www.greenvalleynaturalsolutions.com Open in urlscan Pro
104.26.5.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/linkzouakclik/lienskh.html#c39440ybcTT30283587KOPH8130RHx18552GcuT5402
Effective URL:
https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3...
Submission: On September 28 via api (September 28th 2021, 5:11:48 pm UTC) from BE — Scanned from DE

Summary HTTP 40 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 40 HTTP transactions. The main IP is 104.26.5.41, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.greenvalleynaturalsolutions.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time www.greenvalleynaturalsolutions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	142.250.181.240 142.250.181.240	15169 (GOOGLE) (GOOGLE)
1 2	188.246.230.30 188.246.230.30	49505 (SELECTEL) (SELECTEL)
1	107.172.12.219 107.172.12.219	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1 1	34.117.58.150 34.117.58.150	15169 (GOOGLE) (GOOGLE)
20	104.26.5.41 104.26.5.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
8	104.111.231.209 104.111.231.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
1	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
3	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
40	10

1 142.250.181.240 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f16.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.246.230.30 (Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

despacito.sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.172.12.219 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 107-172-12-219-host.colocrossing.com

cuttingedgeteh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.58.150 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 150.58.117.34.bc.googleusercontent.com

www.gvnsoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.26.5.41 (United States)

ASN13335 (CLOUDFLARENET, US)

www.greenvalleynaturalsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.231.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-231-209.deploy.static.akamaitechnologies.com

nsg.symantec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

cdn.limelightcrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	greenvalleynaturalsolutions.com www.greenvalleynaturalsolutions.com	573 KB
8	symantec.com nsg.symantec.com	31 KB
4	googleapis.com storage.googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
3	gstatic.com fonts.gstatic.com	81 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	sa.com 1 redirects despacito.sa.com	586 B
1	limelightcrm.com cdn.limelightcrm.com	6 KB
1	gvnsoffers.com 1 redirects www.gvnsoffers.com	456 B
1	cuttingedgeteh.com cuttingedgeteh.com	504 B
40	9

	Domain	Requested by
20	www.greenvalleynaturalsolutions.com	cuttingedgeteh.com www.greenvalleynaturalsolutions.com
8	nsg.symantec.com	www.greenvalleynaturalsolutions.com nsg.symantec.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.greenvalleynaturalsolutions.com www.google-analytics.com
2	fonts.googleapis.com	www.greenvalleynaturalsolutions.com
2	despacito.sa.com	1 redirects storage.googleapis.com
1	cdn.limelightcrm.com	www.greenvalleynaturalsolutions.com
1	ajax.googleapis.com	www.greenvalleynaturalsolutions.com
1	www.gvnsoffers.com	1 redirects
1	cuttingedgeteh.com	despacito.sa.com
1	storage.googleapis.com
40	11

This site contains links to these domains. Also see Links.

Domain
my.nortonshoppingguarantee.com
msphere.asm.org
academic.oup.com

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cuttingedgeteh.com R3	`2021-09-14` - `2021-12-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
nsg.symantec.com GeoTrust RSA CA 2018	`2020-02-17` - `2022-02-17`	2 years	crt.sh
*.limelightcrm.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Frame ID: 20B40D42B15973BEB1ED154752630C6C
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Comfort Pro

Page URL History Show full URLs

https://storage.googleapis.com/linkzouakclik/lienskh.html Page URL
http://despacito.sa.com/rd/c39440ybcTT30283587KOPH8130RHx18552GcuT5402 Page URL
http://despacito.sa.com/track/c39440ybcTT30283587KOPH8130RHx18552GcuT5402 HTTP 302
https://cuttingedgeteh.com/0/2/9845/b74c04431eb4fb8354db099efd8ff818/14/5402-39440/30283587-8130-18552 Page URL
https://www.gvnsoffers.com/RTN27/PS824/?sub1=350655&sub2=612522410 HTTP 302
https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

744 kB
Transfer

902 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://my.nortonshoppingguarantee.com/Web/Seal/VerifySeal.aspx?PublicToken=nimwBY7RyD2VV%2fPazDKC7p3G49Xf82dYh46KTaYPgw5fqdUItDccSDae9RIiQn6EHvVSgaovjrqakr9MDrXoqQ%3d%3d&MSPHASH=&G=1

Search URL Search Domain Scan URL

URL: https://msphere.asm.org/content/2/5/e00327-17
Title: https://msphere.asm.org/content/2/5/e00327-17

Search URL Search Domain Scan URL

URL: https://academic.oup.com/jn/article/137/4/1101/4664657
Title: https://academic.oup.com/jn/article/137/4/1101/4664657

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/linkzouakclik/lienskh.html Page URL
http://despacito.sa.com/rd/c39440ybcTT30283587KOPH8130RHx18552GcuT5402 Page URL
http://despacito.sa.com/track/c39440ybcTT30283587KOPH8130RHx18552GcuT5402 HTTP 302
https://cuttingedgeteh.com/0/2/9845/b74c04431eb4fb8354db099efd8ff818/14/5402-39440/30283587-8130-18552 Page URL
https://www.gvnsoffers.com/RTN27/PS824/?sub1=350655&sub2=612522410 HTTP 302
https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://despacito.sa.com/track/c39440ybcTT30283587KOPH8130RHx18552GcuT5402 HTTP 302
https://cuttingedgeteh.com/0/2/9845/b74c04431eb4fb8354db099efd8ff818/14/5402-39440/30283587-8130-18552

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 lienskh.html
storage.googleapis.com/linkzouakclik/ 251 B
853 B 82ms
26ms Document
text/html 142.250.181.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/linkzouakclik/lienskh.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.240 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f16.1e100.net
Software: UploadServer /
Resource Hash

Request headers

:method: GET
:authority: storage.googleapis.com
:scheme: https
:path: /linkzouakclik/lienskh.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-guploader-uploadid: ADPycdteUUNa7_pV9tPt6xvzoD2JYpB2zJFTmJQ9JQ5O5JoaGYmxB6Sg_csLf6hKlVfecJCZX0PbFzGj9TRijHhiZw9hzW2Z_Q
expires: Tue, 28 Sep 2021 17:14:24 GMT
date: Tue, 28 Sep 2021 16:14:24 GMT
last-modified: Sun, 18 Jul 2021 12:54:09 GMT
etag: "7d093228920071553201589043d124a4"
x-goog-generation: 1626612849675998
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 251
content-type: text/html
x-goog-hash: crc32c=cIvPAw== md5=fQkyKJIAcVUyAViQQ9EkpA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 251
server: UploadServer
age: 3435
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK c39440ybcTT30283587KOPH8130RHx18552GcuT5402
despacito.sa.com/rd/ 235 B
352 B 73ms
36ms Document
text/html 188.246.230.30
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: http://despacito.sa.com/rd/c39440ybcTT30283587KOPH8130RHx18552GcuT5402
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/linkzouakclik/lienskh.html
Protocol: HTTP/1.1
Server: 188.246.230.30 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: despacito.sa.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=utf-8
Date: Tue, 28 Sep 2021 17:11:39 GMT
Content-Length: 235

GET
H/1.1

200
OK

30283587-8130-18552
cuttingedgeteh.com/0/2/9845/b74c04431eb4fb8354db099efd8ff818/14/5402-39440/
Redirect Chain

http://despacito.sa.com/track/c39440ybcTT30283587KOPH8130RHx18552GcuT5402
https://cuttingedgeteh.com/0/2/9845/b74c04431eb4fb8354db099efd8ff818/14/5402-39440/30283587-8130-18552

129 B
504 B

859ms
523ms

Document
text/html

107.172.12.219
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://cuttingedgeteh.com/0/2/9845/b74c04431eb4fb8354db099efd8ff818/14/5402-39440/30283587-8130-18552
Requested by: Host: despacito.sa.com
URL: http://despacito.sa.com/rd/c39440ybcTT30283587KOPH8130RHx18552GcuT5402
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.172.12.219 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 107-172-12-219-host.colocrossing.com
Software: Apache /
Resource Hash

Request headers

Host: cuttingedgeteh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://despacito.sa.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://despacito.sa.com/rd/c39440ybcTT30283587KOPH8130RHx18552GcuT5402

Response headers

date: Tue, 28 Sep 2021 17:11:40 GMT
content-type: text/html; charset=UTF-8
server: Apache
set-cookie: uid3377=612522410-20210928131140-a2527708b50f743ac0f7ed22ffc9d8d2-; domain=; expires=Fri, 29-Oct-2021 16:11:40 GMT; path=/; SameSite=None; Secure
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding

Redirect headers

Content-Type: text/html; charset=utf-8
Location: https://cuttingedgeteh.com/0/2/9845/b74c04431eb4fb8354db099efd8ff818/14/5402-39440/30283587-8130-18552
Date: Tue, 28 Sep 2021 17:11:40 GMT
Content-Length: 125

GET
H2

200

Primary Request comfort-pro-a.php Show response
www.greenvalleynaturalsolutions.com/trial/CFP/
Redirect Chain

https://www.gvnsoffers.com/RTN27/PS824/?sub1=350655&sub2=612522410
https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow

68 KB
25 KB

456ms
400ms

Document
text/html

104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Requested by: Host: cuttingedgeteh.com
URL: https://cuttingedgeteh.com/0/2/9845/b74c04431eb4fb8354db099efd8ff818/14/5402-39440/30283587-8130-18552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a97719473eede7640638da94ecd3d319482c6ddfac16f6cc1eef86d78c7251

Request headers

:method: GET
:authority: www.greenvalleynaturalsolutions.com
:scheme: https
:path: /trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://cuttingedgeteh.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cuttingedgeteh.com/0/2/9845/b74c04431eb4fb8354db099efd8ff818/14/5402-39440/30283587-8130-18552

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: SC=UNCODED; expires=Thu, 28-Oct-2021 17:11:41 GMT; Max-Age=2592000; path=/; domain=.greenvalleynaturalsolutions.com CC=CPRO; expires=Thu, 28-Oct-2021 17:11:41 GMT; Max-Age=2592000; path=/; domain=.greenvalleynaturalsolutions.com
vary: Accept-Encoding,User-Agent
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vlfs6bU3XYRA6uk9eAi1VjXYiOqDIep30YWkuCsEaqmVqaI8XUfWkB3i9gwAZ4pIqYErZ1P2J%2BCTrlAgtNRqafytJ6Brkhx%2Fhcsi56%2FMJsRMMWHmIaVVkBVb%2Ftx1tbCzuXgxhLCI79BFhHa5q7JOubgHdQM0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 695e97a32951ce27-LHR
content-encoding: br

Redirect headers

server: nginx
date: Tue, 28 Sep 2021 17:11:41 GMT
content-type: text/html; charset=utf-8
content-length: 203
location: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
set-cookie: uniqueClick_PS824=b114af80-c30d-4645-9b1b-81130e7c8ea7:1632849101; Path=/; Expires=Thu, 30 Sep 2021 17:11:41 GMT; Secure; SameSite=None transaction_id=f1abdcadb0dd452782c71fd45e9466fe; Path=/; Expires=Mon, 27 Dec 2021 17:11:41 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 00cea75e-a2fd-4f74-8185-f3ba28aa2b59
via: 1.1 google
alt-svc: clear

GET
H2 200 app2.css
www.greenvalleynaturalsolutions.com/trial/CFP/assets/css/ 11 KB
3 KB 358ms
355ms Stylesheet
text/css 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/css/app2.css?cb=1384377323
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fee0487ba4099bb6e291e33bb0ddae777ec355785d5ac41bc8f4f717861008cc

Request headers

:path: /trial/CFP/assets/css/app2.css?cb=1384377323
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 10 May 2021 14:46:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrwXKJbxqBpi9cXmA7NSDalQtMKQ5ymIkJIyJ1nnvSSVFHxxFZRAoryiU554BudedeR1QiLRx%2B549m6BvLrlfRLNBe%2Bw0b2k6bNZ58GkFyemi3EFcylOoqF3Y0V5GpaTxH6%2FmmV8iPjZCCkfKNo1tERKmZHq"}],"group":"cf-nel","max_age":604800}
content-language: en-us
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 695e97a5dbbfce27-LHR
expires: Wed, 28 Sep 2022 17:11:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
897 B 88ms
33ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900,400,700

Requested by

Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

c41d685a2cd44db5c83be7ec5c47745b7f969f26c44c72a052c447656c920043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 17:11:41 GMT
server: ESF
date: Tue, 28 Sep 2021 17:11:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Sep 2021 17:11:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
608 B 92ms
37ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

73dc95375c0c18cc78101f90219d8d2b0089fe2c9ff4bbeef1618a9ef4c57b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 16:54:42 GMT
server: ESF
date: Tue, 28 Sep 2021 17:11:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Sep 2021 17:11:41 GMT

GET
H2 200 float-button.png
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 2 KB
2 KB 25ms
22ms Image
image/png 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/float-button.png
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f9587b74aea027009141a90ef18fda9531a0c145dfa1c07b2c3fa25ba8bba57

Request headers

:path: /trial/CFP/assets/images/float-button.png
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Jan 2021 14:24:13 GMT
server: cloudflare
age: 1112338
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BLs1iP%2Fz%2BFgUhXRRLRAiYwfuzyHPO8NIKFjr51%2F41jvoDuV%2FN%2FieOj5mwRny1AhYxg56fykQd4pSoMFlEag2sG1nHZDhpy4MS3%2B3ddlu4b9yMGorZvmPFldif8T1DoyygqQPf5dcEM69gKxtNRKV9S95JJd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 695e97a5dbcbce27-LHR
content-length: 1802
expires: Thu, 15 Sep 2022 20:12:43 GMT

GET
H2 200 header.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 145 KB
146 KB 48ms
45ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/header.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661bc364660fe86d742ee0fc3ae81ba7c89b1597870ecff0d6696d48a1ad6f36

Request headers

:path: /trial/CFP/assets/images/header.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284669
cf-bgj: h2pri
content-length: 148825
last-modified: Mon, 10 May 2021 14:23:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykx06%2FzAdAY%2BiW94UusWYga0vLx4wW7ZlJnwSt9dNgHJgmONfHI%2BSEIfyNcx6WlrCv%2FpweR9OsAKUc535WpcZncFVGjsxnlaH%2B5u4q0e9Lx7K%2FGpp006Qlg6lGY3Rl0CElPidjT2UeHYylYPDSHIprHdNRyF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a5ebcece27-LHR
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 fact.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 51 KB
51 KB 29ms
27ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/fact.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d8f16b765b2d1c854ec45f09b902f0b1337eda150373ee442cd454c2164dae8

Request headers

:path: /trial/CFP/assets/images/fact.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284669
cf-bgj: h2pri
content-length: 51886
last-modified: Mon, 10 May 2021 14:23:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5K0ff4YW3hMVXULie9Jf2MDQfY%2BB%2F4UrYyZJy0q807baT%2FSOdf3dPfFKALRsvHnnUdm%2B4XcAqR3H5tVijkR6KmSuGL1u1FLt8NafXy31HVRrJ%2Fnlli1e4Jja%2F8C5lH3eIpZduQHlj76owokV72o%2BOZ4SczzV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a5ebcfce27-LHR
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 sidebar-asm.png
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 22 KB
23 KB 26ms
24ms Image
image/png 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/sidebar-asm.png
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c3edd4c0326e5e7053f45b548611a4a6795841f8777a9b08366281740269a7

Request headers

:path: /trial/CFP/assets/images/sidebar-asm.png
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
last-modified: Mon, 10 May 2021 14:23:41 GMT
server: cloudflare
age: 1112338
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=On1MBAHIYeb0DtXpGk3EfM%2BmmEcUr9u%2B%2Fg%2Fj8J9UE7kOHc5iQAoFhhbdWk3YbSYMFAcD2KvIFknho8%2FCNx4opTS0Dhtu4WDMje5p4PJK%2BDA9SGgtJLjibOtCp96QGhyCcGNrBKiKASjW7U20mIaB8ocavCp3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 695e97a5ebd1ce27-LHR
content-length: 22728
expires: Thu, 15 Sep 2022 20:12:43 GMT

GET
H2 200 sidebar2.png
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 83 KB
83 KB 46ms
44ms Image
image/png 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/sidebar2.png
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b2432ad06468730a2ae2e2887117477ce145837bb4076b9b4d5c5603574c500

Request headers

:path: /trial/CFP/assets/images/sidebar2.png
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
last-modified: Mon, 10 May 2021 14:23:41 GMT
server: cloudflare
age: 284669
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfeGzt8kPYtyRFNg3dQZGsX0%2FZIOmMuwBIFXsLz76TVFRbg57fZFTJ2CLKi3bqgWBwbdbvXLoSpVxLsPsJYF9jkRUo7gvilcFbo8tGhpvKYejaTRFSqCsToEeIwy51dMBDinD5r4ABULYXad72JxbgaoUm15"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 695e97a5ebd3ce27-LHR
content-length: 85008
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 chart.png
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 25 KB
26 KB 46ms
45ms Image
image/png 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/chart.png
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 080aea3d94b054f4c794488b562fd5667cd76e904cf5d31a8f3e2108d59d44ed

Request headers

:path: /trial/CFP/assets/images/chart.png
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
last-modified: Mon, 10 May 2021 14:23:40 GMT
server: cloudflare
age: 284669
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2Ijfl6MlYV7X9%2FCxQuz6HaF9E2j6Z1gQY91HL%2FTWumj3IThNvVHZ5MnTy9004XJa7jz4ij5UMaNcDqUAPSkw7Zlu6LY9lorJLRnqb%2BB9yKuVdAqFGSiUbDzus11Vaewa3Uc1sMiGCskZdVfHN3l0yJEFZqD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 695e97a5ebd5ce27-LHR
content-length: 25894
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 scidaily-logo.png
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 8 KB
9 KB 27ms
26ms Image
image/png 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/scidaily-logo.png
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 213ca38b25dda4dc6603c2161eeadc5438a95c71244c5a054262d0f8beabecdc

Request headers

:path: /trial/CFP/assets/images/scidaily-logo.png
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
last-modified: Mon, 10 May 2021 14:23:41 GMT
server: cloudflare
age: 284669
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xf37XWyKiHSu47F%2FiZ1O%2BR1guC%2FQwY%2F8g%2FEvwrHY41%2BrXKflXImKwOKF2z86e%2BHSLGFL5KeaboAbtF9Lafpo%2FD%2Bgw%2FyDl5I7HIAmo3o5Afdn9MhZwh2SGICtrzsksluMpQga94ehBaqV%2Bp%2F8aIdFF6HYob2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 695e97a66c3cce27-LHR
content-length: 8622
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 World-Jrnl-Gastroenterology.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 7 KB
7 KB 28ms
27ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/World-Jrnl-Gastroenterology.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed388030da883f48fd764178f76132a42019c4ff66dd57be5b0eb05d9ddc47cd

Request headers

:path: /trial/CFP/assets/images/World-Jrnl-Gastroenterology.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1112338
cf-bgj: h2pri
content-length: 6675
last-modified: Mon, 10 May 2021 14:23:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94ZTbq2s2iotL9afONnQYX6DOdjd49OgtzL7yNQqswIzjWSluY9jVafNCp9kAq37vh9WnGmjczU1Kx7nLWFJN%2BlnG8a8V%2Fytm5%2FiQe5ngBlXBu7YimqjF31%2B3jgWASU6k9n8OLtAlWbw3tBBYmtFuY6uUKQl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a66c3fce27-LHR
expires: Thu, 15 Sep 2022 20:12:43 GMT

GET
H2 200 swisscheese.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 16 KB
17 KB 29ms
28ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/swisscheese.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae8f94f99600267241b91eb903601bb0e679ff4219754d9796acf656596a7cd6

Request headers

:path: /trial/CFP/assets/images/swisscheese.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1112338
cf-bgj: h2pri
content-length: 16540
last-modified: Mon, 10 May 2021 14:23:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPGQvl4zAtkY46HBneGlyVc0EFm4h3%2BGAd3k3pEMTzY4g7sXrVPfT9Yo9hP68qIapNuICzLyVZE6Etx99QRbb7jYoDKVLQwKeaRspY%2Fmiza7L4pBvf2Hbgc1n5p0P%2B9WzI%2B%2FioLPp9CP0vqT1x7d2AqewL74"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a66c40ce27-LHR
expires: Thu, 15 Sep 2022 20:12:43 GMT

GET
H2 200 MNT.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 10 KB
10 KB 28ms
27ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/MNT.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d2daffeaad5e214b7754e50ebc2e277d9b90804173360c0eebe869769cd5aba

Request headers

:path: /trial/CFP/assets/images/MNT.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284669
cf-bgj: h2pri
content-length: 9819
last-modified: Mon, 10 May 2021 14:23:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eFKpYQU6ta21RkjxyGDOt6ZukMwEPQHThC8h90HzslQssfOhIZcuLG9p9WHF9QE7f1epmkIWbYU%2FLThJbRWAMjm6pMv27te%2F%2FZgaVKxXzMGWGGsF3eB3Jf8QTVWJsM4h6P2XEKv3evhGS0r44q5rf3t4TmZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a66c43ce27-LHR
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 GI-Society.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 8 KB
8 KB 36ms
35ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/GI-Society.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d361a9593e7a5b11ed8f54d9caff8a30e209ddac4dfa13b23c824c241a4cf2c

Request headers

:path: /trial/CFP/assets/images/GI-Society.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1112338
cf-bgj: h2pri
content-length: 7711
last-modified: Mon, 10 May 2021 14:23:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgowVkNMAuBywFGfx58XVqqQ9jWeZL6I4iRTNcVkS5MLKVMoeASfbj8hvs0z%2F40FNkaII9wsj4AhVE8mlQQ%2BQ%2FSMjwD8QTJ8okh8enG%2FXH6sw2xyQ83vxan6MNGGKvnCtign4gifckwf6aKJB9poL5KHymud"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a66c44ce27-LHR
expires: Thu, 15 Sep 2022 20:12:43 GMT

GET
H2 200 yahoo-life.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 7 KB
7 KB 29ms
28ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/yahoo-life.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8898585b6277a666297b75bf85d070d00365c60efd2022ee1cce5d475de6647

Request headers

:path: /trial/CFP/assets/images/yahoo-life.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284669
cf-bgj: h2pri
content-length: 6779
last-modified: Mon, 10 May 2021 14:23:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWForb8V%2BESUjC5kIfn47KmdxSi8Ygna3YZqcPni8dEkk%2FnLXfnD4ATUtCAW372PecjwrWsvwGwrOzGRB%2BSeRqi2%2B12dU1vEDp38U0z9lnaNcAxLCi4KPipA4te3FwfwiTWHHw4jius99pgGO8Ezr8F%2BG29%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a66c46ce27-LHR
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 free_report1.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 40 KB
41 KB 38ms
36ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/free_report1.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9631545801df1f371e478ed31f8604a9b17ce3994a3e2507f7758afb46a8490

Request headers

:path: /trial/CFP/assets/images/free_report1.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2138865
cf-bgj: h2pri
content-length: 41122
last-modified: Mon, 10 May 2021 14:23:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMKd1OVJ9pnJNoAUfC4%2FnYNVULoB01FoGj0dTItNxG73I9iYYFziPe0KLr9LKKz4bMgH7%2BzARxByhwCCWXxIrN93ADlCzciFAWvzGslz3GH13kp%2BLeoGHHrPU4fDOHrb8CJ1ol9ZGBgnztCN6gs5x8ZX6thi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a66c48ce27-LHR
expires: Sat, 03 Sep 2022 23:03:56 GMT

GET
H2 200 free_report2.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 58 KB
59 KB 36ms
33ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/free_report2.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b05df37da811f135fec82069427dd6c549176c6da727aa27aaea58f5ab803116

Request headers

:path: /trial/CFP/assets/images/free_report2.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284669
cf-bgj: h2pri
content-length: 59530
last-modified: Mon, 10 May 2021 14:23:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjrP0rYHxNDn16UHgMhmXEIebR8aUxVDJFJcjOlsTThKsFZWpOh2mE%2F3fbTdH1X3OMJvE13TZM4WhP66fHruOWsMHbgs00dOZSiPdpBchWHIOUV0GF2O9h0n%2FZBOzlR7c8pcMZM1DpzhUwNGb2O%2FikBnTqqs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a66c49ce27-LHR
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 free_report3.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 53 KB
54 KB 30ms
28ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/free_report3.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24728d249a54c2c95fac4621e9d8e68352e9c9df87d9f722aa2051f803097b4a

Request headers

:path: /trial/CFP/assets/images/free_report3.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284669
cf-bgj: h2pri
content-length: 54437
last-modified: Mon, 10 May 2021 14:23:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hA%2FOuQ1dBzZheAAgi66%2FsBUU6l1bYglg49t%2B87LBEbHv6qoBxxl6HxcJHnqknbvy45qpJIOkfRPXkoFWtgx2%2BKL2DyF4mLpNXozd%2FMbvXBDRqTDysNeL2GqGHgdL6FLwRIrtG8xYCGCuCeLSkL09XMZdfaIH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a66c4ace27-LHR
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 Lee_signature.jpg
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 3 KB
4 KB 28ms
26ms Image
image/jpeg 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/Lee_signature.jpg
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b62b09d59cec4d70c3f36d2bdcc2ac55e858dcf3b3f5e475d1e23eb0438990

Request headers

:path: /trial/CFP/assets/images/Lee_signature.jpg
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284669
cf-bgj: h2pri
content-length: 3518
last-modified: Mon, 10 May 2021 14:23:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfYFrX%2F03e2GAwFKo7fUOZvNuMMPENMRa%2F%2F0p9rQK3jmDIWULmv4E3lhBu6ZjGRnZNSyE6%2FCz%2BgsD5xhHURhuviwFF1PAykqEZDSh2dBAiKTyeGhWcx6TobKQPQ6KGBFywdO1uosQYcEJ5ayg6H42PRj1Yuz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 695e97a66c4bce27-LHR
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 gjs.aspx Show response
nsg.symantec.com/Web/Seal/ 2 KB
2 KB 84ms
7ms Script
application/x-javascript 104.111.231.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/Web/Seal/gjs.aspx?SN=932009323
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-209.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: d46b1140dda61c8a473f79ba1b65701751533d07eb5dc093d375b449090b869b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:41 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
etag: "38e8a84c5beae1cb"
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: private, max-age=86400
content-type: application/x-javascript; charset=utf-8
content-length: 1555
expires: Wed, 29 Sep 2021 17:11:41 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 76ms
25ms Script
text/javascript 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 05:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 28 Sep 2022 05:07:34 GMT

GET
H2 200 limelight-traffic-attribution.min.js Show response
cdn.limelightcrm.com/traffic-attribution/ 6 KB
6 KB 450ms
403ms Script
application/x-javascript 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.limelightcrm.com/traffic-attribution/limelight-traffic-attribution.min.js
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php?click_id=f1abdcadb0dd452782c71fd45e9466fe&AFFID=Clix+Flow+LLC&C2=&C3=cfp&utm_medium=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 156d0adbe5de3ac618369b558b69382bcff6ac70597eedd77dcf3427c22b627f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:43 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jul 2017 16:56:14 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "9b249486fa44458deffd751d7651502f"
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6064
x-amz-cf-id: bF2A9jiOMu3jcyy0KvxGPkKN7z-Y4zBQJHwB2N8gV3CSkncJeqLbYg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 73ms
21ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1182
date: Tue, 28 Sep 2021 16:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 28 Sep 2021 18:52:00 GMT

GET
H2 200 red-arrow.png
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 207 B
619 B 26ms
26ms Image
image/png 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/red-arrow.png
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/css/app2.css?cb=1384377323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f44e7e2172a8fbc64cbe1f6b3bf32985b7e2a425e20ec05db4bfad8506bb41

Request headers

:path: /trial/CFP/assets/images/red-arrow.png
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/css/app2.css?cb=1384377323
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/css/app2.css?cb=1384377323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:42 GMT
cf-cache-status: HIT
last-modified: Mon, 10 May 2021 14:23:41 GMT
server: cloudflare
age: 284670
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCk69mgCE7Yrik6m%2Bx9nBjzSptlAAGVcfoEUwF34Zmg6gyCx37Ns4QsMRZubvL9PxsM064UdEXzbJjKeT1admB6Y2k0YOVDFStZ%2Bgor4pQKKQjUDbt9ZteK5yxEYbh0tjMHQzPx8LLJtwZQhBtZubVoFtv7l"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 695e97a82dd2ce27-LHR
content-length: 207
expires: Sun, 25 Sep 2022 10:07:12 GMT

GET
H2 200 ltblue-arrow.png
www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ 207 B
527 B 33ms
33ms Image
image/png 104.26.5.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/images/ltblue-arrow.png
Requested by: Host: www.greenvalleynaturalsolutions.com
URL: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/css/app2.css?cb=1384377323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11b61c4c1b527f4cafe4fda3342d984bbd038d30e4045f8e3cf49ccf0a249ed2

Request headers

:path: /trial/CFP/assets/images/ltblue-arrow.png
pragma: no-cache
cookie: SC=UNCODED; CC=CPRO
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.greenvalleynaturalsolutions.com
referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/css/app2.css?cb=1384377323
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/trial/CFP/assets/css/app2.css?cb=1384377323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:42 GMT
cf-cache-status: HIT
last-modified: Mon, 10 May 2021 14:23:41 GMT
server: cloudflare
age: 1112338
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IoV26ceGIAX8UElKFudBph%2FV9lw%2BMVqh%2BLhb3T11lbElN9ZnOrg2OdYUSlV1rlTGaeLQjQmLuQijGSlVr38kRcTA7TLT3saAjbPKLdk3KGyR1WcjMShIIAIzkk5gAs67GUG%2F5AR9TbCQA%2FMuHzYGT52Khmn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 695e97a82dd5ce27-LHR
content-length: 207
expires: Thu, 15 Sep 2022 20:12:44 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 80ms
23ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.greenvalleynaturalsolutions.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 210716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 06:39:46 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v17/ 34 KB
35 KB 118ms
62ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.greenvalleynaturalsolutions.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 06:38:20 GMT
x-content-type-options: nosniff
age: 210802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35284
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:52:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 06:38:20 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 104ms
48ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.greenvalleynaturalsolutions.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 04:13:08 GMT
x-content-type-options: nosniff
age: 46714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 04:13:08 GMT

GET
H2 200 rollover.core.js Show response
nsg.symantec.com/private/rollover/ 48 KB
18 KB 7ms
7ms Script
application/javascript 104.111.231.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/private/rollover/rollover.core.js
Requested by: Host: nsg.symantec.com
URL: https://nsg.symantec.com/Web/Seal/gjs.aspx?SN=932009323
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-209.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 4580cae834ea43fb80875123bf662ef99fc2faa3fedcad2bdd0a9b52db437340

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:42 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 19:21:52 GMT
server: Microsoft-IIS/8.5
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: private, max-age=86400
accept-ranges: bytes
content-type: application/javascript
content-length: 18056
expires: Wed, 29 Sep 2021 17:11:42 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
221 B 29ms
28ms XHR
text/plain 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=3172099&t=pageview&_s=1&dl=https%3A%2F%2Fwww.greenvalleynaturalsolutions.com%2Ftrial%2FCFP%2Fcomfort-pro-a.php%3Fclick_id%3Df1abdcadb0dd452782c71fd45e9466fe%26AFFID%3DClix%2BFlow%2BLLC%26C2%3D%26C3%3Dcfp%26utm_medium%3Deverflow&dr=https%3A%2F%2Fcuttingedgeteh.com%2F&ul=en-us&de=UTF-8&dt=Comfort%20Pro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1872022046&gjid=1707454996&cid=1677647907.1632849102&tid=UA-80325941-3&_gid=1651347606.1632849102&_r=1&_slc=1&cd1=appkey&cd2=Campaign_ID&z=1526326154

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.greenvalleynaturalsolutions.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 17:11:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.greenvalleynaturalsolutions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ii.aspx Show response
nsg.symantec.com/Web/Seal/ 16 B
399 B 96ms
96ms Script
application/x-javascript 104.111.231.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/Web/Seal/ii.aspx?CBF=bs_R.ii&fpc=&TS=aeaf1
Requested by: Host: nsg.symantec.com
URL: https://nsg.symantec.com/private/rollover/rollover.core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-209.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 348639d5e9d8689a39552088dfb004d5cff9ddc0e14c6cd3324b25d311b7bdd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:42 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
etag: "6f4f096257d7d74c"
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: private, max-age=86400
content-type: application/x-javascript; charset=utf-8
content-length: 136
expires: Wed, 29 Sep 2021 17:11:42 GMT

GET
H2 200 AltSealInfo.aspx Show response
nsg.symantec.com/Web/Seal/ 885 B
1 KB 104ms
104ms Script
application/x-javascript 104.111.231.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/Web/Seal/AltSealInfo.aspx?Info=1&PR=https%3A%2F%2Fcuttingedgeteh.com%2F&CBF=bs_R.AltSeal&Elem=_GUARANTEE_SealSpan&SN=buysafeseal_1&HASH=nimwBY7RyD2VV%2FPazDKC7p3G49Xf82dYh46KTaYPgw5fqdUItDccSDae9RIiQn6EHvVSgaovjrqakr9MDrXoqQ%3D%3D&S=Large&T=M&MSPHASH=&fpc=&DP=br%3DChrome%3Bvr%3D93.0.4577.63%3Bos%3DLinux%3Bsno%3Da&I=&TS=dd14a94819
Requested by: Host: nsg.symantec.com
URL: https://nsg.symantec.com/private/rollover/rollover.core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-209.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 578a74e6fdbb2e55008b68a662e276edd2ac96a80f55579e0a7d7e08279b38fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 17:11:42 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript; charset=utf-8
content-length: 734
expires: Tue, 28 Sep 2021 17:11:42 GMT

GET
H2 200 si.aspx
nsg.symantec.com/Web/Seal/ 2 KB
2 KB 547ms
546ms Image
application/octet-stream 104.111.231.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nsg.symantec.com/Web/Seal/si.aspx?s=932009323&p=11&t=a&TS=aeaf1&R=0&x=BLX
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-209.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: a878c14daa943a1168d9b3fd4a3f3b4acc7ecaadcf23534c16c25952e8549b58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:43 GMT
server: Microsoft-IIS/8.5
etag: "6ab56d040ea61360"
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: private, max-age=86400
content-disposition: inline; filename=s.png
content-type: application/octet-stream; charset=utf-8
content-length: 1855
expires: Wed, 29 Sep 2021 17:11:43 GMT

GET
H2 200 Static.aspx Show response
nsg.symantec.com/Web/Seal/ 503 B
732 B 169ms
169ms Script
text/javascript 104.111.231.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/Web/Seal/Static.aspx?CBF=bs_R.RollCBF&Type=RO&Promocode=Custom&ifID=Custom&DP=br%3DChrome%3Bvr%3D93.0.4577.63%3Bos%3DLinux%3Bsno%3Da&HASH=nimwBY7RyD2VV%2FPazDKC7p3G49Xf82dYh46KTaYPgw5fqdUItDccSDae9RIiQn6EHvVSgaovjrqakr9MDrXoqQ%3D%3D&TS=aeaf1
Requested by: Host: nsg.symantec.com
URL: https://nsg.symantec.com/private/rollover/rollover.core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-209.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 2ce758070a9c9a60b8e37c3934b0a3fd16fcab7e360212806eb15ef00068593b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:42 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
etag: "1285ed5547287333"
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: private, max-age=86400
content-type: text/javascript; charset=utf-8
content-length: 476
expires: Wed, 29 Sep 2021 17:11:42 GMT

GET
H2 200 si.aspx
nsg.symantec.com/Web/Seal/ 6 KB
6 KB 309ms
309ms Image
application/octet-stream 104.111.231.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nsg.symantec.com/Web/Seal/si.aspx?s=932009323&p=11&t=a&TS=aeaf1&R=1&x=BLX
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-209.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 62fb12bfaccc7de281b5cae26bda7313ef7fac5a27968862a77e89db9b2194d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:11:42 GMT
server: Microsoft-IIS/8.5
etag: "c77654971cf2202b"
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: private, max-age=86400
content-disposition: inline; filename=s.png
content-type: application/octet-stream; charset=utf-8
content-length: 6103
expires: Wed, 29 Sep 2021 17:11:42 GMT

GET
H2 200 Dynamic.aspx Show response
nsg.symantec.com/Web/Seal/ 30 B
407 B 109ms
109ms Script
text/javascript 104.111.231.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/Web/Seal/Dynamic.aspx?CBF=bs_R.WriteKickersHTML&Promocode=Kicker%20Custom%20Null&ifID=&DP=br%3DChrome%3Bvr%3D93.0.4577.63%3Bos%3DLinux%3Bsno%3Da&HASH=nimwBY7RyD2VV%2FPazDKC7p3G49Xf82dYh46KTaYPgw5fqdUItDccSDae9RIiQn6EHvVSgaovjrqakr9MDrXoqQ%3D%3D&fpc=
Requested by: Host: nsg.symantec.com
URL: https://nsg.symantec.com/private/rollover/rollover.core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-209.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: cb3e4299b9a47e3c0963ef53143ca69dc2dba8cfe9d9e56c4e91cb874416e435

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.greenvalleynaturalsolutions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 17:11:42 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: max-age=0, no-cache, no-store
content-type: text/javascript; charset=utf-8
content-length: 150
expires: Tue, 28 Sep 2021 17:11:42 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cuttingedgeteh.com/	1970-01-19 22:18:43	Name: uid3377 Value: 612522410-20210928131140-a2527708b50f743ac0f7ed22ffc9d8d2-
www.gvnsoffers.com/	1970-01-19 21:37:01	Name: uniqueClick_PS824 Value: b114af80-c30d-4645-9b1b-81130e7c8ea7:1632849101
www.gvnsoffers.com/	1970-01-19 23:43:45	Name: transaction_id Value: f1abdcadb0dd452782c71fd45e9466fe
.greenvalleynaturalsolutions.com/	1970-01-19 22:17:21	Name: SC Value: UNCODED
.greenvalleynaturalsolutions.com/	1970-01-19 22:17:21	Name: CC Value: CPRO
.greenvalleynaturalsolutions.com/	1970-01-20 15:05:21	Name: _ga Value: GA1.2.1677647907.1632849102
.greenvalleynaturalsolutions.com/	1970-01-19 21:35:35	Name: _gid Value: GA1.2.1651347606.1632849102
.greenvalleynaturalsolutions.com/	1970-01-19 21:34:09	Name: _gat_limelightTracker Value: 1
www.greenvalleynaturalsolutions.com/	1970-01-20 06:19:45	Name: _ll_ta_referrer Value: https%3A//cuttingedgeteh.com/
www.greenvalleynaturalsolutions.com/	1970-01-20 06:19:45	Name: _ll_ta_last_referrer Value: https%3A//cuttingedgeteh.com/
www.greenvalleynaturalsolutions.com/	1970-01-20 06:19:45	Name: _ll_ta_initial_landing_page Value: https%3A//www.greenvalleynaturalsolutions.com/trial/CFP/comfort-pro-a.php%3Fclick_id%3Df1abdcadb0dd452782c71fd45e9466fe%26AFFID%3DClix+Flow+LLC%26C2%3D%26C3%3Dcfp
www.greenvalleynaturalsolutions.com/	1970-01-19 21:34:12	Name: _ll_ta_current_session Value: true
www.greenvalleynaturalsolutions.com/	1970-01-20 06:19:45	Name: _ll_ta_visits Value: 1
www.greenvalleynaturalsolutions.com/	1970-01-20 06:19:45	Name: _ll_ta_utm_source Value:
www.greenvalleynaturalsolutions.com/	1970-01-20 06:19:45	Name: _ll_ta_utm_medium Value: everflow
www.greenvalleynaturalsolutions.com/	1970-01-20 06:19:45	Name: _ll_ta_utm_campaign Value:
www.greenvalleynaturalsolutions.com/	1970-01-20 06:19:45	Name: _ll_ta_utm_term Value:
www.greenvalleynaturalsolutions.com/	1970-01-20 06:19:45	Name: _ll_ta_utm_content Value:
www.greenvalleynaturalsolutions.com/	1969-12-31 23:59:59	Name: utm_medium Value: everflow
www.greenvalleynaturalsolutions.com/	1969-12-31 23:59:59	Name: utm_source Value:
www.greenvalleynaturalsolutions.com/	1969-12-31 23:59:59	Name: utm_campaign Value:
www.greenvalleynaturalsolutions.com/	1969-12-31 23:59:59	Name: utm_term Value:
www.greenvalleynaturalsolutions.com/	1969-12-31 23:59:59	Name: utm_content Value:
www.greenvalleynaturalsolutions.com/	1969-12-31 23:59:59	Name: device_category Value: desktop

