bluefiretoline.com Open in urlscan Pro
172.67.164.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://portugiesenviertel-hamburg.de/
Effective URL:
https://bluefiretoline.com/?p=gjswkm3bha5gi3bpha3teoi&sub2=freli
Submission: On July 01 via api (July 1st 2024, 4:50:43 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 47 HTTP transactions. The main IP is 172.67.164.199, located in United States and belongs to CLOUDFLARENET, US. The main domain is bluefiretoline.com. The Cisco Umbrella rank of the primary domain is 810395.
TLS certificate: Issued by E1 on May 29th 2024. Valid for: 3 months.

This is the only time bluefiretoline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	2001:608:e00:... 2001:608:e00:72::40:0	5539 (SPACENET ...) (SPACENET SpaceNET AG)
2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
1	172.67.209.227 172.67.209.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	45.9.149.210 45.9.149.210	49447 (NICEIT) (NICEIT)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.152.194 172.67.152.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.164.199 172.67.164.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	10

33 2001:608:e00:72::40:0 (Germany) 1 redirects

ASN5539 (SPACENET SpaceNET AG, DE)

portugiesenviertel-hamburg.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.portugiesenviertel-hamburg.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.209.227 (United States)

ASN13335 (CLOUDFLARENET, US)

css.cdntoswitchspirit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

jquery.restartyourchoices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.9.149.210 (Amsterdam, Netherlands)

ASN49447 (NICEIT, DM)

cdn.rdntocdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rest1.rdntocdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rest2.rdntocdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

rate.specialtaskevents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.152.194 (United States)

ASN13335 (CLOUDFLARENET, US)

from.startfinishthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.164.199 (United States)

ASN13335 (CLOUDFLARENET, US)

bluefiretoline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	portugiesenviertel-hamburg.de 1 redirects portugiesenviertel-hamburg.de www.portugiesenviertel-hamburg.de	2 MB
3	rdntocdns.com cdn.rdntocdns.com — Cisco Umbrella Rank: 265338 rest1.rdntocdns.com — Cisco Umbrella Rank: 278199 rest2.rdntocdns.com — Cisco Umbrella Rank: 293675	18 KB
2	bluefiretoline.com bluefiretoline.com — Cisco Umbrella Rank: 810395	8 KB
2	startfinishthis.com from.startfinishthis.com — Cisco Umbrella Rank: 336606 Failed	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5	987 B
1	specialtaskevents.com rate.specialtaskevents.com — Cisco Umbrella Rank: 343334	4 KB
1	restartyourchoices.com jquery.restartyourchoices.com — Cisco Umbrella Rank: 804995	15 KB
1	gstatic.com www.gstatic.com	213 KB
1	cdntoswitchspirit.com css.cdntoswitchspirit.com — Cisco Umbrella Rank: 915963	14 KB
47	9

	Domain	Requested by
32	www.portugiesenviertel-hamburg.de	www.portugiesenviertel-hamburg.de
2	bluefiretoline.com
2	from.startfinishthis.com	rate.specialtaskevents.com
2	www.google.com	www.portugiesenviertel-hamburg.de www.gstatic.com
1	rate.specialtaskevents.com	rest2.rdntocdns.com
1	rest2.rdntocdns.com	rest1.rdntocdns.com
1	rest1.rdntocdns.com	www.portugiesenviertel-hamburg.de
1	cdn.rdntocdns.com	www.portugiesenviertel-hamburg.de
1	jquery.restartyourchoices.com	css.cdntoswitchspirit.com
1	www.gstatic.com	www.google.com
1	css.cdntoswitchspirit.com	www.portugiesenviertel-hamburg.de
1	portugiesenviertel-hamburg.de	1 redirects
47	12

This site contains no links.

Subject Issuer	Validity	Valid
*.portugiesenviertel-hamburg.de R11	`2024-06-08` - `2024-09-06`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cdntoswitchspirit.com WE1	`2024-06-27` - `2024-09-25`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
restartyourchoices.com WE1	`2024-06-30` - `2024-09-28`	3 months	crt.sh
cdn.rdntocdns.com R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh
rest1.rdntocdns.com R3	`2024-06-01` - `2024-08-30`	3 months	crt.sh
rest2.rdntocdns.com R3	`2024-06-01` - `2024-08-30`	3 months	crt.sh
specialtaskevents.com GTS CA 1P5	`2024-05-21` - `2024-08-19`	3 months	crt.sh
startfinishthis.com WE1	`2024-06-30` - `2024-09-28`	3 months	crt.sh
bluefiretoline.com E1	`2024-05-29` - `2024-08-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bluefiretoline.com/?p=gjswkm3bha5gi3bpha3teoi&sub2=freli
Frame ID: 1AA49EC1AE41C5A7E62A25B169193E48
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnw8aAAAAABoKwGSm5uCTSa9qwBnhpcNyMPiN&co=aHR0cHM6Ly93d3cucG9ydHVnaWVzZW52aWVydGVsLWhhbWJ1cmcuZGU6NDQz&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=91kmea8eoubu
Frame ID: C8301F40A12491F6CE276F096FCC9D4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser

Page URL History Show full URLs

https://portugiesenviertel-hamburg.de/ HTTP 301
https://www.portugiesenviertel-hamburg.de/ Page URL
https://from.startfinishthis.com/zj7Hd3 Page URL
https://from.startfinishthis.com/j77jns Page URL
https://bluefiretoline.com/?p=gjswkm3bha5gi3bpha3teoi&sub2=freli Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

47
Requests

96 %
HTTPS

22 %
IPv6

9
Domains

12
Subdomains

10
IPs

3
Countries

2084 kB
Transfer

2789 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://portugiesenviertel-hamburg.de/ HTTP 301
https://www.portugiesenviertel-hamburg.de/ Page URL
https://from.startfinishthis.com/zj7Hd3 Page URL
https://from.startfinishthis.com/j77jns Page URL
https://bluefiretoline.com/?p=gjswkm3bha5gi3bpha3teoi&sub2=freli Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://portugiesenviertel-hamburg.de/ HTTP 301
https://www.portugiesenviertel-hamburg.de/

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.portugiesenviertel-hamburg.de/
Redirect Chain

https://portugiesenviertel-hamburg.de/
https://www.portugiesenviertel-hamburg.de/

92 KB
19 KB

392ms
368ms

Document
text/html

2001:608:e00:72::40:0
SPACENET SpaceNET AG

General

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-21 02:03:24	Name: _GRECAPTCHA Value: 09AB5STrqxLCeZI3KWKMNmTwBNut5nMd5dnnqL0KSXPQwr55andfQ6Br2NsS3s-1HNFi8ZhnnxWUyfgiyt5gMNpqs
			.bluefiretoline.com/	1970-01-20 22:27:24	Name: uuid Value: 9d883659-5c60-423f-ad5f-241b2d46d339

bluefiretoline.com Open in urlscan Pro 172.67.164.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

22 %IPv6

9 Domains

12 Subdomains

10 IPs

3 Countries

2084 kBTransfer

2789 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bluefiretoline.com Open in urlscan Pro
172.67.164.199 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

22 %
IPv6

9
Domains

12
Subdomains

10
IPs

3
Countries

2084 kB
Transfer

2789 kB
Size

2
Cookies

47 HTTP transactions
0 data transactions