www.clixus.com Open in urlscan Pro
80.86.184.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paramoujtplus.com/
Effective URL:
http://www.clixus.com/
Submission: On August 10 via api (August 10th 2021, 6:40:33 pm UTC) from US

Summary HTTP 16 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 16 HTTP transactions. The main IP is 80.86.184.242, located in Hanover, Germany and belongs to LAMBDANET-AS European Backbone of AS13237, DE. The main domain is www.clixus.com.

This is the only time www.clixus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	212.32.237.90 212.32.237.90	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	198.54.112.216 198.54.112.216	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	49.12.0.235 49.12.0.235	24940 (HETZNER-AS) (HETZNER-AS)
1 1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2606:4700:303... 2606:4700:3036::ac43:872c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	81.209.248.3 81.209.248.3	13237 (LAMBDANET...) (LAMBDANET-AS European Backbone of AS13237)
4	80.86.184.242 80.86.184.242	13237 (LAMBDANET...) (LAMBDANET-AS European Backbone of AS13237)
6 12	81.209.255.210 81.209.255.210	60380 (PIXELX-AS) (PIXELX-AS)
16	7

2 212.32.237.90 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

paramoujtplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.54.112.216 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

4773.rebiraert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.0.235 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.235.0.12.49.clients.your-server.de

rtpnt.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:872c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

utkv6nyu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.209.248.3 (Germany) 2 redirects

ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE)
PTR: lb.dmk-internet.com

clix.superclix.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 80.86.184.242 (Hanover, Germany)

ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE)
PTR: www99.dmk-internet.com

www.clixus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 81.209.255.210 (Germany) 6 redirects

ASN60380 (PIXELX-AS, DE)

www.freihit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	freihit.de 6 redirects www.freihit.de	3 KB
4	clixus.com www.clixus.com	19 KB
3	superclix.de 2 redirects clix.superclix.de	47 KB
2	lookandfind.me lookandfind.me	971 B
2	rebiraert.com 1 redirects 4773.rebiraert.com	706 B
2	paramoujtplus.com 1 redirects paramoujtplus.com	1 KB
1	utkv6nyu.de 1 redirects utkv6nyu.de	454 B
1	clever-redirect.com 1 redirects clever-redirect.com	234 B
1	rtpnt.xyz 1 redirects rtpnt.xyz	196 B
0	chitika.net Failed cdn.chitika.net Failed
16	10

	Domain	Requested by
12	www.freihit.de	6 redirects www.clixus.com
4	www.clixus.com	lookandfind.me www.clixus.com
3	clix.superclix.de	2 redirects www.clixus.com
2	lookandfind.me	4773.rebiraert.com
2	4773.rebiraert.com	1 redirects paramoujtplus.com
2	paramoujtplus.com	1 redirects
1	utkv6nyu.de	1 redirects
1	clever-redirect.com	1 redirects
1	rtpnt.xyz	1 redirects
0	cdn.chitika.net Failed	www.clixus.com
16	10

This site contains links to these domains. Also see Links.

Domain
www.suchhits.de
clix.superclix.de
www.dmk-internet.com
www.musichits.org
www.hackernetwork.de
www.errorhits.de
www.superclix.de

Subject Issuer	Validity	Valid
lookandfind.me R3	`2021-07-06` - `2021-10-04`	3 months	crt.sh
freihit.de R3	`2021-06-18` - `2021-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.clixus.com/
Frame ID: 9A8922949AC63CAF727C1E40BBA936CA
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://paramoujtplus.com/ Page URL
http://paramoujtplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODY... HTTP 302
http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737... Page URL
http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737... HTTP 302
https://rtpnt.xyz/v6/r?s=r8d&s3=apix07-paramoujtplus.com HTTP 302
https://clever-redirect.com/s/r6?s=r8d&s2=&s3=apix07paramoujtpluscom HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=eroscape.de&s1=r8d&s2=&s3=a... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=97f610ec79373b27e07845f18... HTTP 302
https://clix.superclix.de/cgi-bin/tclix.cgi?id=absahnen&pp=963&linknr=671&subid=at107999_a113396_m12_p... HTTP 302
http://clix.superclix.de/cgi-bin/clixint.cgi?country=GB&kno=1436297 HTTP 302
http://www.clixus.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

50 %
HTTPS

11 %
IPv6

10
Domains

10
Subdomains

7
IPs

3
Countries

69 kB
Transfer

82 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.suchhits.de/

Search URL Search Domain Scan URL

URL: http://clix.superclix.de/cgi-bin/clix.cgi?did=25585&linknr=78488
Title:

Search URL Search Domain Scan URL

URL: http://www.dmk-internet.com/
Title: DMK-Internet e.K.

Search URL Search Domain Scan URL

URL: http://www.musichits.org/
Title: MusicHits

Search URL Search Domain Scan URL

URL: http://www.hackernetwork.de/
Title: Free HackerTools

Search URL Search Domain Scan URL

URL: http://www.errorhits.de/
Title: Free Flash for Fun

Search URL Search Domain Scan URL

URL: http://www.superclix.de/
Title: Affiliate Marketing

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paramoujtplus.com/ Page URL
http://paramoujtplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODYyODAxNCwiaWF0IjoxNjI4NjIwODE0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWQwYzAzYm8zbDYxdGl1cTgwcTNmaTkiLCJuYmYiOjE2Mjg2MjA4MTQsInRzIjoxNjI4NjIwODE0MTI1MzYxfQ.9cYiTXAnqAsRPm1TDF9lAHi9ANebvTcu0huB4zBRMus&sid=667e6a14-fa0a-11eb-aee6-ed300f660eff HTTP 302
http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t/feed Page URL
http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t HTTP 302
https://rtpnt.xyz/v6/r?s=r8d&s3=apix07-paramoujtplus.com HTTP 302
https://clever-redirect.com/s/r6?s=r8d&s2=&s3=apix07paramoujtpluscom HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=eroscape.de&s1=r8d&s2=&s3=apix07paramoujtpluscom Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D97f610ec79373b27e07845f18a92d9d4%26url%3Dhttps%253A%252F%252Fwww.eroscape.de%252F&h=f2eee878332f9390211f69280347e655 Page URL
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=97f610ec79373b27e07845f18a92d9d4&url=https%3A%2F%2Fwww.eroscape.de%2F HTTP 302
https://clix.superclix.de/cgi-bin/tclix.cgi?id=absahnen&pp=963&linknr=671&subid=at107999_a113396_m12_p134708_cDE_s97f610ec79373b27e07845f18a92d9d4 HTTP 302
http://clix.superclix.de/cgi-bin/clixint.cgi?country=GB&kno=1436297 HTTP 302
http://www.clixus.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://paramoujtplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODYyODAxNCwiaWF0IjoxNjI4NjIwODE0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWQwYzAzYm8zbDYxdGl1cTgwcTNmaTkiLCJuYmYiOjE2Mjg2MjA4MTQsInRzIjoxNjI4NjIwODE0MTI1MzYxfQ.9cYiTXAnqAsRPm1TDF9lAHi9ANebvTcu0huB4zBRMus&sid=667e6a14-fa0a-11eb-aee6-ed300f660eff HTTP 302
http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t/feed

Request Chain 2

http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t HTTP 302
https://rtpnt.xyz/v6/r?s=r8d&s3=apix07-paramoujtplus.com HTTP 302
https://clever-redirect.com/s/r6?s=r8d&s2=&s3=apix07paramoujtpluscom HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=eroscape.de&s1=r8d&s2=&s3=apix07paramoujtpluscom

Request Chain 6

http://www.freihit.de/flagge/us.png HTTP 301
https://www.freihit.de/flagge/us.png

Request Chain 7

http://www.freihit.de/flagge/ru.png HTTP 301
https://www.freihit.de/flagge/ru.png

Request Chain 8

http://www.freihit.de/flagge/de.png HTTP 301
https://www.freihit.de/flagge/de.png

Request Chain 9

http://www.freihit.de/flagge/fr.png HTTP 301
https://www.freihit.de/flagge/fr.png

Request Chain 10

http://www.freihit.de/flagge/pl.png HTTP 301
https://www.freihit.de/flagge/pl.png

Request Chain 14

http://www.freihit.de/counter2.php?sc=superclix&sid=015818078 HTTP 301
https://www.freihit.de/counter2.php?sc=superclix&sid=015818078

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response paramoujtplus.com/	473 B 834 B	74ms 39ms	Document text/html	212.32.237.90 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://paramoujtplus.com/ Protocol HTTP/1.1 Server 212.32.237.90 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `bf732b55d594d6cc8cfe9e343cb9fdbe2f43cb7d76a26fefbe69ef3b7cee97a0` Request headers Host paramoujtplus.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cache-control max-age=0, private, must-revalidate connection close content-length 473 content-type text/html; charset=utf-8 date Tue, 10 Aug 2021 18:40:13 GMT server nginx set-cookie sid=667e6a14-fa0a-11eb-aee6-ed300f660eff; path=/; domain=.paramoujtplus.com; expires=Sun, 28 Aug 2089 21:54:21 GMT; max-age=2147483647; HttpOnly
GET H/1.1	200 OK	feed 4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t/ Redirect Chain http://paramoujtplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODYyODAxNCwiaWF0IjoxNjI4NjIwODE0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWQwYzAzYm8zbDYxdGl1cTgwcTN... http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t/feed	426 B 510 B	477ms 470ms	Document text/html	198.54.112.216 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t/feed Requested by Host: paramoujtplus.com URL: http://paramoujtplus.com/ Protocol HTTP/1.1 Server 198.54.112.216 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software nginx/1.14.2 / Resource Hash Request headers Host 4773.rebiraert.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://paramoujtplus.com/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://paramoujtplus.com/ Response headers Server nginx/1.14.2 Date Tue, 10 Aug 2021 18:40:14 GMT Content-Type text/html Transfer-Encoding chunked Connection close Content-Encoding gzip Redirect headers cache-control max-age=0, private, must-revalidate connection close content-length 11 date Tue, 10 Aug 2021 18:40:13 GMT location http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t/feed server nginx set-cookie sid=667e6a14-fa0a-11eb-aee6-ed300f660eff; path=/; domain=.paramoujtplus.com; expires=Sun, 28 Aug 2089 21:54:21 GMT; max-age=2147483647; HttpOnly
GET H2	200	a Show response lookandfind.me/s/ Redirect Chain http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t https://rtpnt.xyz/v6/r?s=r8d&s3=apix07-paramoujtplus.com https://clever-redirect.com/s/r6?s=r8d&s2=&s3=apix07paramoujtpluscom https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=eroscape.de&s1=r8d&s2=&s3=apix07paramoujtpluscom	429 B 596 B	70ms 33ms	Document text/html	157.90.169.168 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=eroscape.de&s1=r8d&s2=&s3=apix07paramoujtpluscom Requested by Host: 4773.rebiraert.com URL: http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t/feed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.168.169.90.157.clients.your-server.de Software Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.19 / PHP/7.4.19 Resource Hash `96d610dc0df9c7e8ef5005f244e1e8f66c6b506e1b6af2567e93c9d74ee5c666` Request headers :method GET :authority lookandfind.me :scheme https :path /s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=eroscape.de&s1=r8d&s2=&s3=apix07paramoujtpluscom pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://4773.rebiraert.com/match-4773/67091/188068701/1628620814/mf_32420726-b3d3-4457-afa7-7f671717737c/YXBpeDA3LXBhcmFtb3VqdHBsdXMuY29t/feed Response headers date Tue, 10 Aug 2021 18:40:15 GMT server Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.19 referrer-policy strict-origin-when-cross-origin x-powered-by PHP/7.4.19 content-length 429 content-type text/html; charset=UTF-8 Redirect headers date Tue, 10 Aug 2021 18:40:15 GMT server Apache/2.4.46 (codeit) OpenSSL/1.1.1i PHP/7.4.15 referrer-policy no-referrer x-powered-by PHP/7.4.15 location https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=eroscape.de&s1=r8d&s2=&s3=apix07paramoujtpluscom content-length 0 content-type text/html; charset=UTF-8
GET H2	200	r Show response lookandfind.me/s/	345 B 375 B	16ms 14ms	Document text/html	157.90.169.168 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D97f610ec79373b27e07845f18a92d9d4%26url%3Dhttps%253A%252F%252Fwww.eroscape.de%252F&h=f2eee878332f9390211f69280347e655 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.168.169.90.157.clients.your-server.de Software Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.19 / PHP/7.4.19 Resource Hash `55b29c008999e240b26e017b00b2d00e8539e31d1cc35a5a5bdfba9bcdce8fa6` Request headers :method GET :authority lookandfind.me :scheme https :path /s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D97f610ec79373b27e07845f18a92d9d4%26url%3Dhttps%253A%252F%252Fwww.eroscape.de%252F&h=f2eee878332f9390211f69280347e655 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=eroscape.de&s1=r8d&s2=&s3=apix07paramoujtpluscom accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=eroscape.de&s1=r8d&s2=&s3=apix07paramoujtpluscom Response headers date Tue, 10 Aug 2021 18:40:15 GMT server Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.19 referrer-policy strict-origin-when-cross-origin x-powered-by PHP/7.4.19 content-length 345 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	Primary Request / Show response www.clixus.com/ Redirect Chain https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=97f610ec79373b27e07845f18a92d9d4&url=https%3A%2F%2Fwww.eroscape.de%2F https://clix.superclix.de/cgi-bin/tclix.cgi?id=absahnen&pp=963&linknr=671&subid=at107999_a113396_m12_p134708_cDE_s97f610ec79373b27e07845f18a92d9d4 http://clix.superclix.de/cgi-bin/clixint.cgi?country=GB&kno=1436297 http://www.clixus.com/	18 KB 3 KB	137ms 118ms	Document text/html	80.86.184.242 LAMBDANET-AS Euro...
General Check archive.org Show headers Download Go to Full URL http://www.clixus.com/ Requested by Host: lookandfind.me URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D97f610ec79373b27e07845f18a92d9d4%26url%3Dhttps%253A%252F%252Fwww.eroscape.de%252F&h=f2eee878332f9390211f69280347e655 Protocol HTTP/1.1 Server 80.86.184.242 Hanover, Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE), Reverse DNS www99.dmk-internet.com Software Apache / PHP/5.3.29 Resource Hash `50faa9cbd201ccafb1bca856363b57f570da5398899ffe1eb6e09fe162caa22e` Request headers Host www.clixus.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D97f610ec79373b27e07845f18a92d9d4%26url%3Dhttps%253A%252F%252Fwww.eroscape.de%252F&h=f2eee878332f9390211f69280347e655 Response headers Date Tue, 10 Aug 2021 18:40:16 GMT Server Apache X-Powered-By PHP/5.3.29 Vary Accept-Encoding Content-Encoding gzip Content-Length 3054 Keep-Alive timeout=2, max=100 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1 Redirect headers Date Tue, 10 Aug 2021 18:40:16 GMT Server Apache/2.4.38 (Debian) mod_fcgid/2.3.9 OpenSSL/1.1.1d Location http://www.clixus.com/ P3P policyref="https://clix.superclix.de/w3c/p3p.xml", CP="" Keep-Alive timeout=15, max=100 Connection Keep-Alive Transfer-Encoding chunked
GET H/1.1	200 OK	clixus.css www.clixus.com/	617 B 606 B	67ms 64ms	Stylesheet text/css	80.86.184.242 LAMBDANET-AS Euro...
General Check archive.org Show headers Download Go to Full URL http://www.clixus.com/clixus.css Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol HTTP/1.1 Server 80.86.184.242 Hanover, Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE), Reverse DNS www99.dmk-internet.com Software Apache / Resource Hash `c76550952c19127ab792532604f06ec79d2be61158c2b1babcfbc7053fcd5350` Request headers Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 10 Aug 2021 18:40:16 GMT Content-Encoding gzip Last-Modified Wed, 08 May 2013 17:01:07 GMT Server Apache ETag "269-4dc37e13c9ac0-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 287
GET H/1.1	200 OK	LinksLogo.gif www.clixus.com/images/default/	15 KB 15 KB	232ms 224ms	Image image/gif	80.86.184.242 LAMBDANET-AS Euro...
General Check archive.org Show headers Download Go to Show image Full URL http://www.clixus.com/images/default/LinksLogo.gif Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol HTTP/1.1 Server 80.86.184.242 Hanover, Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE), Reverse DNS www99.dmk-internet.com Software Apache / Resource Hash `9efff7c2923f28cfb0cce535b3a32811369e9c83302662188dcccd6773edd9a4` Request headers Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 10 Aug 2021 18:40:16 GMT Last-Modified Wed, 08 May 2013 17:03:52 GMT Server Apache ETag "3a78-4dc37eb124e00" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 14968
GET H2	200	us.png www.freihit.de/flagge/ Redirect Chain http://www.freihit.de/flagge/us.png https://www.freihit.de/flagge/us.png	252 B 321 B	47ms 18ms	Image image/png	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.freihit.de/flagge/us.png Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash `dbd7974039d12f97be6d5d14a0bdcbfc34d67d2bb15cc7098988eba624097c47` Request headers Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 18:40:15 GMT last-modified Mon, 13 Feb 2017 14:47:52 GMT server Apache accept-ranges bytes etag "fc-5486a882df600" content-length 252 content-type image/png Redirect headers Location https://www.freihit.de/flagge/us.png Date Tue, 10 Aug 2021 18:40:15 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET H2	200	ru.png www.freihit.de/flagge/ Redirect Chain http://www.freihit.de/flagge/ru.png https://www.freihit.de/flagge/ru.png	220 B 289 B	12ms 12ms	Image image/png	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.freihit.de/flagge/ru.png Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash `3011661b9260e29741981302123cfc6944e244f2898e4a81286447d7cc687347` Request headers Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 18:40:16 GMT last-modified Mon, 13 Feb 2017 14:47:50 GMT server Apache accept-ranges bytes etag "dc-5486a880f7180" content-length 220 content-type image/png Redirect headers Location https://www.freihit.de/flagge/ru.png Date Tue, 10 Aug 2021 18:40:16 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET H2	200	de.png www.freihit.de/flagge/ Redirect Chain http://www.freihit.de/flagge/de.png https://www.freihit.de/flagge/de.png	192 B 261 B	42ms 14ms	Image image/png	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.freihit.de/flagge/de.png Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash `1fe2becd0f9dc7311a867756a3bdb6983978507d4834e80a4c93f98a9a0db2b0` Request headers Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 18:40:15 GMT last-modified Mon, 13 Feb 2017 14:47:32 GMT server Apache accept-ranges bytes etag "c0-5486a86fcc900" content-length 192 content-type image/png Redirect headers Location https://www.freihit.de/flagge/de.png Date Tue, 10 Aug 2021 18:40:15 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET H2	200	fr.png www.freihit.de/flagge/ Redirect Chain http://www.freihit.de/flagge/fr.png https://www.freihit.de/flagge/fr.png	191 B 261 B	42ms 13ms	Image image/png	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.freihit.de/flagge/fr.png Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash `eebf8c4809be016071e5cff22053eadde49a1211b59d950ae4a40be677bf610d` Request headers Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 18:40:15 GMT last-modified Mon, 13 Feb 2017 14:47:34 GMT server Apache accept-ranges bytes etag "bf-5486a871b4d80" content-length 191 content-type image/png Redirect headers Location https://www.freihit.de/flagge/fr.png Date Tue, 10 Aug 2021 18:40:15 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET H2	200	pl.png www.freihit.de/flagge/ Redirect Chain http://www.freihit.de/flagge/pl.png https://www.freihit.de/flagge/pl.png	241 B 355 B	42ms 13ms	Image image/png	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.freihit.de/flagge/pl.png Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash `f884718680de9d3d49e4990241e2ee76ffde196bf278ebffa39a6ec4b95451c4` Request headers Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 18:40:15 GMT last-modified Mon, 13 Feb 2017 14:47:48 GMT server Apache accept-ranges bytes etag "f1-5486a87f0ed00" content-length 241 content-type image/png Redirect headers Location https://www.freihit.de/flagge/pl.png Date Tue, 10 Aug 2021 18:40:15 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET		getads.js cdn.chitika.net/	0 0

GET H/1.1	200 OK	15188-160600s1en.jpg clix.superclix.de/images/pp15188/	46 KB 47 KB	18ms 16ms	Image image/jpeg	81.209.248.3 LAMBDANET-AS Euro...
General Check archive.org Show headers Download Go to Show image Full URL http://clix.superclix.de/images/pp15188/15188-160600s1en.jpg Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol HTTP/1.1 Server 81.209.248.3 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE), Reverse DNS lb.dmk-internet.com Software Apache/2.4.38 (Debian) mod_fcgid/2.3.9 OpenSSL/1.1.1d / Resource Hash `f57e10accf41d6499d3a47eb04c3a46b87f7c940b7b15790d3ac50c3dcebde8e` Request headers Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 10 Aug 2021 18:40:16 GMT Last-Modified Mon, 17 Oct 2011 09:18:14 GMT Server Apache/2.4.38 (Debian) mod_fcgid/2.3.9 OpenSSL/1.1.1d ETag "b905-4af7b1621e180" P3P policyref="https://clix.superclix.de/w3c/p3p.xml", CP="" Connection Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=15, max=99 Content-Length 47365
GET H/1.1	200 OK	BlackShim.gif www.clixus.com/images/default/	43 B 310 B	32ms 25ms	Image image/gif	80.86.184.242 LAMBDANET-AS Euro...
General Check archive.org Show headers Download Go to Show image Full URL http://www.clixus.com/images/default/BlackShim.gif Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol HTTP/1.1 Server 80.86.184.242 Hanover, Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE), Reverse DNS www99.dmk-internet.com Software Apache / Resource Hash `e479452b21e337317c3bddd0efb43f866dd39faa55d924ee586db06ea8a991ba` Request headers Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 10 Aug 2021 18:40:16 GMT Last-Modified Wed, 08 May 2013 17:03:51 GMT Server Apache ETag "2b-4dc37eb030bc0" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 43
GET H2	500	counter2.php www.freihit.de/ Redirect Chain http://www.freihit.de/counter2.php?sc=superclix&sid=015818078 https://www.freihit.de/counter2.php?sc=superclix&sid=015818078	0 0	20ms 16ms	Script text/html	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Full URL https://www.freihit.de/counter2.php?sc=superclix&sid=015818078 Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash Request headers Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 18:40:16 GMT server Apache content-length 0 content-type text/html; charset=UTF-8 Redirect headers Location https://www.freihit.de/counter2.php?sc=superclix&sid=015818078 Date Tue, 10 Aug 2021 18:40:16 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 274 Content-Type text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.chitika.net
URL: http://cdn.chitika.net/getads.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4773.rebiraert.com
cdn.chitika.net
clever-redirect.com
clix.superclix.de
lookandfind.me
paramoujtplus.com
rtpnt.xyz
utkv6nyu.de
www.clixus.com
www.freihit.de
cdn.chitika.net
157.90.169.168
198.54.112.216
212.32.237.90
2606:4700:3036::ac43:872c
49.12.0.235
78.46.197.88
80.86.184.242
81.209.248.3
81.209.255.210
1fe2becd0f9dc7311a867756a3bdb6983978507d4834e80a4c93f98a9a0db2b0
3011661b9260e29741981302123cfc6944e244f2898e4a81286447d7cc687347
50faa9cbd201ccafb1bca856363b57f570da5398899ffe1eb6e09fe162caa22e
55b29c008999e240b26e017b00b2d00e8539e31d1cc35a5a5bdfba9bcdce8fa6
96d610dc0df9c7e8ef5005f244e1e8f66c6b506e1b6af2567e93c9d74ee5c666
9efff7c2923f28cfb0cce535b3a32811369e9c83302662188dcccd6773edd9a4
bf732b55d594d6cc8cfe9e343cb9fdbe2f43cb7d76a26fefbe69ef3b7cee97a0
c76550952c19127ab792532604f06ec79d2be61158c2b1babcfbc7053fcd5350
dbd7974039d12f97be6d5d14a0bdcbfc34d67d2bb15cc7098988eba624097c47
e479452b21e337317c3bddd0efb43f866dd39faa55d924ee586db06ea8a991ba
eebf8c4809be016071e5cff22053eadde49a1211b59d950ae4a40be677bf610d
f57e10accf41d6499d3a47eb04c3a46b87f7c940b7b15790d3ac50c3dcebde8e
f884718680de9d3d49e4990241e2ee76ffde196bf278ebffa39a6ec4b95451c4

www.clixus.com Open in urlscan Pro 80.86.184.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

50 %HTTPS

11 %IPv6

10 Domains

10 Subdomains

7 IPs

3 Countries

69 kBTransfer

82 kBSize

0 Cookies

7 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Indicators

www.clixus.com Open in urlscan Pro
80.86.184.242 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

50 %
HTTPS

11 %
IPv6

10
Domains

10
Subdomains

7
IPs

3
Countries

69 kB
Transfer

82 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions