redirect.heavyworth.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 18.239.50.8, located in United States and belongs to AMAZON-02, US. The main domain is redirect.heavyworth.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 24th 2023. Valid for: a year.

This is the only time redirect.heavyworth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4	18.239.50.8 18.239.50.8		16509 (AMAZON-02) (AMAZON-02)
4	1

4 18.239.50.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-8.ams58.r.cloudfront.net

redirect.heavyworth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	heavyworth.com redirect.heavyworth.com	13 KB
4	1

	Domain	Requested by
4	redirect.heavyworth.com	redirect.heavyworth.com
4	1

This site contains links to these domains. Also see Links.

Domain
www.purplewave.com
app.heavyworth.com

Subject Issuer	Validity	Valid
www.heavyworth.com Amazon RSA 2048 M02	`2023-10-24` - `2024-11-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://redirect.heavyworth.com/
Frame ID: FC7D99CC0C8069BE798A070C375D219A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HeavyWorth is moving

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

4
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

13 kB
Transfer

12 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.purplewave.com/appraisals
Title: Purple Wave Appraisal Services

Search URL Search Domain Scan URL

URL: https://app.heavyworth.com/
Title: here.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response redirect.heavyworth.com/	2 KB 2 KB	153ms 15ms	Document text/html	18.239.50.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redirect.heavyworth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-8.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash `d0210da0033fe254f046b79d66b09bfebccdc5aecd6000b5cdcda583ef8782fc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 24662 content-length 1794 content-type text/html date Fri, 19 Jan 2024 14:25:07 GMT etag "ca8cd398c4abf6a99e05bda69d0ad0ff" last-modified Wed, 23 Nov 2022 16:25:24 GMT server AmazonS3 via 1.1 704c8a207b209dd3861e2faa8d55cc08.cloudfront.net (CloudFront) x-amz-cf-id 3JGIMno5WJG8rJ5vIqgH-BHMEN5JY4rpvpu9c50pINDdrXwhGI0YMQ== x-amz-cf-pop AMS58-P3 x-amz-version-id null x-cache Hit from cloudfront
GET H2	200	index.css redirect.heavyworth.com/	547 B 887 B	26ms 25ms	Stylesheet text/css	18.239.50.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redirect.heavyworth.com/index.css Requested by Host: redirect.heavyworth.com URL: https://redirect.heavyworth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-8.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash `0cbcb661870f4cadca8d3c2149ffabde6bf0c9881caebcfba93d6c07cd8de614` Request headers accept-language de-DE,de;q=0.9 Referer https://redirect.heavyworth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Thu, 18 Jan 2024 22:34:21 GMT x-amz-version-id null via 1.1 704c8a207b209dd3861e2faa8d55cc08.cloudfront.net (CloudFront) last-modified Wed, 23 Nov 2022 13:35:53 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 age 81708 etag "fdd26a0e1f5bf121479d2e3b3bd1ba3f" x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 547 x-amz-cf-id rCkO5LanPJ20aO0qRfIzjSmLu91oTk1b75S8QxcyB3oDZ80iek2nJg==
GET H2	200	js Show response redirect.heavyworth.com/%E2%80%9Chttps://www.googletagmanager.com/gtag/	2 KB 2 KB	428ms 428ms	Script text/html	18.239.50.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redirect.heavyworth.com/%E2%80%9Chttps://www.googletagmanager.com/gtag/js?id=UA-116788458-1%E2%80%9D Requested by Host: redirect.heavyworth.com URL: https://redirect.heavyworth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-8.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash `d0210da0033fe254f046b79d66b09bfebccdc5aecd6000b5cdcda583ef8782fc` Request headers accept-language de-DE,de;q=0.9 Referer https://redirect.heavyworth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-amz-version-id null date Fri, 19 Jan 2024 21:16:09 GMT via 1.1 704c8a207b209dd3861e2faa8d55cc08.cloudfront.net (CloudFront) last-modified Wed, 23 Nov 2022 16:25:24 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 age 24663 etag "ca8cd398c4abf6a99e05bda69d0ad0ff" x-cache Error from cloudfront content-type text/html accept-ranges bytes content-length 1794 x-amz-cf-id _Zy0PP140UnevUcocQNBEamkZ7i-Aa5ijXY4wGWlaPe6ZYto1l7SIg==
GET H2	200	PW_Main_Logo.svg redirect.heavyworth.com/	8 KB 8 KB	25ms 25ms	Image image/svg+xml	18.239.50.8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://redirect.heavyworth.com/PW_Main_Logo.svg Requested by Host: redirect.heavyworth.com URL: https://redirect.heavyworth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-8.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash `cd88dc1d9985054d9e0e607ef50f8172d420646ada03b7b24bebe61a0066c809` Request headers accept-language de-DE,de;q=0.9 Referer https://redirect.heavyworth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-amz-version-id null date Fri, 19 Jan 2024 21:12:20 GMT via 1.1 704c8a207b209dd3861e2faa8d55cc08.cloudfront.net (CloudFront) last-modified Wed, 23 Nov 2022 16:25:31 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 age 228 etag "60b02837e89bb479d519595ecf884918" x-cache Hit from cloudfront content-type image/svg+xml accept-ranges bytes content-length 7868 x-amz-cf-id IcWW6vVfvkmay6NnHKeCtPuJ1u-ruUProhaI2IKphkvMyHuH2w9lFQ==

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

redirect.heavyworth.com
18.239.50.8
0cbcb661870f4cadca8d3c2149ffabde6bf0c9881caebcfba93d6c07cd8de614
cd88dc1d9985054d9e0e607ef50f8172d420646ada03b7b24bebe61a0066c809
d0210da0033fe254f046b79d66b09bfebccdc5aecd6000b5cdcda583ef8782fc

redirect.heavyworth.com Open in urlscan Pro 18.239.50.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

4 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

13 kBTransfer

12 kBSize

0 Cookies

2 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

redirect.heavyworth.com Open in urlscan Pro
18.239.50.8 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

13 kB
Transfer

12 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions