urlscan.io logo urlscan.io
SecurityTrails logo

bluepoolmc1.club Open in urlscan Pro
208.167.239.170  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://brend.specialadves.com/location.php?spec=2&p=578&get=348
Effective URL: https://bluepoolmc1.club/b/0amvo/mcafee/8105/?isp=Nexeon%20Technologies&ip=96.9.246.195&city=Buffalo&browser=Chrome&os=Wi...
Submission: On April 12 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 8 HTTP transactions. The main IP is 208.167.239.170, located in United States and belongs to AS-CHOOPA, US. The main domain is bluepoolmc1.club.
TLS certificate: Issued by R3 on April 12th 2022. Valid for: 3 months.
This is the only time bluepoolmc1.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 111.90.143.157 45839 (SHINJIRU-...)
1 3 188.166.68.96 14061 (DIGITALOC...)
1 2 94.130.51.235 24940 (HETZNER-AS)
1 208.167.239.170 20473 (AS-CHOOPA)
8 5
2    111.90.143.157 (Kuala Lumpur, Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la
brend.specialadves.com
3    188.166.68.96 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
clarifyspotify.online
0.clarifyspotify.online
2    94.130.51.235 (Heilbronn, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.51.130.94.clients.your-server.de
twotrk.com
1    208.167.239.170 (United States)

ASN20473 (AS-CHOOPA, US)
PTR: 208.167.239.170.vultrusercontent.com
bluepoolmc1.club
Apex Domain
Subdomains		 Transfer
3 clarifyspotify.online
clarifyspotify.online — Cisco Umbrella Rank: 862968 Failed
0.clarifyspotify.online
103 KB
2 twotrk.com
twotrk.com
672 B
2 specialadves.com
brend.specialadves.com — Cisco Umbrella Rank: 378602
854 B
1 bluepoolmc1.club
bluepoolmc1.club
65 KB
8 4
Domain Requested by
2 twotrk.com 1 redirects bluepoolmc1.club
2 0.clarifyspotify.online 1 redirects brend.specialadves.com
2 brend.specialadves.com 1 redirects
1 bluepoolmc1.club brend.specialadves.com
1 clarifyspotify.online brend.specialadves.com
8 5

This site contains no links.

Subject Issuer Validity Valid
brend.specialadves.com
R3		 2022-03-19 -
2022-06-17		 3 months crt.sh
0.di09.biz
R3		 2022-04-03 -
2022-07-02		 3 months crt.sh
bluepooln1.club
R3		 2022-04-12 -
2022-07-11		 3 months crt.sh
twotrk.com
R3		 2022-02-12 -
2022-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bluepoolmc1.club/b/0amvo/mcafee/8105/?isp=Nexeon%20Technologies&ip=96.9.246.195&city=Buffalo&browser=Chrome&os=Windows&trk=WkVoa2RtUklTbkpNYlU1MllsRTlQUT09&tsid=11&lpkey=1692498e803050cb88&t1=feed14986&t2=bf7e9aaf&uclick=h9xigmqq6o&uclickhash=h9xigmqq6o-h9xigmqq6o-7va3-0-qd-lpj2-17a6-09bff6
Frame ID: 8B8A7811B09AFC2703871AE497DDA16C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

McAffee Antivirus Protection

Page URL History Show full URLs

  1. https://brend.specialadves.com/location.php?spec=2&p=578&get=348 HTTP 302
    https://brend.specialadves.com/big.php?id=098&sid=1663&pid=77432 Page URL
  2. https://clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=zond43 Page URL
  3. https://0.clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=zond43 Page URL
  4. https://0.clarifyspotify.online/?auf=ge4dkytggy5diojygyxtmojwgmxtemzpge3diojyga2doobx&s=1&sub1=clarkeone&sub... HTTP 302
    https://twotrk.com/c.php?k=263eshf5k953r4wfj9bi&price=0.0095&feed=feed14986&hash=bf7e9aaf&creat... HTTP 302
    https://bluepoolmc1.club/b/0amvo/mcafee/8105/?isp=Nexeon%20Technologies&ip=96.9.246.195&city=Buffalo&... Page URL

Page Statistics

8
Requests

63 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

4
Countries

169 kB
Transfer

294 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://brend.specialadves.com/location.php?spec=2&p=578&get=348 HTTP 302
    https://brend.specialadves.com/big.php?id=098&sid=1663&pid=77432 Page URL
  2. https://clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=zond43 Page URL
  3. https://0.clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=zond43 Page URL
  4. https://0.clarifyspotify.online/?auf=ge4dkytggy5diojygyxtmojwgmxtemzpge3diojyga2doobx&s=1&sub1=clarkeone&sub2=zond43&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
    https://twotrk.com/c.php?k=263eshf5k953r4wfj9bi&price=0.0095&feed=feed14986&hash=bf7e9aaf&creative=0&platform=Windows&browser=Chrome&subday=0 HTTP 302
    https://bluepoolmc1.club/b/0amvo/mcafee/8105/?isp=Nexeon%20Technologies&ip=96.9.246.195&city=Buffalo&browser=Chrome&os=Windows&trk=WkVoa2RtUklTbkpNYlU1MllsRTlQUT09&tsid=11&lpkey=1692498e803050cb88&t1=feed14986&t2=bf7e9aaf&uclick=h9xigmqq6o&uclickhash=h9xigmqq6o-h9xigmqq6o-7va3-0-qd-lpj2-17a6-09bff6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://brend.specialadves.com/location.php?spec=2&p=578&get=348 HTTP 302
  • https://brend.specialadves.com/big.php?id=098&sid=1663&pid=77432

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
big.php
brend.specialadves.com/
Redirect Chain
  • https://brend.specialadves.com/location.php?spec=2&p=578&get=348
  • https://brend.specialadves.com/big.php?id=098&sid=1663&pid=77432
874 B
621 B 		Document
General
Check archive.org
Download Go to
Full URL
https://brend.specialadves.com/big.php?id=098&sid=1663&pid=77432
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
418
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Apr 2022 07:06:32 GMT
Server
nginx
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Apr 2022 07:06:32 GMT
Location
https://brend.specialadves.com/big.php?id=098&sid=1663&pid=77432
Server
nginx
/
clarifyspotify.online/ 		0
0
/
clarifyspotify.online/ 		50 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=zond43
Requested by
Host: brend.specialadves.com
URL: https://brend.specialadves.com/big.php?id=098&sid=1663&pid=77432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
61f17d3eb755f2ed2588d9407b0b5ad02650714884a074ae804caf6af0098cea
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://brend.specialadves.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 12 Apr 2022 23:06:27 GMT
server
nginx
strict-transport-security
max-age=31536000
w56899721.js
clarifyspotify.online/ 		0
0
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
/
0.clarifyspotify.online/ 		52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=zond43
Requested by
Host: brend.specialadves.com
URL: https://brend.specialadves.com/big.php?id=098&sid=1663&pid=77432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a47d384fe78820dc84548c21e6ed2cb973cd744fd2f550c23afd6a4ea867b2ba
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://clarifyspotify.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 12 Apr 2022 23:06:27 GMT
server
nginx
strict-transport-security
max-age=31536000
w56899721.js
0.clarifyspotify.online/ 		0
0
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
Primary Request /
bluepoolmc1.club/b/0amvo/mcafee/8105/
Redirect Chain
  • https://0.clarifyspotify.online/?auf=ge4dkytggy5diojygyxtmojwgmxtemzpge3diojyga2doobx&s=1&sub1=clarkeone&sub2=zond43&sub3=&sub4=&cpc=0&cpm=0
  • https://twotrk.com/c.php?k=263eshf5k953r4wfj9bi&price=0.0095&feed=feed14986&hash=bf7e9aaf&creative=0&platform=Windows&browser=Chrome&subday=0
  • https://bluepoolmc1.club/b/0amvo/mcafee/8105/?isp=Nexeon%20Technologies&ip=96.9.246.195&city=Buffalo&browser=Chrome&os=Windows&trk=WkVoa2RtUklTbkpNYlU1MllsRTlQUT09&tsid=11&lpkey=1692498e803050cb88&...
96 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bluepoolmc1.club/b/0amvo/mcafee/8105/?isp=Nexeon%20Technologies&ip=96.9.246.195&city=Buffalo&browser=Chrome&os=Windows&trk=WkVoa2RtUklTbkpNYlU1MllsRTlQUT09&tsid=11&lpkey=1692498e803050cb88&t1=feed14986&t2=bf7e9aaf&uclick=h9xigmqq6o&uclickhash=h9xigmqq6o-h9xigmqq6o-7va3-0-qd-lpj2-17a6-09bff6
Requested by
Host: brend.specialadves.com
URL: https://brend.specialadves.com/big.php?id=098&sid=1663&pid=77432
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.167.239.170 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
208.167.239.170.vultrusercontent.com
Software
nginx /
Resource Hash
ca8eaa4b9f41a6d7c163c06b05015af91dd37242f4ea6deb7bf4835c03aa9f87

Request headers

Referer
https://0.clarifyspotify.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 12 Apr 2022 23:06:28 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 12 Apr 2022 23:06:28 GMT
location
https://bluepoolmc1.club/b/0amvo/mcafee/8105/?isp=Nexeon%20Technologies&ip=96.9.246.195&city=Buffalo&browser=Chrome&os=Windows&trk=WkVoa2RtUklTbkpNYlU1MllsRTlQUT09&tsid=11&lpkey=1692498e803050cb88&t1=feed14986&t2=bf7e9aaf&uclick=h9xigmqq6o&uclickhash=h9xigmqq6o-h9xigmqq6o-7va3-0-qd-lpj2-17a6-09bff6
server
nginx/1.18.0
strict-transport-security
max-age=31536000
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f886e13eb396ef6bf80acadaf60dc71e19fb5ed1fd522a2c14089d1319aca5c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		44 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fa6a3464d31d9953df8819e47a7774d3736fb7c7b9fc59440286d49f1b65510

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
c.php
twotrk.com/ 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twotrk.com/c.php?event9=1
Requested by
Host: bluepoolmc1.club
URL: https://bluepoolmc1.club/b/0amvo/mcafee/8105/?isp=Nexeon%20Technologies&ip=96.9.246.195&city=Buffalo&browser=Chrome&os=Windows&trk=WkVoa2RtUklTbkpNYlU1MllsRTlQUT09&tsid=11&lpkey=1692498e803050cb88&t1=feed14986&t2=bf7e9aaf&uclick=h9xigmqq6o&uclickhash=h9xigmqq6o-h9xigmqq6o-7va3-0-qd-lpj2-17a6-09bff6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
94.130.51.235 Heilbronn, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.51.130.94.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx/1.18.0
date
Tue, 12 Apr 2022 23:06:28 GMT
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
clarifyspotify.online
URL
https://clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=zond43
Domain
clarifyspotify.online
URL
https://clarifyspotify.online/w56899721.js
Domain
0.clarifyspotify.online
URL
https://0.clarifyspotify.online/w56899721.js

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _0x1806 function| _0x45b8 function| _0x4f8950 number| sec number| min function| countDown function| expDate function| getURLParameter string| hjck function| hijack function| getOS string| btst object| o object| s string| time

6 Cookies

Domain/Path Name / Value
.clarifyspotify.online/ Name: uuid
Value: fd984526-2e67-473d-96ad-3c4c8529566e
.0.clarifyspotify.online/ Name: uuid
Value: fd984526-2e67-473d-96ad-3c4c8529566e
0.clarifyspotify.online/ Name: uuid
Value: fd984526-2e67-473d-96ad-3c4c8529566e
.0.clarifyspotify.online/ Name: ccid
Value: %5B21775%5D
twotrk.com/ Name: uclick
Value: h9xigmqq6o
twotrk.com/ Name: uclickhash
Value: h9xigmqq6o-h9xigmqq6o-7va3-0-qd-lpj2-17a6-09bff6