www.clixus.com Open in urlscan Pro
80.86.184.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://caplitalone.com/
Effective URL:
http://www.clixus.com/
Submission: On September 28 via api (September 28th 2021, 9:15:04 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 10 domains to perform 15 HTTP transactions. The main IP is 80.86.184.242, located in Hanover, Germany and belongs to LAMBDANET-AS European Backbone of AS13237, DE. The main domain is www.clixus.com.

This is the only time www.clixus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.15.13.134 209.15.13.134	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	209.15.13.136 209.15.13.136	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1 1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2606:4700:303... 2606:4700:3036::ac43:872c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	81.209.248.3 81.209.248.3	60380 (PIXELX-AS) (PIXELX-AS)
4	80.86.184.242 80.86.184.242	13237 (LAMBDANET...) (LAMBDANET-AS European Backbone of AS13237)
6 12	81.209.255.210 81.209.255.210	60380 (PIXELX-AS) (PIXELX-AS)
15	6

1 209.15.13.134 (Toronto, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)

caplitalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.15.13.136 (Toronto, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)

btpnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p274637.mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:872c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

utkv6nyu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.209.248.3 (Germany) 2 redirects

ASN60380 (PIXELX-AS, DE)
PTR: lb.dmk-internet.com

clix.superclix.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 80.86.184.242 (Hanover, Germany)

ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE)
PTR: www99.dmk-internet.com

www.clixus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 81.209.255.210 (Germany) 6 redirects

ASN60380 (PIXELX-AS, DE)

www.freihit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	freihit.de 6 redirects www.freihit.de	3 KB
4	clixus.com www.clixus.com	19 KB
3	superclix.de 2 redirects clix.superclix.de	47 KB
2	lookandfind.me lookandfind.me	985 B
2	mybetterdl.com 2 redirects mybetterdl.com p274637.mybetterdl.com	2 KB
2	btpnative.com 1 redirects btpnative.com	6 KB
1	utkv6nyu.de 1 redirects utkv6nyu.de	839 B
1	clever-redirect.com 1 redirects clever-redirect.com	230 B
1	caplitalone.com 1 redirects caplitalone.com	549 B
0	chitika.net Failed cdn.chitika.net Failed
15	10

	Domain	Requested by
12	www.freihit.de	6 redirects www.clixus.com
4	www.clixus.com	lookandfind.me www.clixus.com
3	clix.superclix.de	2 redirects www.clixus.com
2	lookandfind.me
2	btpnative.com	1 redirects
1	utkv6nyu.de	1 redirects
1	clever-redirect.com	1 redirects
1	p274637.mybetterdl.com	1 redirects
1	mybetterdl.com	1 redirects
1	caplitalone.com	1 redirects
0	cdn.chitika.net Failed	www.clixus.com
15	11

This site contains links to these domains. Also see Links.

Domain
www.suchhits.de
clix.superclix.de
www.dmk-internet.com
www.musichits.org
www.hackernetwork.de
www.errorhits.de
www.superclix.de

Subject Issuer	Validity	Valid
lookandfind.me R3	`2021-09-04` - `2021-12-03`	3 months	crt.sh
freihit.de R3	`2021-08-17` - `2021-11-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.clixus.com/
Frame ID: 4C2CD0F8DEB79E7186E3705B191867A0
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

www.clixUS.com - The International Web Catalogue and Search Engine

Page URL History Show full URLs

http://caplitalone.com/ HTTP 302
http://btpnative.com/click?data=SExjVTVCclJQWEh0Nk1KRk53cjVPd2tTd2xlOHdWSGRFOWdRSXhnWDlDQ1drUGZ3a... Page URL
http://btpnative.com/Redirect/ HTTP 302
https://mybetterdl.com/aS/feedclick?s=mC6s-PqgY78x37B7I8hqka3dDnCBF-q5GCJeMqQw6rk6xklmKOXj935XPU-DA... HTTP 302
https://p274637.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LqoFZagF2kf8amXfSMMjk7Q08Dj-CTZF5GioOmXVNKul... HTTP 302
https://clever-redirect.com/s/r6?s=r4a&s3=367235248 HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=verpackungsteam.de&s1=r4a&s... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=441bb941b2c35e52638510247... HTTP 302
http://clix.superclix.de/cgi-bin/clix.cgi?id=absahnen&pp=6083&type=s&subid=at107999_a105588_m12_p1347... HTTP 302
http://clix.superclix.de/cgi-bin/clixint.cgi?country=GB&kno=3412415 HTTP 302
http://www.clixus.com/ Page URL

Page Statistics

15
Requests

53 %
HTTPS

11 %
IPv6

10
Domains

11
Subdomains

6
IPs

3
Countries

71 kB
Transfer

87 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.suchhits.de/

Search URL Search Domain Scan URL

URL: http://clix.superclix.de/cgi-bin/clix.cgi?did=25585&linknr=78488

Search URL Search Domain Scan URL

URL: http://www.dmk-internet.com/
Title: DMK-Internet e.K.

Search URL Search Domain Scan URL

URL: http://www.musichits.org/
Title: MusicHits

Search URL Search Domain Scan URL

URL: http://www.hackernetwork.de/
Title: Free HackerTools

Search URL Search Domain Scan URL

URL: http://www.errorhits.de/
Title: Free Flash for Fun

Search URL Search Domain Scan URL

URL: http://www.superclix.de/
Title: Affiliate Marketing

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://caplitalone.com/ HTTP 302
http://btpnative.com/click?data=SExjVTVCclJQWEh0Nk1KRk53cjVPd2tTd2xlOHdWSGRFOWdRSXhnWDlDQ1drUGZ3a0xCQ0J4ZG5QZk5oUnlYYmJOTlI1NnQ4RkNBMjhidEFrNVF1aXFzZ21XUnhjSmVIbmN6THVuQ3hyWHZFS3d2TjMtdmhhT2ZoQS1KOG1OQnVCTjdZcjY4b29lMzRmU2R3eGJNZmlnMg2&id=04442113-77c4-4ab4-b718-d79976859096 Page URL
http://btpnative.com/Redirect/ HTTP 302
https://mybetterdl.com/aS/feedclick?s=mC6s-PqgY78x37B7I8hqka3dDnCBF-q5GCJeMqQw6rk6xklmKOXj935XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZSQyxrUVQiewo_2szb4ydphLvJ3coLAj2sLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwQ2ltZIIgdD4VlwAySc0jhgBBgDSi3-mBN8mzcRMBBL-undqOZJHWcNU_uDVsHbE6QP5b6PKDE3R5IP7ns1J0ZCIlnV2r0Yhb3VrvSelI33aBbz02XnSoLVlv52rVusBwO4rwYXGjS2StVlDXF5tMEAXIpHPO-3BCOaac67040RyguZRc7iOcoBPyUokabAiEvD22WYL9JFIKFV5x3Dk6j33RTTv5VOPnKRm3FvScu63zdHbcHkVXWecInCbxqXFG3vKc6GxmI87fejelSoRpXU2C5WesIdv0JfdK-X2HUr6nKxmdOShrVK0tIvqpuFnyXnuKCSxj9Qs3WmRdKEeGjlwgWD6tDu_E4e057nIl7NBWmyHWkAwkV264XDMmEgz9SHV7R_xg2Su2lpCI1LiVOmTKEK9h7CxjUA8N_VnusMwVBm-J_d1lSTMjL2D-dv7Gsf96ma2kLpcBYJf_JKpdeCkBAVTAoBC6ZcAh7f9r1u61Y2_JR417Q2MDzWZXf1QGlPnHsVZyFq8-wXdegC74K2komPkA-lUOQd3hOSUFE_SvyAnXktEuWVRSkgezhmgTagZDORZWp3-pF4ewGRQX6rQsySjUZLT0Nb9Gw64_czhMtrhr0yTtc4xLj0uQXg5ZqRlKo9TYZhknmnIHvO4Zxe8ybyyzXfEpd01uMcj3iz8IcSaqZ8BI6LNAIEZUFJmeu7Mpj2-K_2zK1oPC9YNZHBKNmqHg1dAodfy_0u1ej0tx8IkURGXeEGdYP5Br-lRqx475PLRxZRUqDQkmWzXsxOfCrFmEogyet3ZvJbIsKaWbtdXKCOFgWQaejSNLnTL6DYKrJS9XHXEGPEGq37J4bg4LCjlwX4TlBf9_B6Rm8MG3Q4F4soPQNskWNXz0eR0-vMjiM01wMvd6WwQBXBeYb_j7zYQYb1M4997xm6HOq0wrF9Z7jQPFMLMUyh-vUIEAX4ZfhrOYje6VlWHF3VSn2ILQIK5MepHist3cRpyY1LxLSLrthVBl3axUmCbgcu-NNxxMaEmfiAZPIsowe_6ePLc-8kw1XtDjVrpdxsBaq3VSu151L_YxJPBu1km6J9ZSF7N3o8YTjA1sYkttw0bIpvBzEae2NdmyNeZCciyU9RBZhC4yIedrE2sNYNXikIscWUB79xisFalSqmA8H0AgZHFpsrCMfi8UNkJSFwbgoRthdZKO2YUKgikdY3fAVAQVQUJvYq6E2n5xrGDx5NRvIJqTj5FE_HT1g208D32Uvl0epNaw9Awx68KXfCwgYzQgzuUU5Qf91-86h9v63MP5XktyCYbk9-L66_qlzXazR06e_jVZCZoRaqvmjNdJvrJdpk9oDxIkCft8HaU5uSor1HIfmnb-XKdOf64RzhFGisJ_Pryiaj7dhPylNcQ9lNg2thFSMgwu_-Ch031Jn81dTNnBPYjCw18TANwq2ESr3BYA2TImhBhyjwDoKEk12rVMc_Pulw4fNa3LK-hcf70YDg8KIAjW-FeHQCDCATVl12PlqPxPza5TbyHAW0QmndvOQp_zGI5RMVMflV6WB48sGRng9_yjz4z_UR_-4u3uWxRCr_iyw6ONhWo1RnaqUuZYDh2lT6DWatRI2llhBNQxkbboZl9eAkcV6IYO2-QL0M3tojOUYEf3bYfrAbj6jKgMg6PIfJwxm_9ZTU3CyOXcTxbf3jBOSsGQXM6Ikb5qQpgpFdxiWWSdnOhDoeSDl45XFBkTz1YXtWoMBrKWZLoIgCi4xJmL3yqPPRccPrMNiaPiN4zg8D6bb0aDSBSyt2-prtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJizYKweXujG9_Ams1LDbE4xpOazgjHFVXMzWdYHqmMAfywMiNXc1tPBh8FM1DolkmeDBEanPsRxxcTQtRPdux7U1T1CZWUCX4yGyWDkl85uKiI8MZMtHi2v37-fJM7zOJjONx3LVFhnyk-iH4-ghlFw3epIYMNcYs3sd27cPOx2gKeHxRP85ce_ym3PMbblisfsMFmROnY0sSjcuh0QzVBSokh2MQt3IQ6vExwgzEZnwN3qSGDDXGLNYx560WzupUjuWJZH-TS6lpb_vUK1ucLTlUDBdJiGW7vGwAxoSREIEIU-3VCEuLeElTk9EhpQyh4Yfp0w4-dnqlq2yjH4L6EcjjgxY6GRgHtvknZ_PfUwpO9IrvgAKoa-BmuuxBX4NJjuX-a-75XhYrAr1LJRJq4Vy_jfk4scpUVwublMdOtQ-XMGM_qqTAngEaU2DlDLvkySrEfi4DZ6WCMjoL8fF301UF_xK106lC4pmIAoP5hG6aTfxjer_5bh-0hqzv8THqbgpSA2zZzF2abvCgAkno-4vRaB5ut3CAqmwj-fW_I6i3XPxeokwn8RGcBEKsuakwvMdPuQiyfPp8bUMT7eHAxwzbzHw6QT94xN8fYQ0KRq7Q1a6SvGkRxHWskHBcxmpllfPpjwoAn8kCAZ4D5HgeCk0hy2aEWcNY90fOZsLCdg332nleRhvbO8wEmt6k9igBdLB4SVMgmeSjgFYxCfXGImzKjdrBkl39eOjDpd3ctVE84pDPhoChWl_pLn5KBzLIedbzfxUKQCZA0tSVl6xq8n1E7PxxR9qQMJhARiLbNgToi6RsIzoYOGXHzjzu7ql5MYtOd3usyWe7QdJGpuYLqSMvHCbPeGRg6Xs78gwqhYaEVT01ct715toeFBmuESTsYZg5p3OI-fo-pJF3mkcBtCnUrLwBsLfI3ZGQzTbUsYyIy2nhQEzqR87UtG_GtbiAZQ44Y-mpnt7UYJcFX-nWPG9AfpfudsXNiv1gANAYcQHNs2O1ZeW-4CqfvCaFp3P7fCSzLKgdXxOwE7T1Syzo1Pysse-9r1dn5RJ7kiENpnEv2ztL3t6oVubH1ea8meQsIS4TcF3tcJf7r5I__hRBdXVMWGI-xeYLBswpCpbuE_OnZLw4aW6W4sdirYyUNmjX9KiDLUPAxZZ6Se1gT8gCoR_VoQnFaKjpZsQIaSvrMI_l9J_McbxlxB_VoQnFaKjpZsQIaSvrMI8Imgr7ebuWSFOZNEWuvEG5QNLUlZesavJt51jBqPLKy4Vqyjqa4tGh4HJunKpK9iEe96tUtpKZcU3r7L7QwTcjZZJCxAdeOqU HTTP 302
https://p274637.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LqoFZagF2kf8amXfSMMjk7Q08Dj-CTZF5GioOmXVNKulVNjLlN6936TRYK8ejJitU94JLHnCbFIKjVwJ2AuHbWv8aI4WU5XGve_yKNMuAwyj90MrwVdeUqdSCKGYvLABhhF4iEcBHxfVJjKPk0uPxg_P2C-y6tYqjAwrboQ3eFuEdguLNYw3-IUYPbwW8hssrXwANDjkIaqtqITvh1QLeDdLu-ItJcb33y8O8h1mOgTNAcu8b2ET47d5GVlvDL-jPpg9vBbyGyytVpg9FaYdPWjiGK9VuQDYlB8em4RUDerV9XYNghMk9phD-V--Ry1-S4dzNolPyIVxiJt52MenVqKu_RTETHePw_sGeiwz5PO5RF_TDQxN8U9FchNB6HJHKaf38eX9cSNisbD1fBnVB8AYp4LcP2n_Pabu9OE4mpPAWc0_115PM2y-ZzBXl5BYPgdvertd9RYHEJWvyD1XzJKQYaaWiIRLX1LJpjhSLS-03_HrxpZzl7ek54YxYyTKGS2Jxyfk51HkVcGHqlrLm1YW3GKUq2r-UM6dU_3-DQtuDqcD3VFDJf-o_n_VMWxhu__uPPgLf4LbjBvFTBS0ScDE6J25LKoVMJR1IFkYyenPne5H_v3TCAjkJdfRLzNmeGhl6cG-tU5iaLuZIqj-vmeS0LzYEqQQn_O41bNYCEercT0P5BGEq5lL27vHQ1Zcc3Epw6ChknYzW1vcNBdd2DDLeBjLmy_SKQkapEgRI5DzYQ9s97gqrhy4pmIAoP5hG6Z_ex3H9vQYHLBwWwhy132yM84dIaeqIA_u9ZTR2WpkpkxtrvCsfMYBp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkeDZG8TCuTZ6lsLtTfRMmnZWOnWfME_aofphvpt4P5qoPr4nvPsKvQNOYwwqJPWDKypl30jDI5O0NPA4_gk2ReR8UvGJrbfmIzLbvX4qeIk7pQhu0iSwTGNuBQ_C4dzKYImYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9QW7KM5AvPg_gcm6cqkr2IR73q1S2kplxkT_Pb2H5jLlzKCZqf18sqA&ui=mC6s-PqgY78x37B7I8hqkVY37AsT2AewJVPZTaqyimdO9IrvgAKoa8ROz2mwcrca3ziSF1DH22PJWdBGxPUYSkD-mzX7JmIz-3JaqEm-Tc4OtXr9mw4TKQ&si=1&oref=b2dd2da797a9cbc6e367417d2d334291&optunit=juX-a-75XhbSKi5mMjRcVg&rb=ddaJhf53DcI&rr=1&abtg=0 HTTP 302
https://clever-redirect.com/s/r6?s=r4a&s3=367235248 HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=verpackungsteam.de&s1=r4a&s2=&s3=367235248 Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D441bb941b2c35e52638510247810fe43%26url%3Dhttps%253A%252F%252Fwww.verpackungsteam.de%252F&h=c653cd5e4274c479d36dc84975ede807 Page URL
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=441bb941b2c35e52638510247810fe43&url=https%3A%2F%2Fwww.verpackungsteam.de%2F HTTP 302
http://clix.superclix.de/cgi-bin/clix.cgi?id=absahnen&pp=6083&type=s&subid=at107999_a105588_m12_p134708_cDE_s441bb941b2c35e52638510247810fe43 HTTP 302
http://clix.superclix.de/cgi-bin/clixint.cgi?country=GB&kno=3412415 HTTP 302
http://www.clixus.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://caplitalone.com/ HTTP 302
http://btpnative.com/click?data=SExjVTVCclJQWEh0Nk1KRk53cjVPd2tTd2xlOHdWSGRFOWdRSXhnWDlDQ1drUGZ3a0xCQ0J4ZG5QZk5oUnlYYmJOTlI1NnQ4RkNBMjhidEFrNVF1aXFzZ21XUnhjSmVIbmN6THVuQ3hyWHZFS3d2TjMtdmhhT2ZoQS1KOG1OQnVCTjdZcjY4b29lMzRmU2R3eGJNZmlnMg2&id=04442113-77c4-4ab4-b718-d79976859096

Request Chain 1

http://btpnative.com/Redirect/ HTTP 302
https://mybetterdl.com/aS/feedclick?s=mC6s-PqgY78x37B7I8hqka3dDnCBF-q5GCJeMqQw6rk6xklmKOXj935XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZSQyxrUVQiewo_2szb4ydphLvJ3coLAj2sLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwQ2ltZIIgdD4VlwAySc0jhgBBgDSi3-mBN8mzcRMBBL-undqOZJHWcNU_uDVsHbE6QP5b6PKDE3R5IP7ns1J0ZCIlnV2r0Yhb3VrvSelI33aBbz02XnSoLVlv52rVusBwO4rwYXGjS2StVlDXF5tMEAXIpHPO-3BCOaac67040RyguZRc7iOcoBPyUokabAiEvD22WYL9JFIKFV5x3Dk6j33RTTv5VOPnKRm3FvScu63zdHbcHkVXWecInCbxqXFG3vKc6GxmI87fejelSoRpXU2C5WesIdv0JfdK-X2HUr6nKxmdOShrVK0tIvqpuFnyXnuKCSxj9Qs3WmRdKEeGjlwgWD6tDu_E4e057nIl7NBWmyHWkAwkV264XDMmEgz9SHV7R_xg2Su2lpCI1LiVOmTKEK9h7CxjUA8N_VnusMwVBm-J_d1lSTMjL2D-dv7Gsf96ma2kLpcBYJf_JKpdeCkBAVTAoBC6ZcAh7f9r1u61Y2_JR417Q2MDzWZXf1QGlPnHsVZyFq8-wXdegC74K2komPkA-lUOQd3hOSUFE_SvyAnXktEuWVRSkgezhmgTagZDORZWp3-pF4ewGRQX6rQsySjUZLT0Nb9Gw64_czhMtrhr0yTtc4xLj0uQXg5ZqRlKo9TYZhknmnIHvO4Zxe8ybyyzXfEpd01uMcj3iz8IcSaqZ8BI6LNAIEZUFJmeu7Mpj2-K_2zK1oPC9YNZHBKNmqHg1dAodfy_0u1ej0tx8IkURGXeEGdYP5Br-lRqx475PLRxZRUqDQkmWzXsxOfCrFmEogyet3ZvJbIsKaWbtdXKCOFgWQaejSNLnTL6DYKrJS9XHXEGPEGq37J4bg4LCjlwX4TlBf9_B6Rm8MG3Q4F4soPQNskWNXz0eR0-vMjiM01wMvd6WwQBXBeYb_j7zYQYb1M4997xm6HOq0wrF9Z7jQPFMLMUyh-vUIEAX4ZfhrOYje6VlWHF3VSn2ILQIK5MepHist3cRpyY1LxLSLrthVBl3axUmCbgcu-NNxxMaEmfiAZPIsowe_6ePLc-8kw1XtDjVrpdxsBaq3VSu151L_YxJPBu1km6J9ZSF7N3o8YTjA1sYkttw0bIpvBzEae2NdmyNeZCciyU9RBZhC4yIedrE2sNYNXikIscWUB79xisFalSqmA8H0AgZHFpsrCMfi8UNkJSFwbgoRthdZKO2YUKgikdY3fAVAQVQUJvYq6E2n5xrGDx5NRvIJqTj5FE_HT1g208D32Uvl0epNaw9Awx68KXfCwgYzQgzuUU5Qf91-86h9v63MP5XktyCYbk9-L66_qlzXazR06e_jVZCZoRaqvmjNdJvrJdpk9oDxIkCft8HaU5uSor1HIfmnb-XKdOf64RzhFGisJ_Pryiaj7dhPylNcQ9lNg2thFSMgwu_-Ch031Jn81dTNnBPYjCw18TANwq2ESr3BYA2TImhBhyjwDoKEk12rVMc_Pulw4fNa3LK-hcf70YDg8KIAjW-FeHQCDCATVl12PlqPxPza5TbyHAW0QmndvOQp_zGI5RMVMflV6WB48sGRng9_yjz4z_UR_-4u3uWxRCr_iyw6ONhWo1RnaqUuZYDh2lT6DWatRI2llhBNQxkbboZl9eAkcV6IYO2-QL0M3tojOUYEf3bYfrAbj6jKgMg6PIfJwxm_9ZTU3CyOXcTxbf3jBOSsGQXM6Ikb5qQpgpFdxiWWSdnOhDoeSDl45XFBkTz1YXtWoMBrKWZLoIgCi4xJmL3yqPPRccPrMNiaPiN4zg8D6bb0aDSBSyt2-prtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJizYKweXujG9_Ams1LDbE4xpOazgjHFVXMzWdYHqmMAfywMiNXc1tPBh8FM1DolkmeDBEanPsRxxcTQtRPdux7U1T1CZWUCX4yGyWDkl85uKiI8MZMtHi2v37-fJM7zOJjONx3LVFhnyk-iH4-ghlFw3epIYMNcYs3sd27cPOx2gKeHxRP85ce_ym3PMbblisfsMFmROnY0sSjcuh0QzVBSokh2MQt3IQ6vExwgzEZnwN3qSGDDXGLNYx560WzupUjuWJZH-TS6lpb_vUK1ucLTlUDBdJiGW7vGwAxoSREIEIU-3VCEuLeElTk9EhpQyh4Yfp0w4-dnqlq2yjH4L6EcjjgxY6GRgHtvknZ_PfUwpO9IrvgAKoa-BmuuxBX4NJjuX-a-75XhYrAr1LJRJq4Vy_jfk4scpUVwublMdOtQ-XMGM_qqTAngEaU2DlDLvkySrEfi4DZ6WCMjoL8fF301UF_xK106lC4pmIAoP5hG6aTfxjer_5bh-0hqzv8THqbgpSA2zZzF2abvCgAkno-4vRaB5ut3CAqmwj-fW_I6i3XPxeokwn8RGcBEKsuakwvMdPuQiyfPp8bUMT7eHAxwzbzHw6QT94xN8fYQ0KRq7Q1a6SvGkRxHWskHBcxmpllfPpjwoAn8kCAZ4D5HgeCk0hy2aEWcNY90fOZsLCdg332nleRhvbO8wEmt6k9igBdLB4SVMgmeSjgFYxCfXGImzKjdrBkl39eOjDpd3ctVE84pDPhoChWl_pLn5KBzLIedbzfxUKQCZA0tSVl6xq8n1E7PxxR9qQMJhARiLbNgToi6RsIzoYOGXHzjzu7ql5MYtOd3usyWe7QdJGpuYLqSMvHCbPeGRg6Xs78gwqhYaEVT01ct715toeFBmuESTsYZg5p3OI-fo-pJF3mkcBtCnUrLwBsLfI3ZGQzTbUsYyIy2nhQEzqR87UtG_GtbiAZQ44Y-mpnt7UYJcFX-nWPG9AfpfudsXNiv1gANAYcQHNs2O1ZeW-4CqfvCaFp3P7fCSzLKgdXxOwE7T1Syzo1Pysse-9r1dn5RJ7kiENpnEv2ztL3t6oVubH1ea8meQsIS4TcF3tcJf7r5I__hRBdXVMWGI-xeYLBswpCpbuE_OnZLw4aW6W4sdirYyUNmjX9KiDLUPAxZZ6Se1gT8gCoR_VoQnFaKjpZsQIaSvrMI_l9J_McbxlxB_VoQnFaKjpZsQIaSvrMI8Imgr7ebuWSFOZNEWuvEG5QNLUlZesavJt51jBqPLKy4Vqyjqa4tGh4HJunKpK9iEe96tUtpKZcU3r7L7QwTcjZZJCxAdeOqU HTTP 302
https://p274637.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LqoFZagF2kf8amXfSMMjk7Q08Dj-CTZF5GioOmXVNKulVNjLlN6936TRYK8ejJitU94JLHnCbFIKjVwJ2AuHbWv8aI4WU5XGve_yKNMuAwyj90MrwVdeUqdSCKGYvLABhhF4iEcBHxfVJjKPk0uPxg_P2C-y6tYqjAwrboQ3eFuEdguLNYw3-IUYPbwW8hssrXwANDjkIaqtqITvh1QLeDdLu-ItJcb33y8O8h1mOgTNAcu8b2ET47d5GVlvDL-jPpg9vBbyGyytVpg9FaYdPWjiGK9VuQDYlB8em4RUDerV9XYNghMk9phD-V--Ry1-S4dzNolPyIVxiJt52MenVqKu_RTETHePw_sGeiwz5PO5RF_TDQxN8U9FchNB6HJHKaf38eX9cSNisbD1fBnVB8AYp4LcP2n_Pabu9OE4mpPAWc0_115PM2y-ZzBXl5BYPgdvertd9RYHEJWvyD1XzJKQYaaWiIRLX1LJpjhSLS-03_HrxpZzl7ek54YxYyTKGS2Jxyfk51HkVcGHqlrLm1YW3GKUq2r-UM6dU_3-DQtuDqcD3VFDJf-o_n_VMWxhu__uPPgLf4LbjBvFTBS0ScDE6J25LKoVMJR1IFkYyenPne5H_v3TCAjkJdfRLzNmeGhl6cG-tU5iaLuZIqj-vmeS0LzYEqQQn_O41bNYCEercT0P5BGEq5lL27vHQ1Zcc3Epw6ChknYzW1vcNBdd2DDLeBjLmy_SKQkapEgRI5DzYQ9s97gqrhy4pmIAoP5hG6Z_ex3H9vQYHLBwWwhy132yM84dIaeqIA_u9ZTR2WpkpkxtrvCsfMYBp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkeDZG8TCuTZ6lsLtTfRMmnZWOnWfME_aofphvpt4P5qoPr4nvPsKvQNOYwwqJPWDKypl30jDI5O0NPA4_gk2ReR8UvGJrbfmIzLbvX4qeIk7pQhu0iSwTGNuBQ_C4dzKYImYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9QW7KM5AvPg_gcm6cqkr2IR73q1S2kplxkT_Pb2H5jLlzKCZqf18sqA&ui=mC6s-PqgY78x37B7I8hqkVY37AsT2AewJVPZTaqyimdO9IrvgAKoa8ROz2mwcrca3ziSF1DH22PJWdBGxPUYSkD-mzX7JmIz-3JaqEm-Tc4OtXr9mw4TKQ&si=1&oref=b2dd2da797a9cbc6e367417d2d334291&optunit=juX-a-75XhbSKi5mMjRcVg&rb=ddaJhf53DcI&rr=1&abtg=0 HTTP 302
https://clever-redirect.com/s/r6?s=r4a&s3=367235248 HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=verpackungsteam.de&s1=r4a&s2=&s3=367235248

Request Chain 5

http://www.freihit.de/flagge/us.png HTTP 301
https://www.freihit.de/flagge/us.png

Request Chain 6

http://www.freihit.de/flagge/ru.png HTTP 301
https://www.freihit.de/flagge/ru.png

Request Chain 7

http://www.freihit.de/flagge/de.png HTTP 301
https://www.freihit.de/flagge/de.png

Request Chain 8

http://www.freihit.de/flagge/fr.png HTTP 301
https://www.freihit.de/flagge/fr.png

Request Chain 9

http://www.freihit.de/flagge/pl.png HTTP 301
https://www.freihit.de/flagge/pl.png

Request Chain 13

http://www.freihit.de/counter2.php?sc=superclix&sid=015818078 HTTP 301
https://www.freihit.de/counter2.php?sc=superclix&sid=015818078

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set click Show response btpnative.com/ Redirect Chain http://caplitalone.com/ http://btpnative.com/click?data=SExjVTVCclJQWEh0Nk1KRk53cjVPd2tTd2xlOHdWSGRFOWdRSXhnWDlDQ1drUGZ3a0xCQ0J4ZG5QZk5oUnlYYmJOTlI1NnQ4RkNBMjhidEFrNVF1aXFzZ21XUnhjSmVIbmN6THVuQ3hyWHZFS3d2TjMtdmhhT2ZoQS1KO...	5 KB 3 KB	254ms 204ms	Document text/html	209.15.13.136 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL http://btpnative.com/click?data=SExjVTVCclJQWEh0Nk1KRk53cjVPd2tTd2xlOHdWSGRFOWdRSXhnWDlDQ1drUGZ3a0xCQ0J4ZG5QZk5oUnlYYmJOTlI1NnQ4RkNBMjhidEFrNVF1aXFzZ21XUnhjSmVIbmN6THVuQ3hyWHZFS3d2TjMtdmhhT2ZoQS1KOG1OQnVCTjdZcjY4b29lMzRmU2R3eGJNZmlnMg2&id=04442113-77c4-4ab4-b718-d79976859096 Protocol HTTP/1.1 Server 209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash `17a4ae41105b2d8815f9c9be42e6ebf89c717194a98be52db9ccecc1a7e9f6be` Request headers Host btpnative.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Cache-Control private Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/8.5 X-AspNetMvc-Version 5.2 X-AspNet-Version 4.0.30319 Set-Cookie lHGqLlqldTCoCLp=lHGqLlqldTCoCLp; path=/ X-Server web01 Access-Control-Allow-Origin * Access-Control-Allow-Headers Content-Type Date Tue, 28 Sep 2021 09:14:59 GMT Content-Length 2182 Redirect headers Cache-Control private Content-Type text/html; charset=utf-8 Location http://btpnative.com/click?data=SExjVTVCclJQWEh0Nk1KRk53cjVPd2tTd2xlOHdWSGRFOWdRSXhnWDlDQ1drUGZ3a0xCQ0J4ZG5QZk5oUnlYYmJOTlI1NnQ4RkNBMjhidEFrNVF1aXFzZ21XUnhjSmVIbmN6THVuQ3hyWHZFS3d2TjMtdmhhT2ZoQS1KOG1OQnVCTjdZcjY4b29lMzRmU2R3eGJNZmlnMg2&id=04442113-77c4-4ab4-b718-d79976859096 Server Microsoft-IIS/8.5 X-AspNetMvc-Version 5.2 X-AspNet-Version 4.0.30319 X-Server web02 Date Tue, 28 Sep 2021 09:14:58 GMT Connection close Content-Length 396
GET H2	200	a Show response lookandfind.me/s/ Redirect Chain http://btpnative.com/Redirect/ https://mybetterdl.com/aS/feedclick?s=mC6s-PqgY78x37B7I8hqka3dDnCBF-q5GCJeMqQw6rk6xklmKOXj935XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZSQyxrUVQiewo_2szb4ydphLvJ3coLAj2sLI_RalizEQmcVjFyxSKD9mNp-ZNGHh... https://p274637.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LqoFZagF2kf8amXfSMMjk7Q08Dj-CTZF5GioOmXVNKulVNjLlN6936TRYK8ejJitU94JLHnCbFIKjVwJ2AuHbWv8aI4WU5XGve_yKNMuAwyj90MrwVdeUqdSCKGYvLABhhF4iE... https://clever-redirect.com/s/r6?s=r4a&s3=367235248 https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=verpackungsteam.de&s1=r4a&s2=&s3=367235248	436 B 603 B	187ms 28ms	Document text/html	157.90.169.168 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=verpackungsteam.de&s1=r4a&s2=&s3=367235248 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.168.169.90.157.clients.your-server.de Software Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.19 / PHP/7.4.19 Resource Hash `e7460ae097809e57aeca18b122e4d4d3f2651fa111c3286de3c1b8dd342a34ea` Request headers :method GET :authority lookandfind.me :scheme https :path /s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=verpackungsteam.de&s1=r4a&s2=&s3=367235248 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 Origin http://btpnative.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 28 Sep 2021 09:15:00 GMT server Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.19 referrer-policy strict-origin-when-cross-origin x-powered-by PHP/7.4.19 content-length 436 content-type text/html; charset=UTF-8 Redirect headers date Tue, 28 Sep 2021 09:15:00 GMT server Apache/2.4.46 (codeit) OpenSSL/1.1.1i PHP/7.4.15 referrer-policy no-referrer x-powered-by PHP/7.4.15 location https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=verpackungsteam.de&s1=r4a&s2=&s3=367235248 content-length 0 content-type text/html; charset=UTF-8
GET H2	200	r lookandfind.me/s/	352 B 382 B	15ms 14ms	Document text/html	157.90.169.168 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D441bb941b2c35e52638510247810fe43%26url%3Dhttps%253A%252F%252Fwww.verpackungsteam.de%252F&h=c653cd5e4274c479d36dc84975ede807 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.168.169.90.157.clients.your-server.de Software Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.19 / PHP/7.4.19 Resource Hash Request headers :method GET :authority lookandfind.me :scheme https :path /s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D441bb941b2c35e52638510247810fe43%26url%3Dhttps%253A%252F%252Fwww.verpackungsteam.de%252F&h=c653cd5e4274c479d36dc84975ede807 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=verpackungsteam.de&s1=r4a&s2=&s3=367235248 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=verpackungsteam.de&s1=r4a&s2=&s3=367235248 Response headers date Tue, 28 Sep 2021 09:15:00 GMT server Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.19 referrer-policy strict-origin-when-cross-origin x-powered-by PHP/7.4.19 content-length 352 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	Primary Request / Show response www.clixus.com/ Redirect Chain https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=441bb941b2c35e52638510247810fe43&url=https%3A%2F%2Fwww.verpackungsteam.de%2F http://clix.superclix.de/cgi-bin/clix.cgi?id=absahnen&pp=6083&type=s&subid=at107999_a105588_m12_p134708_cDE_s441bb941b2c35e52638510247810fe43 http://clix.superclix.de/cgi-bin/clixint.cgi?country=GB&kno=3412415 http://www.clixus.com/	18 KB 3 KB	67ms 28ms	Document text/html	80.86.184.242 LAMBDANET-AS Euro...
General Check archive.org Show headers Download Go to Full URL http://www.clixus.com/ Requested by Host: lookandfind.me URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D441bb941b2c35e52638510247810fe43%26url%3Dhttps%253A%252F%252Fwww.verpackungsteam.de%252F&h=c653cd5e4274c479d36dc84975ede807 Protocol HTTP/1.1 Server 80.86.184.242 Hanover, Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE), Reverse DNS www99.dmk-internet.com Software Apache / PHP/5.3.29 Resource Hash `50faa9cbd201ccafb1bca856363b57f570da5398899ffe1eb6e09fe162caa22e` Request headers Host www.clixus.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D441bb941b2c35e52638510247810fe43%26url%3Dhttps%253A%252F%252Fwww.verpackungsteam.de%252F&h=c653cd5e4274c479d36dc84975ede807 Response headers Date Tue, 28 Sep 2021 09:15:01 GMT Server Apache X-Powered-By PHP/5.3.29 Vary Accept-Encoding Content-Encoding gzip Content-Length 3054 Keep-Alive timeout=2, max=100 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1 Redirect headers Date Tue, 28 Sep 2021 09:15:01 GMT Server Apache/2.4.38 (Debian) mod_fcgid/2.3.9 OpenSSL/1.1.1d Location http://www.clixus.com/ P3P policyref="https://clix.superclix.de/w3c/p3p.xml", CP="" Keep-Alive timeout=15, max=99 Connection Keep-Alive Transfer-Encoding chunked
GET H/1.1	200 OK	clixus.css www.clixus.com/	617 B 606 B	16ms 16ms	Stylesheet text/css	80.86.184.242 LAMBDANET-AS Euro...
General Check archive.org Show headers Download Go to Full URL http://www.clixus.com/clixus.css Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol HTTP/1.1 Server 80.86.184.242 Hanover, Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE), Reverse DNS www99.dmk-internet.com Software Apache / Resource Hash `c76550952c19127ab792532604f06ec79d2be61158c2b1babcfbc7053fcd5350` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.clixus.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,/;q=0.1 Referer http://www.clixus.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:15:01 GMT Content-Encoding gzip Last-Modified Wed, 08 May 2013 17:01:07 GMT Server Apache ETag "269-4dc37e13c9ac0-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 287
GET H/1.1	200 OK	LinksLogo.gif www.clixus.com/images/default/	15 KB 15 KB	33ms 28ms	Image image/gif	80.86.184.242 LAMBDANET-AS Euro...
General Check archive.org Show headers Download Go to Show image Full URL http://www.clixus.com/images/default/LinksLogo.gif Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol HTTP/1.1 Server 80.86.184.242 Hanover, Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE), Reverse DNS www99.dmk-internet.com Software Apache / Resource Hash `9efff7c2923f28cfb0cce535b3a32811369e9c83302662188dcccd6773edd9a4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.clixus.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://www.clixus.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:15:01 GMT Last-Modified Wed, 08 May 2013 17:03:52 GMT Server Apache ETag "3a78-4dc37eb124e00" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 14968
GET H2	200	us.png www.freihit.de/flagge/ Redirect Chain http://www.freihit.de/flagge/us.png https://www.freihit.de/flagge/us.png	252 B 366 B	52ms 16ms	Image image/png	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.freihit.de/flagge/us.png Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash `dbd7974039d12f97be6d5d14a0bdcbfc34d67d2bb15cc7098988eba624097c47` Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:15:00 GMT last-modified Mon, 13 Feb 2017 14:47:52 GMT server Apache accept-ranges bytes etag "fc-5486a882df600" content-length 252 content-type image/png Redirect headers Location https://www.freihit.de/flagge/us.png Date Tue, 28 Sep 2021 09:15:00 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET H2	200	ru.png www.freihit.de/flagge/ Redirect Chain http://www.freihit.de/flagge/ru.png https://www.freihit.de/flagge/ru.png	220 B 289 B	36ms 17ms	Image image/png	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.freihit.de/flagge/ru.png Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash `3011661b9260e29741981302123cfc6944e244f2898e4a81286447d7cc687347` Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:15:00 GMT last-modified Mon, 13 Feb 2017 14:47:50 GMT server Apache accept-ranges bytes etag "dc-5486a880f7180" content-length 220 content-type image/png Redirect headers Location https://www.freihit.de/flagge/ru.png Date Tue, 28 Sep 2021 09:15:00 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET H2	200	de.png www.freihit.de/flagge/ Redirect Chain http://www.freihit.de/flagge/de.png https://www.freihit.de/flagge/de.png	192 B 261 B	53ms 17ms	Image image/png	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.freihit.de/flagge/de.png Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash `1fe2becd0f9dc7311a867756a3bdb6983978507d4834e80a4c93f98a9a0db2b0` Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:15:00 GMT last-modified Mon, 13 Feb 2017 14:47:32 GMT server Apache accept-ranges bytes etag "c0-5486a86fcc900" content-length 192 content-type image/png Redirect headers Location https://www.freihit.de/flagge/de.png Date Tue, 28 Sep 2021 09:15:00 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET H2	200	fr.png www.freihit.de/flagge/ Redirect Chain http://www.freihit.de/flagge/fr.png https://www.freihit.de/flagge/fr.png	191 B 261 B	53ms 16ms	Image image/png	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.freihit.de/flagge/fr.png Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash `eebf8c4809be016071e5cff22053eadde49a1211b59d950ae4a40be677bf610d` Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:15:00 GMT last-modified Mon, 13 Feb 2017 14:47:34 GMT server Apache accept-ranges bytes etag "bf-5486a871b4d80" content-length 191 content-type image/png Redirect headers Location https://www.freihit.de/flagge/fr.png Date Tue, 28 Sep 2021 09:15:00 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET H2	200	pl.png www.freihit.de/flagge/ Redirect Chain http://www.freihit.de/flagge/pl.png https://www.freihit.de/flagge/pl.png	241 B 310 B	53ms 16ms	Image image/png	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.freihit.de/flagge/pl.png Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash `f884718680de9d3d49e4990241e2ee76ffde196bf278ebffa39a6ec4b95451c4` Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:15:00 GMT last-modified Mon, 13 Feb 2017 14:47:48 GMT server Apache accept-ranges bytes etag "f1-5486a87f0ed00" content-length 241 content-type image/png Redirect headers Location https://www.freihit.de/flagge/pl.png Date Tue, 28 Sep 2021 09:15:00 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 244 Content-Type text/html; charset=iso-8859-1
GET		getads.js cdn.chitika.net/	0 0

GET H/1.1	200 OK	15188-160600s1en.jpg clix.superclix.de/images/pp15188/	46 KB 47 KB	13ms 12ms	Image image/jpeg	81.209.248.3 PIXELX-AS
General Check archive.org Show headers Download Go to Show image Full URL http://clix.superclix.de/images/pp15188/15188-160600s1en.jpg Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol HTTP/1.1 Server 81.209.248.3 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS lb.dmk-internet.com Software Apache/2.4.38 (Debian) mod_fcgid/2.3.9 OpenSSL/1.1.1d / Resource Hash `f57e10accf41d6499d3a47eb04c3a46b87f7c940b7b15790d3ac50c3dcebde8e` Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:15:01 GMT Last-Modified Mon, 17 Oct 2011 09:18:14 GMT Server Apache/2.4.38 (Debian) mod_fcgid/2.3.9 OpenSSL/1.1.1d ETag "b905-4af7b1621e180" P3P policyref="https://clix.superclix.de/w3c/p3p.xml", CP="" Connection Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=15, max=98 Content-Length 47365
GET H/1.1	200 OK	BlackShim.gif www.clixus.com/images/default/	43 B 310 B	33ms 27ms	Image image/gif	80.86.184.242 LAMBDANET-AS Euro...
General Check archive.org Show headers Download Go to Show image Full URL http://www.clixus.com/images/default/BlackShim.gif Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol HTTP/1.1 Server 80.86.184.242 Hanover, Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE), Reverse DNS www99.dmk-internet.com Software Apache / Resource Hash `e479452b21e337317c3bddd0efb43f866dd39faa55d924ee586db06ea8a991ba` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.clixus.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://www.clixus.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:15:01 GMT Last-Modified Wed, 08 May 2013 17:03:51 GMT Server Apache ETag "2b-4dc37eb030bc0" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 43
GET H2	500	counter2.php www.freihit.de/ Redirect Chain http://www.freihit.de/counter2.php?sc=superclix&sid=015818078 https://www.freihit.de/counter2.php?sc=superclix&sid=015818078	0 0	63ms 26ms	Script text/html	81.209.255.210 PIXELX-AS
General Check archive.org Show headers Download Go to Full URL https://www.freihit.de/counter2.php?sc=superclix&sid=015818078 Requested by Host: www.clixus.com URL: http://www.clixus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 81.209.255.210 , Germany, ASN60380 (PIXELX-AS, DE), Reverse DNS Software Apache / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.clixus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:15:00 GMT server Apache content-length 0 content-type text/html; charset=UTF-8 Redirect headers Location https://www.freihit.de/counter2.php?sc=superclix&sid=015818078 Date Tue, 28 Sep 2021 09:15:00 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=500 Content-Length 274 Content-Type text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.chitika.net
URL: http://cdn.chitika.net/getads.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| CHITIKA

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
btpnative.com/	1969-12-31 23:59:59	Name: lHGqLlqldTCoCLp Value: lHGqLlqldTCoCLp
.mybetterdl.com/	1970-01-20 01:52:52	Name: rhid Value: 79740783474
.mybetterdl.com/	1970-01-19 21:33:44	Name: loi Value: ad_1116926_off_562330_aff_15952_cid_274637-CAPLITALONE.COM_ts_1632820500
utkv6nyu.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: veii6pqjg26tmbc3o6romfh9d3
clix.superclix.de/	1970-01-20 00:26:28	Name: 973 Value: 9_3412415

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://cdn.chitika.net/getads.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.freihit.de/counter2.php?sc=superclix&sid=015818078 Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

btpnative.com
caplitalone.com
cdn.chitika.net
clever-redirect.com
clix.superclix.de
lookandfind.me
mybetterdl.com
p274637.mybetterdl.com
utkv6nyu.de
www.clixus.com
www.freihit.de
cdn.chitika.net
157.90.169.168
173.192.101.24
209.15.13.134
209.15.13.136
2606:4700:3036::ac43:872c
78.46.197.88
80.86.184.242
81.209.248.3
81.209.255.210
17a4ae41105b2d8815f9c9be42e6ebf89c717194a98be52db9ccecc1a7e9f6be
1fe2becd0f9dc7311a867756a3bdb6983978507d4834e80a4c93f98a9a0db2b0
3011661b9260e29741981302123cfc6944e244f2898e4a81286447d7cc687347
50faa9cbd201ccafb1bca856363b57f570da5398899ffe1eb6e09fe162caa22e
9efff7c2923f28cfb0cce535b3a32811369e9c83302662188dcccd6773edd9a4
c76550952c19127ab792532604f06ec79d2be61158c2b1babcfbc7053fcd5350
dbd7974039d12f97be6d5d14a0bdcbfc34d67d2bb15cc7098988eba624097c47
e479452b21e337317c3bddd0efb43f866dd39faa55d924ee586db06ea8a991ba
e7460ae097809e57aeca18b122e4d4d3f2651fa111c3286de3c1b8dd342a34ea
eebf8c4809be016071e5cff22053eadde49a1211b59d950ae4a40be677bf610d
f57e10accf41d6499d3a47eb04c3a46b87f7c940b7b15790d3ac50c3dcebde8e
f884718680de9d3d49e4990241e2ee76ffde196bf278ebffa39a6ec4b95451c4

www.clixus.com Open in urlscan Pro 80.86.184.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

53 %HTTPS

11 %IPv6

10 Domains

11 Subdomains

6 IPs

3 Countries

71 kBTransfer

87 kBSize

5 Cookies

7 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

5 Cookies

2 Console Messages

Indicators

www.clixus.com Open in urlscan Pro
80.86.184.242 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

53 %
HTTPS

11 %
IPv6

10
Domains

11
Subdomains

6
IPs

3
Countries

71 kB
Transfer

87 kB
Size

5
Cookies

15 HTTP transactions
0 data transactions