urlscan.io logo urlscan.io
SecurityTrails logo

mail.profitadlinks.com Open in urlscan Pro
184.164.136.170  Public Scan

Go To Rescan Add Verdict Report
URL: http://mail.profitadlinks.com/
Submission: On July 25 via api from KR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 19 HTTP transactions. The main IP is 184.164.136.170, located in Phoenix, United States and belongs to SSASN2, US. The main domain is mail.profitadlinks.com.
This is the only time mail.profitadlinks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 184.164.136.170 20454 (SSASN2)
1 2a00:1450:400... 15169 (GOOGLE)
3 184.175.102.210 7393 (CYBERCON)
3 172.67.21.170 13335 (CLOUDFLAR...)
1 216.15.151.95 7393 (CYBERCON)
1 184.95.38.2 20454 (SSASN2)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 8
7    184.164.136.170 (Phoenix, United States)

ASN20454 (SSASN2, US)
PTR: server.safelistextreme.com
mail.profitadlinks.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    184.175.102.210 (United States)

ASN7393 (CYBERCON, US)
PTR: server.worldprofit.com
worldprofitadvertising.com
worldprofittraffic.com
homebiz2020.com
3    172.67.21.170 (United States)

ASN13335 (CLOUDFLARENET, US)
image.providesupport.com
1    216.15.151.95 (St Louis, United States)

ASN7393 (CYBERCON, US)
PTR: apollo1.worldprofit.com
www.ihaveliftoff.com
1    184.95.38.2 (United States)

ASN20454 (SSASN2, US)
PTR: server.worldtrafficmailer.com
worldtrafficmailer.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Domain Requested by
7 mail.profitadlinks.com mail.profitadlinks.com
3 image.providesupport.com mail.profitadlinks.com
2 www.google-analytics.com worldprofittraffic.com
www.googletagmanager.com
1 www.googletagmanager.com worldprofitadvertising.com
1 worldtrafficmailer.com worldprofittraffic.com
1 www.ihaveliftoff.com worldprofittraffic.com
1 homebiz2020.com worldprofittraffic.com
1 worldprofittraffic.com mail.profitadlinks.com
1 worldprofitadvertising.com mail.profitadlinks.com
1 ajax.googleapis.com mail.profitadlinks.com
19 10

This site contains links to these domains. Also see Links.

Domain
www.profitadlinks.com
Subject Issuer Validity Valid
worldprofitadvertising.com
R3		 2021-07-21 -
2021-10-19		 3 months crt.sh
worldprofittraffic.com
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
homebiz2020.com
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
ihaveliftoff.com
R3		 2021-07-08 -
2021-10-06		 3 months crt.sh
worldtrafficmailer.com
cPanel, Inc. Certification Authority		 2021-05-15 -
2021-08-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://mail.profitadlinks.com/
Frame ID: D819FC0AC09A7AA48F0CE33082BD5366
Requests: 11 HTTP requests in this frame

Frame: https://worldprofitadvertising.com/diamondAdsH6D.cfm?memberID=3099
Frame ID: 5A7F05183FD679134374B471ACD287E2
Requests: 3 HTTP requests in this frame

Frame: https://worldprofittraffic.com/goldbannersH3D600.cfm
Frame ID: FB13DC906BBE0E9092915453ABE7F595
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

19
Requests

42 %
HTTPS

38 %
IPv6

10
Domains

10
Subdomains

8
IPs

2
Countries

415 kB
Transfer

599 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
mail.profitadlinks.com/ 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
184.164.136.170 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
server.safelistextreme.com
Software
Apache / PHP/5.2.17
Resource Hash
c573c6adb585f52645bd100e5d2262180479c6d1504d2a42cbadefeabc92f2c2

Request headers

Host
mail.profitadlinks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 05:23:19 GMT
Server
Apache
X-Powered-By
PHP/5.2.17
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=15geisen8hljarm5mvdk1v4r66; path=/ version=A; expires=Mon, 25-Jul-2022 05:23:19 GMT
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mail.profitadlinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 20:20:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
32598
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33845
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 24 Jul 2022 20:20:01 GMT
header.jpg
mail.profitadlinks.com/images/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mail.profitadlinks.com/images/header.jpg
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
184.164.136.170 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
server.safelistextreme.com
Software
Apache /
Resource Hash
525d164fb268aa5cf0117730a5cec3681bcdab445659575cff49fdf3fc874b76

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mail.profitadlinks.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://mail.profitadlinks.com/
Cookie
PHPSESSID=15geisen8hljarm5mvdk1v4r66; version=A
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mail.profitadlinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 05:23:19 GMT
Last-Modified
Sun, 04 Feb 2018 20:55:59 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
100412
Content-Type
image/jpeg
bg.jpg
mail.profitadlinks.com/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mail.profitadlinks.com/images/bg.jpg
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
184.164.136.170 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
server.safelistextreme.com
Software
Apache /
Resource Hash
2f0935320d54860edcb04402c22c8c0984715945a94701acf22eab94b16aefeb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mail.profitadlinks.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://mail.profitadlinks.com/
Cookie
PHPSESSID=15geisen8hljarm5mvdk1v4r66; version=A
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mail.profitadlinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 05:23:19 GMT
Last-Modified
Sun, 04 Feb 2018 20:55:51 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
36607
Content-Type
image/jpeg
page-bg.jpg
mail.profitadlinks.com/images/ 		599 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mail.profitadlinks.com/images/page-bg.jpg
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
184.164.136.170 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
server.safelistextreme.com
Software
Apache /
Resource Hash
3f8c1730e2c83cbbc5ea55847fb402d68c1c0f9baff7a6df40f262e526c9ac8a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mail.profitadlinks.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://mail.profitadlinks.com/
Cookie
PHPSESSID=15geisen8hljarm5mvdk1v4r66; version=A
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mail.profitadlinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 05:23:19 GMT
Last-Modified
Sun, 04 Feb 2018 20:45:02 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
599
Content-Type
image/jpeg
checkmark.png
mail.profitadlinks.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mail.profitadlinks.com/images/checkmark.png
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
184.164.136.170 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
server.safelistextreme.com
Software
Apache /
Resource Hash
43d2794dd015ac6416a5bcd366adffccb99a6f5c947f399ea3954cd0837ba51c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mail.profitadlinks.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://mail.profitadlinks.com/
Cookie
PHPSESSID=15geisen8hljarm5mvdk1v4r66; version=A
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mail.profitadlinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 05:23:19 GMT
Last-Modified
Sun, 04 Feb 2018 20:45:14 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
2221
Content-Type
image/png
admin.jpg
mail.profitadlinks.com/photos/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mail.profitadlinks.com/photos/admin.jpg
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
184.164.136.170 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
server.safelistextreme.com
Software
Apache /
Resource Hash
022e5813882b6eb968f502e89737a7c22a9f1b0cee1f4a43722b872df1fd5b7e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mail.profitadlinks.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://mail.profitadlinks.com/
Cookie
PHPSESSID=15geisen8hljarm5mvdk1v4r66; version=A
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mail.profitadlinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 05:23:19 GMT
Last-Modified
Sun, 04 Feb 2018 20:45:45 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
8866
Content-Type
image/jpeg
diamondAdsH6D.cfm
worldprofitadvertising.com/ Frame 5A7F 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://worldprofitadvertising.com/diamondAdsH6D.cfm?memberID=3099
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.175.102.210 , United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.worldprofit.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
14e5bd55ed5a6396aa59cc400e29ae5824a65b17c80ef82d3fbd920dbb9c6bbe

Request headers

:method
GET
:authority
worldprofitadvertising.com
:scheme
https
:path
/diamondAdsH6D.cfm?memberID=3099
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mail.profitadlinks.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://mail.profitadlinks.com/

Response headers

content-type
text/html;charset=UTF-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Sun, 25 Jul 2021 05:23:22 GMT
content-length
1706
goldbannersH3D600.cfm
worldprofittraffic.com/ Frame FB13 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://worldprofittraffic.com/goldbannersH3D600.cfm
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.175.102.210 , United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.worldprofit.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
100837de7d43edb9ec9f360888da6b57b2d7f9b5982cefcfb66a0a2dc38c80cb

Request headers

:method
GET
:authority
worldprofittraffic.com
:scheme
https
:path
/goldbannersH3D600.cfm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mail.profitadlinks.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://mail.profitadlinks.com/

Response headers

content-type
text/html;charset=UTF-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Sun, 25 Jul 2021 05:23:22 GMT
content-length
1754
footer.jpg
mail.profitadlinks.com/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mail.profitadlinks.com/images/footer.jpg
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
184.164.136.170 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
server.safelistextreme.com
Software
Apache /
Resource Hash
68c3eb3a5af14f14506796934e8bcc24528ebbe8e4052a33c5404e8160f88680

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mail.profitadlinks.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://mail.profitadlinks.com/
Cookie
PHPSESSID=15geisen8hljarm5mvdk1v4r66; version=A
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mail.profitadlinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 05:23:22 GMT
Last-Modified
Sun, 04 Feb 2018 20:55:57 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
41019
Content-Type
image/jpeg
safe-monitor.js
image.providesupport.com/js/0uhuf23jcemx61742b0mubd84i/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://image.providesupport.com/js/0uhuf23jcemx61742b0mubd84i/safe-monitor.js?ps_h=eUy2&ps_t=1627190600520&ProfitAdLinksID=&Name=&SponsorID=
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
172.67.21.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab742a70e02ee001d9f4c2ee16cd8dc22c2e60a7f346c975a64ee1332e1d9fda

Request headers

Referer
http://mail.profitadlinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 05:23:23 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
X-instanceid
21
P3P
CP="NOI CURa ADMa DEVa OUR IND COM NAV", policyref="/w3c/p3p.xml"
Content-Type
application/javascript; charset=utf-8
Cache-Control
must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6742f4b21b5e0b78-AMS
Expires
Thu, 01 Jan 1970 00:00:00 GMT
general728x90.png
homebiz2020.com/banners/wp/ Frame FB13 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://homebiz2020.com/banners/wp/general728x90.png
Requested by
Host: worldprofittraffic.com
URL: https://worldprofittraffic.com/goldbannersH3D600.cfm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.175.102.210 , United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.worldprofit.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cc20c363fa214104639b27d08bac796c06de3304dda25cc924c9ddd13d7a7e67

Request headers

Referer
https://worldprofittraffic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 05:23:22 GMT
last-modified
Mon, 13 Jan 2020 15:04:07 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8d66b8b322cad51:0"
content-type
image/png
accept-ranges
bytes
content-length
52484
rocketbanner.gif
www.ihaveliftoff.com/banners/ Frame FB13 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ihaveliftoff.com/banners/rocketbanner.gif
Requested by
Host: worldprofittraffic.com
URL: https://worldprofittraffic.com/goldbannersH3D600.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.15.151.95 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
apollo1.worldprofit.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cf489fce0efe2e0e5bfd210897a9ed4b761ea3abf6944a3af536e92ce331ae2e

Request headers

Referer
https://worldprofittraffic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 05:23:23 GMT
Last-Modified
Fri, 08 Nov 2019 14:53:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"47fb24a4496d51:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
9787
getimg.php
worldtrafficmailer.com/ Frame FB13 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worldtrafficmailer.com/getimg.php?id=1
Requested by
Host: worldprofittraffic.com
URL: https://worldprofittraffic.com/goldbannersH3D600.cfm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.95.38.2 , United States, ASN20454 (SSASN2, US),
Reverse DNS
server.worldtrafficmailer.com
Software
Apache /
Resource Hash
a0fed5e9991b8562fffa2aaf50702b9f0c29d7f092b75653e33fba265a373ae9

Request headers

Referer
https://worldprofittraffic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 05:23:23 GMT
Server
Apache
Connection
close
Transfer-Encoding
chunked
Content-Type
image/gif
analytics.js
www.google-analytics.com/ Frame FB13 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: worldprofittraffic.com
URL: https://worldprofittraffic.com/goldbannersH3D600.cfm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://worldprofittraffic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1944
date
Sun, 25 Jul 2021 04:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Sun, 25 Jul 2021 06:50:59 GMT
js
www.googletagmanager.com/gtag/ Frame 5A7F 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-73550705-1
Requested by
Host: worldprofitadvertising.com
URL: https://worldprofitadvertising.com/diamondAdsH6D.cfm?memberID=3099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9b33324a9846620122ce618a7554c1344cb483b901a969a6c81d9aad630bcde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://worldprofitadvertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 05:23:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40059
x-xss-protection
0
last-modified
Sun, 25 Jul 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Jul 2021 05:23:23 GMT
0uhuf23jcemx61742b0mubd84i
image.providesupport.com/cmd/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://image.providesupport.com/cmd/0uhuf23jcemx61742b0mubd84i?ps_t=1627190603053&ps_l=http%3A//mail.profitadlinks.com/&ps_r=&ps_s=yfq8s9OISlcfTb7h&ProfitAdLinksID=&Name=&SponsorID=
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
172.67.21.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://mail.profitadlinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 05:23:23 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
X-instanceid
21
P3P
CP="NOI CURa ADMa DEVa OUR IND COM NAV", policyref="/w3c/p3p.xml"
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
CF-RAY
6742f4b53d720b78-AMS
Content-Length
43
offline-1013651537.png
image.providesupport.com/image/0uhuf23jcemx61742b0mubd84i/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://image.providesupport.com/image/0uhuf23jcemx61742b0mubd84i/offline-1013651537.png
Requested by
Host: mail.profitadlinks.com
URL: http://mail.profitadlinks.com/
Protocol
HTTP/1.1
Server
172.67.21.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ded929e32391a2d55a661c9a085a8763f61841b3ee8759379a660120decdfe9

Request headers

Referer
http://mail.profitadlinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 05:23:23 GMT
CF-Cache-Status
EXPIRED
Last-Modified
Sat, 18 May 2019 19:41:46 UTC
Server
cloudflare
Vary
Accept-Encoding
X-instanceid
21
P3P
CP="NOI CURa ADMa DEVa OUR IND COM NAV", policyref="/w3c/p3p.xml"
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6742f4b53ce800a3-AMS
Content-Length
6416
Expires
Tue, 24 Aug 2021 05:23:23 UTC
analytics.js
www.google-analytics.com/ Frame 5A7F 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-73550705-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://worldprofitadvertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1944
date
Sun, 25 Jul 2021 04:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Sun, 25 Jul 2021 06:50:59 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| loadBanners object| seeUy2 string| seeUy2s object| pseUy2be object| psCookie object| psCookieeUy2 number| pseUy2wid function| pseUy2ld object| pseUy2bi function| pseUy2um function| pseUy2ow

3 Cookies

Domain/Path Name / Value
.profitadlinks.com/ Name: ps_rvm_eUy2
Value: %7B%22pssid%22%3A%22yfq8s9OISlcfTb7h-1627190603053%22%7D
mail.profitadlinks.com/ Name: version
Value: A
mail.profitadlinks.com/ Name: PHPSESSID
Value: 15geisen8hljarm5mvdk1v4r66

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
homebiz2020.com
image.providesupport.com
mail.profitadlinks.com
worldprofitadvertising.com
worldprofittraffic.com
worldtrafficmailer.com
www.google-analytics.com
www.googletagmanager.com
www.ihaveliftoff.com
172.67.21.170
184.164.136.170
184.175.102.210
184.95.38.2
216.15.151.95
2a00:1450:4001:80f::200e
2a00:1450:4001:827::200a
2a00:1450:4001:829::2008
022e5813882b6eb968f502e89737a7c22a9f1b0cee1f4a43722b872df1fd5b7e
100837de7d43edb9ec9f360888da6b57b2d7f9b5982cefcfb66a0a2dc38c80cb
14e5bd55ed5a6396aa59cc400e29ae5824a65b17c80ef82d3fbd920dbb9c6bbe
2ded929e32391a2d55a661c9a085a8763f61841b3ee8759379a660120decdfe9
2f0935320d54860edcb04402c22c8c0984715945a94701acf22eab94b16aefeb
3f8c1730e2c83cbbc5ea55847fb402d68c1c0f9baff7a6df40f262e526c9ac8a
43d2794dd015ac6416a5bcd366adffccb99a6f5c947f399ea3954cd0837ba51c
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
525d164fb268aa5cf0117730a5cec3681bcdab445659575cff49fdf3fc874b76
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
68c3eb3a5af14f14506796934e8bcc24528ebbe8e4052a33c5404e8160f88680
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
a0fed5e9991b8562fffa2aaf50702b9f0c29d7f092b75653e33fba265a373ae9
ab742a70e02ee001d9f4c2ee16cd8dc22c2e60a7f346c975a64ee1332e1d9fda
c573c6adb585f52645bd100e5d2262180479c6d1504d2a42cbadefeabc92f2c2
cc20c363fa214104639b27d08bac796c06de3304dda25cc924c9ddd13d7a7e67
cf489fce0efe2e0e5bfd210897a9ed4b761ea3abf6944a3af536e92ce331ae2e
f9b33324a9846620122ce618a7554c1344cb483b901a969a6c81d9aad630bcde