www.greenvalleycapital.net Open in urlscan Pro
208.117.2.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.mp2201.com/a/701/click/9360428/748942694/_e89b3cd9ba3ac23e854b45958c72418d31d3b669/2882562cf89856786dd18617...
Effective URL:
https://www.greenvalleycapital.net/
Submission: On April 27 via api (April 27th 2021, 1:54:30 pm UTC) from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 208.117.2.94, located in United States and belongs to STEADFAST, US. The main domain is www.greenvalleycapital.net.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on August 25th 2020. Valid for: a year.

This is the only time www.greenvalleycapital.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	15169 (GOOGLE) (GOOGLE)
1 1	208.117.2.230 208.117.2.230	32748 (STEADFAST) (STEADFAST)
1 1	52.39.165.69 52.39.165.69	16509 (AMAZON-02) (AMAZON-02)
16	208.117.2.94 208.117.2.94	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
20	3

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.mp2201.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.117.2.230 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip230.208-117-2.static.steadfastdns.net

www.needliberty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.39.165.69 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-165-69.us-west-2.compute.amazonaws.com

findsal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 208.117.2.94 (United States)

ASN32748 (STEADFAST, US)
PTR: ip94.208-117-2.static.steadfastdns.net

www.greenvalleycapital.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	greenvalleycapital.net www.greenvalleycapital.net	1 MB
3	gstatic.com fonts.gstatic.com	57 KB
1	googleapis.com fonts.googleapis.com	758 B
1	findsal.com 1 redirects findsal.com	812 B
1	needliberty.com 1 redirects www.needliberty.com	578 B
1	mp2201.com 1 redirects links.mp2201.com	710 B
20	6

	Domain	Requested by
16	www.greenvalleycapital.net	www.greenvalleycapital.net
3	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.greenvalleycapital.net
1	findsal.com	1 redirects
1	www.needliberty.com	1 redirects
1	links.mp2201.com	1 redirects
20	6

This site contains no links.

Subject Issuer	Validity	Valid
www.greenvalleycapital.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-25` - `2021-08-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.greenvalleycapital.net/
Frame ID: 6CE2006CF0A95D8D7B2893359756EC39
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.mp2201.com/a/701/click/9360428/748942694/_e89b3cd9ba3ac23e854b45958c72418d31d3b669/2882... HTTP 302
http://www.needliberty.com/dt/CD1971/19648/11333/0/?subc1=12631&subc2=PM2923C1&em=mphelps@calvaproducts... HTTP 302
http://findsal.com/?a=1&c=11333&p=r&s1=12631&s2=PM2923C1&s3=&s4=&s5=&em=mphelps%40calvaproducts... HTTP 302
https://www.greenvalleycapital.net/redir/?affId=1&opt=1-c241evcetsqs0rneoqg0&subc1=12631&subc2=PM2923C1&subc3=&... Page URL
https://www.greenvalleycapital.net/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

3
IPs

2
Countries

1303 kB
Transfer

1300 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.mp2201.com/a/701/click/9360428/748942694/_e89b3cd9ba3ac23e854b45958c72418d31d3b669/2882562cf89856786dd18617a47a591fff3261b7 HTTP 302
http://www.needliberty.com/dt/CD1971/19648/11333/0/?subc1=12631&subc2=PM2923C1&em=mphelps@calvaproducts.com HTTP 302
http://findsal.com/?a=1&c=11333&p=r&s1=12631&s2=PM2923C1&s3=&s4=&s5=&em=mphelps%40calvaproducts.com HTTP 302
https://www.greenvalleycapital.net/redir/?affId=1&opt=1-c241evcetsqs0rneoqg0&subc1=12631&subc2=PM2923C1&subc3=&subc4=&subc5=&em=mphelps%40calvaproducts.com Page URL
https://www.greenvalleycapital.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://links.mp2201.com/a/701/click/9360428/748942694/_e89b3cd9ba3ac23e854b45958c72418d31d3b669/2882562cf89856786dd18617a47a591fff3261b7 HTTP 302
http://www.needliberty.com/dt/CD1971/19648/11333/0/?subc1=12631&subc2=PM2923C1&em=mphelps@calvaproducts.com HTTP 302
http://findsal.com/?a=1&c=11333&p=r&s1=12631&s2=PM2923C1&s3=&s4=&s5=&em=mphelps%40calvaproducts.com HTTP 302
https://www.greenvalleycapital.net/redir/?affId=1&opt=1-c241evcetsqs0rneoqg0&subc1=12631&subc2=PM2923C1&subc3=&subc4=&subc5=&em=mphelps%40calvaproducts.com

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
www.greenvalleycapital.net/redir/
Redirect Chain

https://links.mp2201.com/a/701/click/9360428/748942694/_e89b3cd9ba3ac23e854b45958c72418d31d3b669/2882562cf89856786dd18617a47a591fff3261b7
http://www.needliberty.com/dt/CD1971/19648/11333/0/?subc1=12631&subc2=PM2923C1&em=mphelps@calvaproducts.com
http://findsal.com/?a=1&c=11333&p=r&s1=12631&s2=PM2923C1&s3=&s4=&s5=&em=mphelps%40calvaproducts.com
https://www.greenvalleycapital.net/redir/?affId=1&opt=1-c241evcetsqs0rneoqg0&subc1=12631&subc2=PM2923C1&subc3=&subc4=&subc5=&em=mphelps%40calvaproducts.com

970 B
1 KB

709ms
177ms

Document
text/html

208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenvalleycapital.net/redir/?affId=1&opt=1-c241evcetsqs0rneoqg0&subc1=12631&subc2=PM2923C1&subc3=&subc4=&subc5=&em=mphelps%40calvaproducts.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

e127023a5ca8678479d0a9e957021a342c9ee31c325f842b4219c09d2c98d85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Host: www.greenvalleycapital.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:06 GMT
Server: Apache
Strict-Transport-Security: max-age=0
X-Frame-Options: sameorigin
Permissions-Policy: camera(none), microphone(none), geolocation(none)
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expect-CT: max-age=0
Referrer-Policy: strict-origin-when-cross-origin
Content-Length: 970
Keep-Alive: timeout=15, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Tue, 27 Apr 2021 13:54:05 GMT
Location: https://www.greenvalleycapital.net/redir/?affId=1&opt=1-c241evcetsqs0rneoqg0&subc1=12631&subc2=PM2923C1&subc3=&subc4=&subc5=&em=mphelps%40calvaproducts.com
Set-Cookie: ti=GICqGCM2qM3knhUEnngVodrOAzn7cgUSm46O0vNs3Ea5hhvYPYrsy3K2QKfwdUU/1lS/hEchR6M=; Domain=.findsal.com; Expires=Thu, 27 Apr 2023 13:54:05 GMT; HttpOnly sq=GICqGCM2qM3knhUEnngVoYEXYAeldj+pm46O0vNs3EZYbx5cyHFB3nK2QKfwdUU/DAz8l1HeQXA=; Domain=.findsal.com; HttpOnly c19648=GICqGCM2qM3knhUEnngVoZgEjLjNB/SXyRG0t7LiJPOYrrRKfVGrnk+cbJePk5ou2qoD/U6ESZdQ0q//f+TG6GD5+W6kzBAov5Nbkm7GJ/50umzwJ8RKoupIJtyIFRG+; Domain=.findsal.com; HttpOnly
X-Ckt: c241evcetsqs0rneoqg0
X-Ray: c241evcetsqs0rneoqcg
Content-Length: 206

POST
H/1.1 200
OK Primary Request / Show response
www.greenvalleycapital.net/ 19 KB
19 KB 182ms
182ms Document
text/html 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

afae8e5a9d83b77b1f40d25b97e06a15bb9d85787dab42e5e64dc64a80e50edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Host: www.greenvalleycapital.net
Connection: keep-alive
Content-Length: 112
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://www.greenvalleycapital.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.greenvalleycapital.net/redir/?affId=1&opt=1-c241evcetsqs0rneoqg0&subc1=12631&subc2=PM2923C1&subc3=&subc4=&subc5=&em=mphelps%40calvaproducts.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tz=-120
Upgrade-Insecure-Requests: 1
Origin: https://www.greenvalleycapital.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.greenvalleycapital.net/redir/?affId=1&opt=1-c241evcetsqs0rneoqg0&subc1=12631&subc2=PM2923C1&subc3=&subc4=&subc5=&em=mphelps%40calvaproducts.com

Response headers

Date: Tue, 27 Apr 2021 13:54:06 GMT
Server: Apache
Strict-Transport-Security: max-age=0
X-Frame-Options: sameorigin
Permissions-Policy: camera(none), microphone(none), geolocation(none)
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expect-CT: max-age=0
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=15, max=499
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK main.css
www.greenvalleycapital.net/inc/ 273 KB
274 KB 120ms
118ms Stylesheet
text/css 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenvalleycapital.net/inc/main.css

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

1aa097ea9406dc08e63dc7dc67ef17d58c2e8a44c96c7d9d4a22183cb8803901

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.greenvalleycapital.net/
Cookie: tz=-120
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:06 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 280047
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 08 Feb 2021 22:45:12 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "445ef-5badaec3cefc3"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: text/css
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=498

GET
H/1.1 200
OK brand.css
www.greenvalleycapital.net/inc/18805/ 60 KB
60 KB 343ms
125ms Stylesheet
text/css 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenvalleycapital.net/inc/18805/brand.css

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

0dd9012f7b67130e5ade640ed4ca3350cfc917eff5e04b0fc9440f90b6efcc46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.greenvalleycapital.net/
Cookie: tz=-120
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:06 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 61343
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 22 Jan 2021 21:30:12 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "ef9f-5b983e4b8c371"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: text/css
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500

GET
H/1.1 200
OK jquery-2.min.js Show response
www.greenvalleycapital.net/inc/ 82 KB
83 KB 351ms
133ms Script
application/javascript 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenvalleycapital.net/inc/jquery-2.min.js

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.greenvalleycapital.net/
Cookie: tz=-120
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:06 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 84345
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 25 Jan 2018 01:03:50 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "14979-5638f5a5935d3"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.greenvalleycapital.net/inc/ 23 KB
23 KB 343ms
124ms Script
application/javascript 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenvalleycapital.net/inc/jquery.validate.min.js

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.greenvalleycapital.net/
Cookie: tz=-120
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:06 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 23070
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 25 Jan 2018 01:03:50 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "5a1e-5638f5a5935d3"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500

GET
H/1.1 200
OK jquery.range.js Show response
www.greenvalleycapital.net/inc/ 4 KB
5 KB 351ms
131ms Script
application/javascript 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenvalleycapital.net/inc/jquery.range.js

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

5115fddee9021a9af3ab69b97bc2ff6bc4921a2448153234ff56cce63f0475a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.greenvalleycapital.net/
Cookie: tz=-120
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:06 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 4339
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 16 May 2019 00:00:14 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "10f3-588f5f3577ba6"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500

GET
H/1.1 200
OK custom.php Show response
www.greenvalleycapital.net/inc/ 6 KB
6 KB 355ms
131ms Script
application/javascript 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenvalleycapital.net/inc/custom.php?p=1&affId=1

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

825d96af85e47013f37a8efec17f78e37db74ba75f24e6987f780dfb31abed03

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.greenvalleycapital.net/
Cookie: tz=-120
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:06 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Expect-CT: max-age=0
X-Frame-Options: sameorigin
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Strict-Transport-Security: max-age=0
Keep-Alive: timeout=15, max=500
Content-Length: 6006
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK logo-h.svg
www.greenvalleycapital.net/img/18805/ 10 KB
11 KB 118ms
118ms Image
image/svg+xml 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenvalleycapital.net/img/18805/logo-h.svg

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

05a5f24d35fb031d625f822a2df29fe23f38645f60ebe15afe87f5327c1cbc65

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.greenvalleycapital.net/
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:07 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 10257
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 02 Sep 2020 15:45:18 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "2811-5ae5685c1d75f"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: image/svg+xml
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499

GET
H/1.1 200
OK logo-h-l.svg
www.greenvalleycapital.net/img/18805/ 10 KB
11 KB 117ms
116ms Image
image/svg+xml 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenvalleycapital.net/img/18805/logo-h-l.svg

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

05a5f24d35fb031d625f822a2df29fe23f38645f60ebe15afe87f5327c1cbc65

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.greenvalleycapital.net/
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:07 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 10257
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 02 Sep 2020 15:45:18 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "2811-5ae5685c1d75f"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: image/svg+xml
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499

GET
H/1.1 200
OK icon-online-process.svg
www.greenvalleycapital.net/img/18805/icons/ 13 KB
13 KB 117ms
116ms Image
image/svg+xml 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenvalleycapital.net/img/18805/icons/icon-online-process.svg

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

2e3dfc3e6a872d9200f74acbc6ac529ac404e24bcb9784dfd491ce007fd8c3c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.greenvalleycapital.net/
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:07 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 13263
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 02 Sep 2020 15:45:18 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "33cf-5ae5685c2063f"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: image/svg+xml
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499

GET
H/1.1 200
OK icon-quick-approval.svg
www.greenvalleycapital.net/img/18805/icons/ 14 KB
14 KB 119ms
118ms Image
image/svg+xml 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenvalleycapital.net/img/18805/icons/icon-quick-approval.svg

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

a57ea763d8118f2aa32273531935b7f90e0f60fc51e18c0de50401b0e89646ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.greenvalleycapital.net/
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:07 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 13872
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 02 Sep 2020 15:45:18 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "3630-5ae5685c2063f"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: image/svg+xml
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=497

GET
H/1.1 200
OK icon-get-your-funds.svg
www.greenvalleycapital.net/img/18805/icons/ 9 KB
10 KB 119ms
118ms Image
image/svg+xml 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenvalleycapital.net/img/18805/icons/icon-get-your-funds.svg

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

2040e7718abb3bbfe4537069deeb6e696733329b1ad7d12b1f9fb9448d63b36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.greenvalleycapital.net/
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:07 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 9552
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 02 Sep 2020 15:45:18 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "2550-5ae5685c2063f"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: image/svg+xml
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499

GET
H2 200 css
fonts.googleapis.com/ 6 KB
758 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,700,900

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/inc/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47bfade75c7ead11a381b4556b2443526d58dc2645adcdd1db8ebea6db021739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.greenvalleycapital.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 13:09:47 GMT
server: ESF
date: Tue, 27 Apr 2021 13:54:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Apr 2021 13:54:07 GMT

GET
H/1.1 200
OK v2-background.jpg
www.greenvalleycapital.net/img/18805/ 472 KB
473 KB 118ms
117ms Image
image/jpeg 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenvalleycapital.net/img/18805/v2-background.jpg

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/inc/18805/brand.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

233020aba2abd4a6eca734dc6bd70c9dd7384aea24f45c6e18182c49f9565d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.greenvalleycapital.net/inc/18805/brand.css
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/inc/18805/brand.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:07 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 483424
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 02 Sep 2020 15:45:18 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "76060-5ae5685c1f69f"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: image/jpeg
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499

GET
H/1.1 200
OK how-it-works-bg.jpg
www.greenvalleycapital.net/img/18805/ 133 KB
134 KB 116ms
116ms Image
image/jpeg 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenvalleycapital.net/img/18805/how-it-works-bg.jpg

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/inc/18805/brand.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

