card-forms.ru Open in urlscan Pro
172.67.176.66 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://card-forms.ru/
Submission: On June 13 via api (June 13th 2024, 4:25:41 pm UTC) from US — Scanned from DE

Summary HTTP 101 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 13 domains to perform 101 HTTP transactions. The main IP is 172.67.176.66, located in United States and belongs to CLOUDFLARENET, US. The main domain is card-forms.ru.
TLS certificate: Issued by E6 on June 12th 2024. Valid for: 3 months.

This is the only time card-forms.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	172.67.176.66 172.67.176.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1178:1:4... 2a00:1178:1:4b::12	35415 (WEBZILLA) (WEBZILLA)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 32	94.242.247.20 94.242.247.20	7979 (SERVERS-COM) (SERVERS-COM)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
11	172.67.162.121 172.67.162.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.162.9.153 185.162.9.153	207728 (EUROHOSTER) (EUROHOSTER)
5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.235.145 104.21.235.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:b48:8301::1 2a02:b48:8301::1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	212.117.190.217 212.117.190.217	7979 (SERVERS-COM) (SERVERS-COM)
8	172.67.214.86 172.67.214.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	94.242.247.29 94.242.247.29	7979 (SERVERS-COM) (SERVERS-COM)
101	13

28 172.67.176.66 (United States)

ASN13335 (CLOUDFLARENET, US)

card-forms.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1178:1:4b::12 (Netherlands)

ASN35415 (WEBZILLA, NL)

defensive-living.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 94.242.247.20 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

endowmentoverhangutmost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.162.121 (United States)

ASN13335 (CLOUDFLARENET, US)

m.porno-zadrochi.best	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.162.9.153 (Naaldwijk, Netherlands)

ASN207728 (EUROHOSTER, BG)
PTR: srv24059.hosted-by-eurohoster.org

2porno.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

drochila.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.235.145 (None, )

ASN13335 (CLOUDFLARENET, US)

tytporno.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b48:8301::1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.virtuousescape.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.117.190.217 (Luxembourg, Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

coosync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.214.86 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bncloudfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.242.247.29 (Luxembourg)

ASN7979 (SERVERS-COM, US)

holahupa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	endowmentoverhangutmost.com 1 redirects endowmentoverhangutmost.com — Cisco Umbrella Rank: 24406	398 KB
28	card-forms.ru card-forms.ru	389 KB
11	porno-zadrochi.best m.porno-zadrochi.best — Cisco Umbrella Rank: 883524	803 KB
8	bncloudfl.com cdn.bncloudfl.com — Cisco Umbrella Rank: 16568	128 KB
5	drochila.online drochila.online — Cisco Umbrella Rank: 996661	183 KB
5	2porno.online 2porno.online	223 KB
3	holahupa.com holahupa.com — Cisco Umbrella Rank: 28449	46 KB
3	gstatic.com fonts.gstatic.com	42 KB
2	virtuousescape.pro www.virtuousescape.pro — Cisco Umbrella Rank: 169132	31 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11755	1 KB
2	defensive-living.com defensive-living.com — Cisco Umbrella Rank: 862966	14 KB
1	coosync.com 1 redirects coosync.com — Cisco Umbrella Rank: 28177	508 B
1	tytporno.online tytporno.online	40 KB
101	13

	Domain	Requested by
32	endowmentoverhangutmost.com	1 redirects card-forms.ru endowmentoverhangutmost.com
28	card-forms.ru	card-forms.ru
11	m.porno-zadrochi.best	card-forms.ru
8	cdn.bncloudfl.com	card-forms.ru endowmentoverhangutmost.com
5	drochila.online	card-forms.ru
5	2porno.online	card-forms.ru
3	holahupa.com	endowmentoverhangutmost.com holahupa.com
3	fonts.gstatic.com	card-forms.ru
2	www.virtuousescape.pro	defensive-living.com
2	counter.yadro.ru	1 redirects card-forms.ru
2	defensive-living.com	card-forms.ru defensive-living.com
1	coosync.com	1 redirects
1	tytporno.online	card-forms.ru
101	13

This site contains links to these domains. Also see Links.

Domain
clips-4-sale.com
filth-flix.com
love-her-films.com
teens-love-huge-cocks.com
little-caprice-dreams.com
jenny-movies.com
hentai-hand.com
blacked-com.top
blacked-com.stream
blacked-com.vip

Subject Issuer	Validity	Valid
card-forms.ru E6	`2024-06-12` - `2024-09-10`	3 months	crt.sh
defensive-living.com R3	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
Buypass Class 2 CA 5	`2024-05-17` - `2024-11-12`	6 months	crt.sh
porno-zadrochi.best GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
2porno.online R3	`2024-04-14` - `2024-07-13`	3 months	crt.sh
drochila.online E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
tytporno.online GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
www.virtuousescape.pro R10	`2024-06-10` - `2024-09-08`	3 months	crt.sh
cdn.bncloudfl.com GTS CA 1P5	`2024-04-28` - `2024-07-27`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://card-forms.ru/
Frame ID: 7A3BB30161452B2CC1295E28E19F23FB
Requests: 79 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/third.html
Frame ID: 1894047D075AE703A54FB760C63FDC08
Requests: 1 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/third.html
Frame ID: CECCDB494F7E01D436CB78FEE09657ED
Requests: 1 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/sn/ps/2007093?freq=0&im=1&puid=0&so=1&wcks=1
Frame ID: AA86C6A58E44213F30E4E86D6FFBB80B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: DC77047EC81AF8328F6202552E87D09A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: F2F0093640497D47479D99BFCA4DD923
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: 87C45F7DADE7F980B22F7B7BCCC8B80E
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: 1000FFD2408579A0E21449AEF549284F
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: 95244A84C9ED52B5D228B849D7305219
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: BD554476C60CBE1C2B61CE0D8F8D6531
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: 1B379BF59F890082DEE333E8D99AFEA1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: 0EB764A231017691A884081B0C70321B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

101
Requests

98 %
HTTPS

23 %
IPv6

13
Domains

13
Subdomains

13
IPs

6
Countries

2297 kB
Transfer

4438 kB
Size

18
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://clips-4-sale.com/clips-4-sale-com/porno-video/card%20forms%20ru
Title: clips4sale

Search URL Search Domain Scan URL

URL: https://filth-flix.com/filth-flix-com/porno-video/card%20forms%20ru
Title: filthflix

Search URL Search Domain Scan URL

URL: https://love-her-films.com/love-her-films-com/porno-video/card%20forms%20ru
Title: loveherfilms

Search URL Search Domain Scan URL

URL: https://teens-love-huge-cocks.com/teens-love-huge-cocks-com/porno-video/card%20forms%20ru
Title: teenslovehugecocks

Search URL Search Domain Scan URL

URL: https://little-caprice-dreams.com/little-caprice-dreams-com/porno-video/card%20forms%20ru
Title: littlecapricedreams

Search URL Search Domain Scan URL

URL: https://jenny-movies.com/jenny-movies-com/porno-video/card%20forms%20ru
Title: jennymovies

Search URL Search Domain Scan URL

URL: https://hentai-hand.com/hentai-hand-com/porno-video/card%20forms%20ru
Title: hentaihand

Search URL Search Domain Scan URL

URL: https://blacked-com.top/blacked-com-top/porno-video/card%20forms%20ru
Title: blackedcom.top

Search URL Search Domain Scan URL

URL: https://blacked-com.stream/blacked-com-stream/porno-video/card%20forms%20ru
Title: blackedcom.stream

Search URL Search Domain Scan URL

URL: https://blacked-com.vip/blacked-com-vip/porno-video/card%20forms%20ru
Title: blackedcom.vip

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://counter.yadro.ru/hit;RUIF?t52.6;r;s1600*1200*24;uhttps%3A//card-forms.ru/;h;0.6134552974901553 HTTP 302
https://counter.yadro.ru/hit;RUIF?q;t52.6;r;s1600*1200*24;uhttps%3A//card-forms.ru/;h;0.6134552974901553

Request Chain 74

https://endowmentoverhangutmost.com/sn/pr/2007093?zoneid=2007093&jp=_clihcsnfglq7wpcttwqmrh&nojs=0&abvar=0&febuild=1.0.263&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=5460634799721984&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22126%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22126%22&chf=%22Not/A)Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22126.0.6478.55%22,%20%22Google%20Chrome%22;v=%22126.0.6478.55%22&chm=false&chmd=&chp=Win32&chv=10.0.0&cs=5&freq=0&uf=0 HTTP 302
https://coosync.com/sn/c?zoneid=2007093&freq=0&srp=rNLHi_9V3Yxpn0tRdC6B5CBNNPfPVFwGan9dOvWQD6HDJimTM2s_2zb9zixQ0zdy0t6f7QIOSasETviG7R_5Xz99POniiTTXCEp-dYO36sDjsXdbQqfktjnmRni0Bw==&im=1&wcks=1 HTTP 302
https://endowmentoverhangutmost.com/sn/ps/2007093?freq=0&im=1&puid=0&so=1&wcks=1

101 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
card-forms.ru/ 506 KB
99 KB 5874ms
3130ms Document
text/html 172.67.176.66
CLOUDFLARENET

General

Domain/Path	Expires	Name / Value
card-forms.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 177594e929a4c8cba6822e29df5d8ea3
card-forms.ru/	1970-01-20 21:28:20	Name: kt_tcookie Value: 1
.yadro.ru/	1970-01-21 06:02:42	Name: FTID Value: 1cQnry3Wprep1cQnry001T0X
.yadro.ru/	1970-01-21 06:02:42	Name: VID Value: 33WyIX1Mc2up1cQnry001T1J
endowmentoverhangutmost.com/	1970-01-20 21:18:19	Name: cart Value: 1
endowmentoverhangutmost.com/	1970-01-20 21:18:19	Name: cart_p Value: 2
endowmentoverhangutmost.com/	1970-01-21 06:52:49	Name: CHCK Value: 1
endowmentoverhangutmost.com/	1970-01-21 06:52:49	Name: UID Value: 24061311259d70c08e5f9f413bb993c39bf8
card-forms.ru/	1969-12-31 23:59:59	Name: bnState_2007093 Value: {"impressions":1,"delayStarted":0}
card-forms.ru/	1969-12-31 23:59:59	Name: bnState_2006843 Value: {"impressions":1,"delayStarted":0}
card-forms.ru/	1969-12-31 23:59:59	Name: bnState_2007094 Value: {"impressions":1,"delayStarted":0}
card-forms.ru/	1969-12-31 23:59:59	Name: bnState_2007092 Value: {"impressions":1,"delayStarted":0}
card-forms.ru/	1969-12-31 23:59:59	Name: bnState_2006844 Value: {"impressions":1,"delayStarted":0}
card-forms.ru/	1969-12-31 23:59:59	Name: bnState_2007091 Value: {"impressions":1,"delayStarted":0}
card-forms.ru/	1969-12-31 23:59:59	Name: bnState_2006845 Value: {"impressions":1,"delayStarted":0}
card-forms.ru/	1969-12-31 23:59:59	Name: bnState_1949159 Value: {"impressions":1,"delayStarted":0}
holahupa.com/	1970-01-21 06:52:49	Name: CHCK Value: 1
holahupa.com/	1970-01-21 06:52:49	Name: UID Value: 2406131125f472de452e444360b360d80151

Source	Level	URL Text
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2007093/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2006843/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2007094/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2007092/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2006844/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2007091/code.js(Line 15) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2006845/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/1949159/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://card-forms.ru/images/bg-main-top-dark.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://card-forms.ru/images/bg-main-bottom-dark.jpg Message: Failed to load resource: the server responded with a status of 404 ()

card-forms.ru Open in urlscan Pro 172.67.176.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

101 Requests

98 %HTTPS

23 %IPv6

13 Domains

13 Subdomains

13 IPs

6 Countries

2297 kBTransfer

4438 kBSize

18 Cookies

10 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

card-forms.ru Open in urlscan Pro
172.67.176.66 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

98 %
HTTPS

23 %
IPv6

13
Domains

13
Subdomains

13
IPs

6
Countries

2297 kB
Transfer

4438 kB
Size

18
Cookies

101 HTTP transactions
1 data transactions