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.limelightcrm.com
cuttingedgeteh.com
despacito.sa.com
fonts.googleapis.com
fonts.gstatic.com
nsg.symantec.com
storage.googleapis.com
www.google-analytics.com
www.greenvalleynaturalsolutions.com
www.gvnsoffers.com
104.111.231.209
104.26.5.41
107.172.12.219
142.250.181.234
142.250.181.240
142.250.185.202
142.250.185.227
142.250.186.46
143.204.98.87
188.246.230.30
34.117.58.150
06b62b09d59cec4d70c3f36d2bdcc2ac55e858dcf3b3f5e475d1e23eb0438990
080aea3d94b054f4c794488b562fd5667cd76e904cf5d31a8f3e2108d59d44ed
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d2daffeaad5e214b7754e50ebc2e277d9b90804173360c0eebe869769cd5aba
0d361a9593e7a5b11ed8f54d9caff8a30e209ddac4dfa13b23c824c241a4cf2c
11b61c4c1b527f4cafe4fda3342d984bbd038d30e4045f8e3cf49ccf0a249ed2
156d0adbe5de3ac618369b558b69382bcff6ac70597eedd77dcf3427c22b627f
1b2432ad06468730a2ae2e2887117477ce145837bb4076b9b4d5c5603574c500
213ca38b25dda4dc6603c2161eeadc5438a95c71244c5a054262d0f8beabecdc
24728d249a54c2c95fac4621e9d8e68352e9c9df87d9f722aa2051f803097b4a
2ce758070a9c9a60b8e37c3934b0a3fd16fcab7e360212806eb15ef00068593b
348639d5e9d8689a39552088dfb004d5cff9ddc0e14c6cd3324b25d311b7bdd9
3f9587b74aea027009141a90ef18fda9531a0c145dfa1c07b2c3fa25ba8bba57
4580cae834ea43fb80875123bf662ef99fc2faa3fedcad2bdd0a9b52db437340
55c3edd4c0326e5e7053f45b548611a4a6795841f8777a9b08366281740269a7
578a74e6fdbb2e55008b68a662e276edd2ac96a80f55579e0a7d7e08279b38fa
62fb12bfaccc7de281b5cae26bda7313ef7fac5a27968862a77e89db9b2194d2
661bc364660fe86d742ee0fc3ae81ba7c89b1597870ecff0d6696d48a1ad6f36
73dc95375c0c18cc78101f90219d8d2b0089fe2c9ff4bbeef1618a9ef4c57b39
7d8f16b765b2d1c854ec45f09b902f0b1337eda150373ee442cd454c2164dae8
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a878c14daa943a1168d9b3fd4a3f3b4acc7ecaadcf23534c16c25952e8549b58
ae8f94f99600267241b91eb903601bb0e679ff4219754d9796acf656596a7cd6
b05df37da811f135fec82069427dd6c549176c6da727aa27aaea58f5ab803116
b9631545801df1f371e478ed31f8604a9b17ce3994a3e2507f7758afb46a8490
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c41d685a2cd44db5c83be7ec5c47745b7f969f26c44c72a052c447656c920043
cb3e4299b9a47e3c0963ef53143ca69dc2dba8cfe9d9e56c4e91cb874416e435
d46b1140dda61c8a473f79ba1b65701751533d07eb5dc093d375b449090b869b
d8898585b6277a666297b75bf85d070d00365c60efd2022ee1cce5d475de6647
e2a97719473eede7640638da94ecd3d319482c6ddfac16f6cc1eef86d78c7251
e5f44e7e2172a8fbc64cbe1f6b3bf32985b7e2a425e20ec05db4bfad8506bb41
ed388030da883f48fd764178f76132a42019c4ff66dd57be5b0eb05d9ddc47cd
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fee0487ba4099bb6e291e33bb0ddae777ec355785d5ac41bc8f4f717861008cc

www.greenvalleynaturalsolutions.com Open in urlscan Pro 104.26.5.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

10 IPs

3 Countries

744 kBTransfer

902 kBSize

24 Cookies

3 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.greenvalleynaturalsolutions.com Open in urlscan Pro
104.26.5.41 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

744 kB
Transfer

902 kB
Size

24
Cookies

40 HTTP transactions
0 data transactions