30371f5eef2ac59bebd4f23a9dd7c558bae3dddbc56916b557a425eb79a2dd08

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.greenvalleycapital.net/inc/18805/brand.css
Connection: keep-alive
Referer: https://www.greenvalleycapital.net/inc/18805/brand.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:07 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 136191
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 02 Sep 2020 15:45:18 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "213ff-5ae5685c1bc07"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: image/jpeg
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=498

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.greenvalleycapital.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 575395
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:04:12 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.greenvalleycapital.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 04:11:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 207757
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Mon, 25 Apr 2022 04:11:30 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.greenvalleycapital.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:17:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:19 GMT
server: sffe
age: 48985
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18988
x-xss-protection: 0
expires: Wed, 27 Apr 2022 00:17:42 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
www.greenvalleycapital.net/inc/fonts/ 108 KB
109 KB 201ms
116ms Font
font/woff2 208.117.2.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenvalleycapital.net/inc/fonts/fa-solid-900.woff2

Requested by

Host: www.greenvalleycapital.net
URL: https://www.greenvalleycapital.net/inc/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.117.2.94 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip94.208-117-2.static.steadfastdns.net

Software

Apache /

Resource Hash

88876fcd5eb71de865d889ea63df11b023ef1d1365124305c2708f61cbb04339

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.greenvalleycapital.net
Accept-Encoding: gzip, deflate, br
Host: www.greenvalleycapital.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.greenvalleycapital.net/inc/main.css
Connection: keep-alive
Origin: https://www.greenvalleycapital.net
Referer: https://www.greenvalleycapital.net/inc/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 13:54:07 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 110892
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 02 Jul 2019 22:30:16 GMT
Server: Apache
X-Frame-Options: sameorigin
ETag: "1b12c-58cba49f4b256"
Expect-CT: max-age=0
Strict-Transport-Security: max-age=0
Content-Type: font/woff2
Permissions-Policy: camera(none), microphone(none), geolocation(none)
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=498

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

findsal.com
fonts.googleapis.com
fonts.gstatic.com
links.mp2201.com
www.greenvalleycapital.net
www.needliberty.com
208.117.2.230
208.117.2.94
2a00:1450:4001:808::2003
2a00:1450:4001:828::200a
35.238.129.105
52.39.165.69
05a5f24d35fb031d625f822a2df29fe23f38645f60ebe15afe87f5327c1cbc65
0dd9012f7b67130e5ade640ed4ca3350cfc917eff5e04b0fc9440f90b6efcc46
1aa097ea9406dc08e63dc7dc67ef17d58c2e8a44c96c7d9d4a22183cb8803901
2040e7718abb3bbfe4537069deeb6e696733329b1ad7d12b1f9fb9448d63b36a
233020aba2abd4a6eca734dc6bd70c9dd7384aea24f45c6e18182c49f9565d17
2e3dfc3e6a872d9200f74acbc6ac529ac404e24bcb9784dfd491ce007fd8c3c9
30371f5eef2ac59bebd4f23a9dd7c558bae3dddbc56916b557a425eb79a2dd08
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
47bfade75c7ead11a381b4556b2443526d58dc2645adcdd1db8ebea6db021739
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
5115fddee9021a9af3ab69b97bc2ff6bc4921a2448153234ff56cce63f0475a7
825d96af85e47013f37a8efec17f78e37db74ba75f24e6987f780dfb31abed03
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
88876fcd5eb71de865d889ea63df11b023ef1d1365124305c2708f61cbb04339
a57ea763d8118f2aa32273531935b7f90e0f60fc51e18c0de50401b0e89646ad
ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4
afae8e5a9d83b77b1f40d25b97e06a15bb9d85787dab42e5e64dc64a80e50edb
e127023a5ca8678479d0a9e957021a342c9ee31c325f842b4219c09d2c98d85e
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

www.greenvalleycapital.net Open in urlscan Pro 208.117.2.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

3 IPs

2 Countries

1303 kBTransfer

1300 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.greenvalleycapital.net Open in urlscan Pro
208.117.2.94 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

3
IPs

2
Countries

1303 kB
Transfer

1300 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions