite=None; Secure; Path=/
cf-ray: 962279275c345696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/utils.js

151.101.129.229

200 OK

264 kB

URL GET
cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/utils.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://valeurximor.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
JavaScript source, ASCII text, with very long lines (1903)
Size
264 kB (264516 bytes)
Hash
be8412b24dc2374a8eb8c446774e2765
c98f7005e9dbd00ec118c3cc2370bf3bfe6cf8a6
8d6246375bc856c30649b3e800b02a22d913a7f03f08d92a7b2440824ff2ce9c

HTTP Headers

GET /npm/intl-tel-input@24.5.0/build/js/utils.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://valeurximor.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 56852
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 24.5.0
x-jsd-version-type: version
etag: W/"40944-yY9wBenb0A7BGMPMI3C/O/5s+KY"
content-encoding: br
accept-ranges: bytes
date: Sun, 20 Jul 2025 12:31:02 GMT
age: 1586379
x-served-by: cache-fra-etou8220148-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET valeurximor.com/frontend/assets/fi/dist/flags/it.svg

91.236.116.114

200 OK

352 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/it.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
352 B (352 bytes)
Hash
34ec214f5547e19d4e1fe9d0d638f9c7
7ef49fd31ffa7a0ea47e8ad0a2fa2121621baae5
ebdeb69d61fd3e3b429eafd9b45b51422b87348d932a7fbcd668975437650fdd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/it.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 203
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/jp.png

91.236.116.114

200 OK

2.1 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/jp.png
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2097 bytes)
Hash
87dbfa08b89e9df85053cef757bf0048
ae50d0d97740ad830542f3428fcb2f930340d6f6
4c5852bdf732560a0a7139e8c2e2c23bcca17dab055abf62c7eb25eb04dde6c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/jp.png HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/png
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 2097
date: Sun, 20 Jul 2025 12:30:59 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/pt.svg

91.236.116.114

200 OK

1.9 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/pt.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1912 bytes)
Hash
b0f66bd6beaac99c6e2f26c24305a1a2
afea1f64055e95d095cb738e07e7751036d3bfe6
a97c198d9404f1f1db3616ee0b26980087346fff121db3bb7f13540b90b56c96

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/pt.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 728
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js

151.101.129.229

200 OK

31 kB

URL GET
cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://valeurximor.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (30745)
Size
31 kB (31113 bytes)
Hash
8d7c34c441a0c73f54b225cc51f30de1
f0b6bee317c54aa421626eac803f682cb1b06fe8
5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7

HTTP Headers

GET /npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 24.5.0
x-jsd-version-type: version
etag: W/"7989-8La+4xfFSqQhYm6sgD9oLLGwb+g"
content-encoding: br
accept-ranges: bytes
date: Sun, 20 Jul 2025 12:31:01 GMT
age: 2265623
x-served-by: cache-fra-etou8220027-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10943
X-Firefox-Spdy: h2

GET edgecdnplus.com/gtr?sid=130252&ui=ffh3z1vbink&aid=100770&u=https%3A//valeurximor.com/&et=1&ti=Valeur%20Ximor%20%7C%20Official%20Website%20Platform&touchpoints=0&sh=1024&sw=1280&sc=24&wsh=1024&wsw=1280&p=&l=en-US&c=Linux%20x86_64&w3=0&ethe=0&cbas=0&phan=0&klay=0&glow=0&sola=0&bina=0&eqlw=0&tonp=0&mbox=0&trus=0&toke=0&meta=0&oper=0&coin=0&terr=0&xdef=0&math=0&tron=0&co98=0&clov=0&t=0&ja=1&fv=&MySearch=&uniqueid=&integrity=&ipname=&gdpr=2&Tag=&label=&iTag=&iPage=&utm_source=&src=&jv=0&ca=1&uidn=&hitc=&rev=&goal=&timing=1958&dm=valeurximor.com&v=0.4539303337623066

172.67.151.211

200 OK

53 B

URL GET
edgecdnplus.com/gtr?sid=130252&ui=ffh3z1vbink&aid=100770&u=https%3A//valeurximor.com/&et=1&ti=Valeur%20Ximor%20%7C%20Official%20Website%20Platform&touchpoints=0&sh=1024&sw=1280&sc=24&wsh=1024&wsw=1280&p=&l=en-US&c=Linux%20x86_64&w3=0&ethe=0&cbas=0&phan=0&klay=0&glow=0&sola=0&bina=0&eqlw=0&tonp=0&mbox=0&trus=0&toke=0&meta=0&oper=0&coin=0&terr=0&xdef=0&math=0&tron=0&co98=0&clov=0&t=0&ja=1&fv=&MySearch=&uniqueid=&integrity=&ipname=&gdpr=2&Tag=&label=&iTag=&iPage=&utm_source=&src=&jv=0&ca=1&uidn=&hitc=&rev=&goal=&timing=1958&dm=valeurximor.com&v=0.4539303337623066
IP
172.67.151.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valeurximor.com/
Certificate
IssuerGoogle Trust Services
Subjectedgecdnplus.com
FingerprintDF:05:E9:36:F6:5E:33:92:CF:4E:9E:28:74:2E:0C:6C:E4:3E:A2:9F
ValidityMon, 07 Jul 2025 11:39:01 GMT - Sun, 05 Oct 2025 12:37:26 GMT

File type
GIF image data, version 89a, 1 x 1
Size
53 B (53 bytes)
Hash
e057a31cda31311b4df0cbf41375d427
644577559b1b8119dc76001db073da00fdc4d460
e43694ab90a06a144b0eadda87a51b95b201e0e1620d21d8080c9f12eba0f032

HTTP Headers

GET /gtr?sid=130252&ui=ffh3z1vbink&aid=100770&u=https%3A//valeurximor.com/&et=1&ti=Valeur%20Ximor%20%7C%20Official%20Website%20Platform&touchpoints=0&sh=1024&sw=1280&sc=24&wsh=1024&wsw=1280&p=&l=en-US&c=Linux%20x86_64&w3=0&ethe=0&cbas=0&phan=0&klay=0&glow=0&sola=0&bina=0&eqlw=0&tonp=0&mbox=0&trus=0&toke=0&meta=0&oper=0&coin=0&terr=0&xdef=0&math=0&tron=0&co98=0&clov=0&t=0&ja=1&fv=&MySearch=&uniqueid=&integrity=&ipname=&gdpr=2&Tag=&label=&iTag=&iPage=&utm_source=&src=&jv=0&ca=1&uidn=&hitc=&rev=&goal=&timing=1958&dm=valeurximor.com&v=0.4539303337623066 HTTP/1.1
Host: edgecdnplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Jul 2025 12:31:03 GMT
content-type: image/gif
server: cloudflare
expires: Tue, 03 Jul 2001 06:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="CAO PSA OUR"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Sun, 20 Jul 2025 12:31:03 GMT
access-control-allow-origin: *
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YNSpeE%2F7Eo70VR7AidjEhg8jiQm8M9Az2bSiIKmMUTKQ74qGy4hwb2pt81jODgsbZArc1VuFBh7QJiwIlprQWNHYwOAdR9pvmc%2FWAa8%3D"}]}
set-cookie: PHPSESSID=75989003lsnnlafe58kfhfreht; SameSite=None; Secure; Path=/
cf-ray: 9622792b3b985688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET valeurximor.com/frontend/assets/fi/dist/flags/en.svg

91.236.116.114

200 OK

1.3 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/en.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1290 bytes)
Hash
a60a1cb88e021acfa9dae480687c55b4
0badf2ca702eb29df29786296160d68ec247af9d
c1fcc7d1f18d3597c793170b12cf568207e5d13ad0c2778fd165d33be41c05dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/en.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 532
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/js/jquery-3.1.1.min.js

91.236.116.114

200 OK

87 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/js/jquery-3.1.1.min.js
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JavaScript source, ASCII text, with very long lines (32030)
Size
87 kB (86709 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/js/jquery-3.1.1.min.js HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=2592000
expires: Tue, 19 Aug 2025 12:30:59 GMT
content-type: text/javascript
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 29460
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/images/background-4.jpeg

91.236.116.114

200 OK

147 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/images/background-4.jpeg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x830, components 3
Size
147 kB (146733 bytes)
Hash
637bb53e0883a7b9b3899420c445d0bb
d22c5faa6bb194d94252ae458f6a4345071fe591
388e2455e32207c5a800a9e99e5aebabdd0a3e6148e201b9b642ea0735b5b3cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/images/background-4.jpeg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/frontend/assets/fi/dist/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/jpeg
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 146733
date: Sun, 20 Jul 2025 12:31:00 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/images/cropped-Favicon-32x32.png

91.236.116.114

200 OK

609 B

URL GET
valeurximor.com/frontend/assets/fi/dist/images/cropped-Favicon-32x32.png
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
609 B (609 bytes)
Hash
f17b2d52496a7b6283c91478bcb1d51f
c497b97a94a45f2de7310d4722a10c6c54abfacc
06a0640bb63a5e1ffb8e6204b8bc4b267997a6a5c0834d2e54cdc5cfe5c2d3c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/images/cropped-Favicon-32x32.png HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D; sticky_lb_sess_id=ffh3z1vbink
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:01 GMT
content-type: image/png
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 609
date: Sun, 20 Jul 2025 12:31:01 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/sk.svg

91.236.116.114

200 OK

1.6 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/sk.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1637 bytes)
Hash
6ed3cf547a2f8579e45330fde3095537
dfc6023844bb5a110c3d9219c82dd326940ae055
c1b338efd99956c2ae0c62fcf559b2d956fa11f71751985d62c9942b061dad6a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/sk.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 739
date: Sun, 20 Jul 2025 12:31:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/sv.svg

91.236.116.114

200 OK

376 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/sv.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
376 B (376 bytes)
Hash
6d7b2e74f61e873c0fb690155956025e
b515a34c1884d45ef9a2b7f3ebdf731a0613e1c8
4a271da0e5fbcda6d2d15092d8a564e8ef3d36ad507215563ac2faa0e8833001

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/sv.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 224
date: Sun, 20 Jul 2025 12:31:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js

151.101.129.229

200 OK

31 kB

URL GET
cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://valeurximor.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (30745)
Size
31 kB (31113 bytes)
Hash
8d7c34c441a0c73f54b225cc51f30de1
f0b6bee317c54aa421626eac803f682cb1b06fe8
5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7

HTTP Headers

GET /npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 10943
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 24.5.0
x-jsd-version-type: version
etag: W/"7989-8La+4xfFSqQhYm6sgD9oLLGwb+g"
content-encoding: br
accept-ranges: bytes
date: Sun, 20 Jul 2025 12:31:02 GMT
age: 2265624
x-served-by: cache-fra-etou8220027-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET valeurximor.com/frontend/assets/fi/dist/flags/da.svg

91.236.116.114

200 OK

362 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/da.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
362 B (362 bytes)
Hash
c4d7abcf4c21c729ea9aab45faa1912a
6ecbf40cb392204b8c7af284352108b500111969
33815e73a3d07b3ae77cec1fdc77a285646e4e730136632f0ff5de6f8697c98c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/da.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 228
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/ro.svg

91.236.116.114

200 OK

352 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/ro.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
352 B (352 bytes)
Hash
b3459066e38308492a7ac98271d7b034
bdc08d8b6b3a4ab7eef55fb2b73028001f045581
3244688e345eb37de4069b23d32d91b59ecb2c28a14e38aaa4e02678f5d0bb7c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/ro.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 200
date: Sun, 20 Jul 2025 12:31:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/ko.png

91.236.116.114

200 OK

1.4 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/ko.png
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1361 bytes)
Hash
ed87e4c8a4dd16c9c3f8499a0aaa28bd
f818a0782047c159ed8e5cd041ad7f09e8fe52fb
eb59eb7dcf155a7b38c8f4c9db869ed942bf55a4457e3f4ff0791be4f2c736d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/ko.png HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/png
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 1361
date: Sun, 20 Jul 2025 12:30:59 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found

172.67.151.211

200 OK

358 B

URL GET
edgecdnplus.com/png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found
IP
172.67.151.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valeurximor.com/
Certificate
IssuerGoogle Trust Services
Subjectedgecdnplus.com
FingerprintDF:05:E9:36:F6:5E:33:92:CF:4E:9E:28:74:2E:0C:6C:E4:3E:A2:9F
ValidityMon, 07 Jul 2025 11:39:01 GMT - Sun, 05 Oct 2025 12:37:26 GMT

File type
ASCII text, with CRLF line terminators
Size
358 B (358 bytes)
Hash
54ab5c4cfcfe16c2e795964de121a0d8
19556801cc6b68f0e11081a07c6781924bc0bc65
30625e824b8626a4aeac6ebcd2ea16de8353a851054e7d522edd590e7a531835

HTTP Headers

GET /png?idle=0&aid=100770&sid=130252&temp_uid=ffh3z1vbink&lang=auto&bat=&aplg=not%20found HTTP/1.1
Host: edgecdnplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: PHPSESSID=75989003lsnnlafe58kfhfreht
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 20 Jul 2025 12:31:10 GMT
content-type: text/javascript;charset=UTF-8
content-length: 134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9cE%2BFlYddnzmPpN7NmWH4%2FnTPC4e1QdTovC9t8H6F67sJPyEV%2Bo1fcH%2BvugpLpG%2BzwByTuaOHRiH3OFj86oQyXqZ90wuk1wLcQOIY2P2gzDpIgkBVQtXgkV4mz9s2OzzItk%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 03 Jul 2001 06:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="CAO PSA OUR"
last-modified: Sun, 20 Jul 2025 12:31:10 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 9622795b9964b4fd-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7281&min_rtt=1312&rtt_var=7563&sent=59&recv=62&lost=0&retrans=0&sent_bytes=8543&recv_bytes=4311&delivery_rate=598374&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=19052&unsent_bytes=0&cid=8a899559b6992d9d&ts=7608&inflight_dur=78&x=40"

GET valeurximor.com/frontend/assets/fi/dist/flags/ru.svg

91.236.116.114

200 OK

355 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/ru.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
355 B (355 bytes)
Hash
42103243a1d4c3f2e823e99f3c00aaa4
1d95a227efb867c8b3dfa2902ea8a803f3fd3519
0a720bc83f72d17849bd213570ed808ae6b430fa5f3d50dc7fdb32413f7ade01

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/ru.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 210
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/tr.svg

91.236.116.114

200 OK

520 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/tr.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
520 B (520 bytes)
Hash
7af14a6fd5253f05724502662d478fac
df6f03167492046dd2f02e3e005e66201f80ceb9
f101fe5cf7c2fe25bb1d2c7efcacb8acb52c90561497576f2f16be8a5d628315

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/tr.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 280
date: Sun, 20 Jul 2025 12:31:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css

104.17.25.14

200 OK

34 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://valeurximor.com/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
ASCII text, with very long lines (33818), with no line terminators
Size
34 kB (33818 bytes)
Hash
79fb36dda0a235254c3e31bf00b57065
89eb6d6adc16de57dda315fb2b5602bfe5728ccf
623702bd791d4553ae7226c2f48e26052e359573eb59fa98d819e9b248593e7c

HTTP Headers

GET /ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 20 Jul 2025 12:31:01 GMT
content-type: text/css; charset=utf-8
content-length: 1466
cf-ray: 96227923abb756c3-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5d-841a"
last-modified: Mon, 04 May 2020 16:10:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 116069
expires: Fri, 10 Jul 2026 12:31:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FwPkcSjCJg94HsFoc8mh1T2bXsPshXeFX%2BSmV1%2BbNrHDG66B%2B60x8%2BD8P3XX6bt664N1XwXeb4AXaZaJlImd9KmaSwSzHO6rWdlhMfrREN%2BM8GOXGNB80z%2BsXUoP6VJsFOGZqJK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET valeurximor.com/

91.236.116.114

200 OK

70 kB

URL User Request GET
valeurximor.com/
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (752), with CRLF line terminators
Size
70 kB (70380 bytes)
Hash
ef3b0233d954a2bc38a93bc6c2f85130
52b6acbaa72537f9306bbd2cfe69e07b61f1516a
c561103aa92efaa6c294f32772b2a131e6522f613539a8560a465b09b1a3e316

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; expires=Sun, 20 Jul 2025 14:30:59 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D; expires=Sun, 20 Jul 2025 14:30:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 12311
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/images/004-e1718021172658.jpeg

91.236.116.114

200 OK

63 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/images/004-e1718021172658.jpeg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 755x666, components 3
Size
63 kB (63121 bytes)
Hash
d454c0dec7452f792b2398f48e5781e0
5ff0a516e3b79df6ce5c19176166dc3a736ff544
c380eb5e629c2f4f26e85db6adbe560ef3a940109e30fefc06437f68822bf536

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/images/004-e1718021172658.jpeg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/jpeg
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 63121
date: Sun, 20 Jul 2025 12:31:00 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/js/init.js

91.236.116.114

200 OK

428 B

URL GET
valeurximor.com/frontend/assets/fi/dist/js/init.js
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JavaScript source, ASCII text
Size
428 B (428 bytes)
Hash
eee5b49553be731b922c810493fa5754
3deced4180a2efbfea993feea10e51cb5e0bea25
47f0c19b76743f5b058b894d36a80a6515b14a10beb58532fff557f0bbde0f17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/js/init.js HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=2592000
expires: Tue, 19 Aug 2025 12:30:59 GMT
content-type: text/javascript
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 208
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js

151.101.129.229

200 OK

31 kB

URL GET
cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://valeurximor.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (30745)
Size
31 kB (31113 bytes)
Hash
8d7c34c441a0c73f54b225cc51f30de1
f0b6bee317c54aa421626eac803f682cb1b06fe8
5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7

HTTP Headers

GET /npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 10943
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 24.5.0
x-jsd-version-type: version
etag: W/"7989-8La+4xfFSqQhYm6sgD9oLLGwb+g"
content-encoding: br
accept-ranges: bytes
date: Sun, 20 Jul 2025 12:31:02 GMT
age: 2265624
x-served-by: cache-fra-etou8220027-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET valeurximor.com/frontend/assets/fi/dist/flags/es.svg

91.236.116.114

200 OK

714 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/es.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
SVG Scalable Vector Graphics image
Size
714 B (714 bytes)
Hash
82a1bb6b96ec71df6247971da6e35155
bb5be7dedff6612e4c8cb7c8019563c547238897
8fc508fdb3ef11a4e38f9123f1ae903962ca14841cefd7b98ed5550d50d2f1bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/es.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 351
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/hr.png

91.236.116.114

200 OK

982 B

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/hr.png
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
982 B (982 bytes)
Hash
41a7b90f600ed32eefb5e620a4f653fc
7a6ab7cfc55a1239de75e073430c9634d5c18746
63e36970eea32e52849d7b4d3a15d1da36be12ad3078df8c2b848aa7e9baa19b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/hr.png HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/png
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 982
date: Sun, 20 Jul 2025 12:30:59 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/js/uikit.min.js

91.236.116.114

200 OK

147 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/js/uikit.min.js
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
147 kB (146716 bytes)
Hash
749a2dd79038dfbb16587c3067fb9291
d1ab89b4fdace3c084baa45bc031ee29ca84a788
9523eead7091f1929fd1c309a8df06cf02821bc7ca282f5d086d5ca2cdc164e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/js/uikit.min.js HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=2592000
expires: Tue, 19 Aug 2025 12:30:59 GMT
content-type: text/javascript
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 48953
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/css/uikit.min.css

91.236.116.114

200 OK

271 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/css/uikit.min.css
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
271 kB (271195 bytes)
Hash
069dab2087cfe449dfab0443912c3427
8de1ba9ba591cccbdcc89e4a3b909ba94493a03f
14aad0bfb03b7a363818478e72ed1ae18a1f4e9ce89a4a4ffdc7e9c0b6e753ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/css/uikit.min.css HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=2592000
expires: Tue, 19 Aug 2025 12:30:59 GMT
content-type: text/css
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 28171
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/images/background-5.jpeg

91.236.116.114

200 OK

106 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/images/background-5.jpeg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x665, components 3
Size
106 kB (106073 bytes)
Hash
e25c00899aa5b1b8405e29563b32d057
26b794fe18b74f663c0b67cba9839779ca14b7c0
09ec5c19e3c258221a14db7cc27086b58aee6106c4252f444fe854d4b1a9f50c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/images/background-5.jpeg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/frontend/assets/fi/dist/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/jpeg
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 106073
date: Sun, 20 Jul 2025 12:31:00 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/img/flags.webp

151.101.129.229

200 OK

28 kB

URL GET
cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/img/flags.webp
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://valeurximor.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
RIFF (little-endian) data, Web/P image
Size
28 kB (28174 bytes)
Hash
4099564bc7b03997031ad1348e646601
f9cf49faabe5e3ea6fa50a500aabd47fef31e160
667642959de122c4b844afcae211c1c54c9166d262fb833beb63abc02ebd0dd4

HTTP Headers

GET /npm/intl-tel-input@24.5.0/build/img/flags.webp HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/css/intlTelInput.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 28174
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
x-jsd-version: 24.5.0
x-jsd-version-type: version
etag: W/"6e0e-+c9J+qvl4+pvpQpQCqvUf+8x4WA"
accept-ranges: bytes
age: 2796811
date: Sun, 20 Jul 2025 12:31:02 GMT
x-served-by: cache-fra-etou8220162-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/css/intlTelInput.css

151.101.129.229

200 OK

16 kB

URL GET
cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/css/intlTelInput.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://valeurximor.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
ASCII text
Size
16 kB (16444 bytes)
Hash
31cc7c1401a02ca75f8e903777df602a
401b20fd618f205c3baa1c00dab5eaa45cb4a0e5
04a435c7d3f367d9816544975c24deb53596f62f801d8a1f208d4e55cc7c4277

HTTP Headers

GET /npm/intl-tel-input@24.5.0/build/css/intlTelInput.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 24.5.0
x-jsd-version-type: version
etag: W/"403c-QBsg/WGPIFw7qhwA2rXqpFy0oOU"
content-encoding: br
accept-ranges: bytes
date: Sun, 20 Jul 2025 12:31:01 GMT
age: 4577023
x-served-by: cache-fra-eddf8230115-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2361
X-Firefox-Spdy: h2

GET valeurximor.com/frontend/assets/da/dist/js/jquery-3.1.1.min.js

91.236.116.114

200 OK

87 kB

URL GET
valeurximor.com/frontend/assets/da/dist/js/jquery-3.1.1.min.js
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JavaScript source, ASCII text, with very long lines (32030)
Size
87 kB (86709 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/da/dist/js/jquery-3.1.1.min.js HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=2592000
expires: Tue, 19 Aug 2025 12:30:59 GMT
content-type: text/javascript
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 29460
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/images/shape-01.png

91.236.116.114

200 OK

2.1 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/images/shape-01.png
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
PNG image data, 135 x 135, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2095 bytes)
Hash
97f200d647fc0084df2e5f2693808ab0
b89bbd2efa3d8420d003feddef25cdba90944013
9b2db7e9abe44409d5e2e26da4340428646b53007ccbc5019ebc7e1eb64182ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/images/shape-01.png HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/png
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 2095
date: Sun, 20 Jul 2025 12:31:00 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/da/dist/js/uikit.min.js

91.236.116.114

200 OK

147 kB

URL GET
valeurximor.com/frontend/assets/da/dist/js/uikit.min.js
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
147 kB (146716 bytes)
Hash
749a2dd79038dfbb16587c3067fb9291
d1ab89b4fdace3c084baa45bc031ee29ca84a788
9523eead7091f1929fd1c309a8df06cf02821bc7ca282f5d086d5ca2cdc164e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/da/dist/js/uikit.min.js HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=2592000
expires: Tue, 19 Aug 2025 12:30:59 GMT
content-type: text/javascript
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 48953
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/en/dist/js/jquery-3.1.1.min.js

91.236.116.114

200 OK

87 kB

URL GET
valeurximor.com/frontend/assets/en/dist/js/jquery-3.1.1.min.js
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JavaScript source, ASCII text, with very long lines (32030)
Size
87 kB (86709 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/en/dist/js/jquery-3.1.1.min.js HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=2592000
expires: Tue, 19 Aug 2025 12:30:59 GMT
content-type: text/javascript
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 29460
date: Sun, 20 Jul 2025 12:30:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/ar.png

91.236.116.114

200 OK

1.5 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/ar.png
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1480 bytes)
Hash
7fec8a94e0af73b8647803e1ff9887be
aca14e7523e0bff0a9399a0998b49387d636da9e
f093a618390e4ef10ee984262dd3334074536f565eb0ecf6cbd0939597073b3d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/ar.png HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/png
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 1480
date: Sun, 20 Jul 2025 12:30:59 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/flags/gr.png

91.236.116.114

200 OK

2.5 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/flags/gr.png
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2497 bytes)
Hash
cf260dad711263d6c68ab72aa9981d8e
4d2b6f9445e772bbf4e19a0b2e572dd7bf6adcc3
11185bdeb35fbb6e2f79d985eb534b6d727688dc9248a5258db365bfd10184ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/flags/gr.png HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:30:59 GMT
content-type: image/png
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 2497
date: Sun, 20 Jul 2025 12:30:59 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/dist/flags/fi.svg

91.236.116.114

404 Not Found

6.6 kB

URL GET
valeurximor.com/dist/flags/fi.svg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
HTML document, ASCII text, with very long lines (5391)
Size
6.6 kB (6603 bytes)
Hash
543ac81966d87ac815e08eb0e436d719
e35bb4e32ccf08c11a3935084b50660feb835350
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dist/flags/fi.svg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
keep-alive: timeout=5, max=100
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 1992
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 20 Jul 2025 12:31:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET valeurximor.com/frontend/assets/fi/dist/images/003.jpeg

91.236.116.114

200 OK

122 kB

URL GET
valeurximor.com/frontend/assets/fi/dist/images/003.jpeg
IP
91.236.116.114:443
ASN
#42237 w1n ltd

Requested by
https://valeurximor.com/
Certificate
IssuerLet's Encrypt
Subjectvaleurximor.com
Fingerprint5C:9D:CC:1E:12:7F:55:F5:B7:08:0D:5B:AE:D8:36:B0:C6:39:12:2B
ValidityTue, 17 Jun 2025 23:11:33 GMT - Mon, 15 Sep 2025 23:11:32 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1280x854, components 3
Size
122 kB (122335 bytes)
Hash
218c636203cd00338197ad66487eb7b2
749d287f9e373e6953a2de91536c770b96bff6df
6ce49eeb47f95816e46cc6c916dc0b10374fa7cec716cd3633043ae31c8a33bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/assets/fi/dist/images/003.jpeg HTTP/1.1
Host: valeurximor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://valeurximor.com/
Cookie: XSRF-TOKEN=eyJpdiI6IkJUTFBIK0l5NXpmVGlNZHJYYjR2bFE9PSIsInZhbHVlIjoib01wcUYrZm81YW1jRHI4UEcvZ215NWpoQmN4T2lJK3FSc004QUExWUZWWHFmcTRLUXQ4RHk3NzlRSWt4SDFIM1JyRlA3NU4wTGo5Zy8xNUlYcmd0d0JyTktmaHJWb2NZSlhId3pNeURsU3dpWTFwQkh6RWUwOFYxSVMxaTNHV0IiLCJtYWMiOiI0NWU4N2RlZWI1MTVjNWI2N2VmMzNiOGZiZDMzNmY2NzRhM2RjZTFmMWZhOGU3ZDU5MDU4MzVkOTM5MGFiZjU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZXNJT09keW9YRzBNR0g1YjVBUHc9PSIsInZhbHVlIjoiWDlZd2daNk5OY09zTUZGRHp2a2VGb2JmNHZOc3h3T3h3WHU0SnpWYjM3N1BHMVFsUWhDREttanpYdDJnbFFxL2RnL1gwK05ZRUR6Nit2M0lJdFB0TkIvQWxzNnpZb3BLcUR3STN3LzFSTy9EeUpOMC8xUzlwTmd4bDJrNXcvekEiLCJtYWMiOiI4ODk0ZWNkMDE4MTEyMzNkZTZjMGUwOTE4OGY0MWE2MzY2ZDgwYzQxMDdkMzFkODlkNjMzNzA4OWQzMWRiN2M2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Mon, 20 Jul 2026 12:31:00 GMT
content-type: image/jpeg
last-modified: Tue, 01 Apr 2025 23:19:14 GMT
accept-ranges: bytes
content-length: 122335
date: Sun, 20 Jul 2025 12:31:00 GMT
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML