urlscan.io logo urlscan.io
SecurityTrails logo

rdir.fresh-appz.com Open in urlscan Pro
216.104.36.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://happywealthy.net/
Effective URL: https://rdir.fresh-appz.com/?utm_term=7148068466786828320&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8c...
Submission: On September 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 216.104.36.155, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is rdir.fresh-appz.com.
TLS certificate: Issued by R3 on August 2nd 2022. Valid for: 3 months.
This is the only time rdir.fresh-appz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.32.121.36 16509 (AMAZON-02)
2 18.195.149.11 16509 (AMAZON-02)
2 216.104.36.155 32475 (SINGLEHOP...)
5 3
Domain Requested by
2 rdir.fresh-appz.com rdir.fresh-appz.com
2 happywealthy.net 1 redirects
1 secure.stackpr0fit.com
1 link.happypr0fit.com happywealthy.net
5 4

This site contains no links.

Subject Issuer Validity Valid
happywealthy.net
Amazon		 2022-06-17 -
2023-07-16		 a year crt.sh
link.happypr0fit.com
R3		 2022-09-20 -
2022-12-19		 3 months crt.sh
secure.stackpr0fit.com
R3		 2022-09-16 -
2022-12-15		 3 months crt.sh
rdir.fresh-appz.com
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rdir.fresh-appz.com/?utm_term=7148068466786828320&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Frame ID: F0576657971BAFF88F409D7D03B090E4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://happywealthy.net/ HTTP 301
    https://happywealthy.net/ Page URL
  2. https://link.happypr0fit.com/de6bd034-796b-4274-9c4c-6378f02b44d1 Page URL
  3. https://secure.stackpr0fit.com/redirect?target=BASE64aHR0cHM6Ly9yZGlyLmZyZXNoLWFwcHouY29tLz91dG1fbWVkaXVtPT... Page URL
  4. https://rdir.fresh-appz.com/?utm_medium=675bafeb16c9f25694564b6cbf9edb069d846d04&utm_campaign=glb2022ms&... Page URL
  5. https://rdir.fresh-appz.com/?utm_term=7148068466786828320&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

8 kB
Transfer

13 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://happywealthy.net/ HTTP 301
    https://happywealthy.net/ Page URL
  2. https://link.happypr0fit.com/de6bd034-796b-4274-9c4c-6378f02b44d1 Page URL
  3. https://secure.stackpr0fit.com/redirect?target=BASE64aHR0cHM6Ly9yZGlyLmZyZXNoLWFwcHouY29tLz91dG1fbWVkaXVtPTY3NWJhZmViMTZjOWYyNTY5NDU2NGI2Y2JmOWVkYjA2OWQ4NDZkMDQmdXRtX2NhbXBhaWduPWdsYjIwMjJtcyZjaWQ9d2U0cHJ1YmRvaGV1cGViajJxaXR1bGFzJm5wPTI&ts=1664289381493&hash=oAkPXWew5qk_4ASCHWbwSErKxWtTqDvNMVo3sw6W5kw&rm=D Page URL
  4. https://rdir.fresh-appz.com/?utm_medium=675bafeb16c9f25694564b6cbf9edb069d846d04&utm_campaign=glb2022ms&cid=we4prubdoheupebj2qitulas&np=2 Page URL
  5. https://rdir.fresh-appz.com/?utm_term=7148068466786828320&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://happywealthy.net/ HTTP 301
  • https://happywealthy.net/

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
happywealthy.net/
Redirect Chain
  • http://happywealthy.net/
  • https://happywealthy.net/
958 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://happywealthy.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-36.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
148485fb9b332403e077449105a62cadae881a9e5e4b779618b68b9172648636

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62554
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 21:13:47 GMT
server
nginx/1.20.0
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-id
yEg6t74mp6AJnOdnkUeODi-Cq2XaIwoark0VpukK8WL9RPNnYwpqWQ==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Tue, 27 Sep 2022 14:36:21 GMT
Location
https://happywealthy.net/
Server
CloudFront
Via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
dCW5jABXSNS5bSfW0UR9B7oqFaKnBbtaAUIdShWQNIiVvq9JFV56PA==
X-Amz-Cf-Pop
FRA60-P1
X-Cache
Redirect from cloudfront
de6bd034-796b-4274-9c4c-6378f02b44d1
link.happypr0fit.com/ 		523 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://link.happypr0fit.com/de6bd034-796b-4274-9c4c-6378f02b44d1
Requested by
Host: happywealthy.net
URL: https://happywealthy.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.149.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-149-11.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://happywealthy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
523
content-type
text/html;charset=UTF-8
date
Tue, 27 Sep 2022 14:36:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
redirect
secure.stackpr0fit.com/ 		349 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.stackpr0fit.com/redirect?target=BASE64aHR0cHM6Ly9yZGlyLmZyZXNoLWFwcHouY29tLz91dG1fbWVkaXVtPTY3NWJhZmViMTZjOWYyNTY5NDU2NGI2Y2JmOWVkYjA2OWQ4NDZkMDQmdXRtX2NhbXBhaWduPWdsYjIwMjJtcyZjaWQ9d2U0cHJ1YmRvaGV1cGViajJxaXR1bGFzJm5wPTI&ts=1664289381493&hash=oAkPXWew5qk_4ASCHWbwSErKxWtTqDvNMVo3sw6W5kw&rm=D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.149.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-149-11.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://link.happypr0fit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Tue, 27 Sep 2022 14:36:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
/
rdir.fresh-appz.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rdir.fresh-appz.com/?utm_medium=675bafeb16c9f25694564b6cbf9edb069d846d04&utm_campaign=glb2022ms&cid=we4prubdoheupebj2qitulas&np=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.104.36.155 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://secure.stackpr0fit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 14:36:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rdir.fresh-appz.com/?utm_term=7148068466786828320&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9
Primary Request /
rdir.fresh-appz.com/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rdir.fresh-appz.com/?utm_term=7148068466786828320&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Requested by
Host: rdir.fresh-appz.com
URL: https://rdir.fresh-appz.com/?utm_medium=675bafeb16c9f25694564b6cbf9edb069d846d04&utm_campaign=glb2022ms&cid=we4prubdoheupebj2qitulas&np=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.104.36.155 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
e74d320c5d5c3af8f4586427c2ed77dc6539cf1681a25c6e9b69121a4434d964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://rdir.fresh-appz.com/?utm_medium=675bafeb16c9f25694564b6cbf9edb069d846d04&utm_campaign=glb2022ms&cid=we4prubdoheupebj2qitulas&np=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 14:36:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| pm_appKey function| pm_denyAction string| pm_tag function| pm_allowAction

3 Cookies

Domain/Path Name / Value
.link.happypr0fit.com/ Name: de6bd034-796b-4274-9c4c-6378f02b44d1-v4
Value: ZDoGI7KFb_R20Krl2CKexqGulm9oAiUMvmZ3-cVqB_k
.link.happypr0fit.com/ Name: cc-v4
Value: FFpWH9gNz7YuIr8fUbepkPQOz66LvaDSJPlhVXzgD7Us%2FO%2B3pPt3YM4Q%2FtPRJYOZAreqrGPX7tq45eGTiwF85wt1YvkEFNDzJjoxszb659sNN3GDWKgVaYLNLl7m%2FEKctt%2Bgb7xapoN8JGohRuV9ow%3D%3D
rdir.fresh-appz.com/ Name: u
Value: a758e6f08571270f59dd461c90cfb82d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

happywealthy.net
link.happypr0fit.com
rdir.fresh-appz.com
secure.stackpr0fit.com
13.32.121.36
18.195.149.11
216.104.36.155
148485fb9b332403e077449105a62cadae881a9e5e4b779618b68b9172648636
e74d320c5d5c3af8f4586427c2ed77dc6539cf1681a25c6e9b69121a4434d964