mezcrafts.ru Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mezcrafts.ru/
Submission: On August 09 via api (August 9th 2024, 12:51:32 am UTC) from US — Scanned from NL

Summary HTTP 127 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 13 domains to perform 127 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is mezcrafts.ru.
TLS certificate: Issued by WE1 on July 9th 2024. Valid for: 3 months.

This is the only time mezcrafts.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
53	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1178:1:4... 2a00:1178:1:4b::12	35415 (WEBZILLA) (WEBZILLA)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:b48:8300::1 2a02:b48:8300::1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
36	94.242.247.20 94.242.247.20	7979 (SERVERS-COM) (SERVERS-COM)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
11	172.67.162.121 172.67.162.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.162.9.153 185.162.9.153	207728 (EUROHOSTER) (EUROHOSTER)
1	104.21.235.146 104.21.235.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.67.214.86 172.67.214.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	94.242.247.29 94.242.247.29	7979 (SERVERS-COM) (SERVERS-COM)
127	12

53 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

mezcrafts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
drochila.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1178:1:4b::12 (Netherlands)

ASN35415 (WEBZILLA, NL)

defensive-living.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b48:8300::1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.cleverculture.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 94.242.247.20 (Luxembourg)

ASN7979 (SERVERS-COM, US)

endowmentoverhangutmost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.162.121 (United States)

ASN13335 (CLOUDFLARENET, US)

m.porno-zadrochi.best	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.162.9.153 (Naaldwijk, Netherlands)

ASN207728 (EUROHOSTER, BG)
PTR: srv24059.hosted-by-eurohoster.org

2porno.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.235.146 (None, )

ASN13335 (CLOUDFLARENET, US)

tytporno.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.214.86 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bncloudfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.242.247.29 (Luxembourg)

ASN7979 (SERVERS-COM, US)

holahupa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	mezcrafts.ru mezcrafts.ru	613 KB
36	endowmentoverhangutmost.com endowmentoverhangutmost.com — Cisco Umbrella Rank: 12483	436 KB
11	porno-zadrochi.best m.porno-zadrochi.best — Cisco Umbrella Rank: 583818	803 KB
8	bncloudfl.com cdn.bncloudfl.com — Cisco Umbrella Rank: 9970	128 KB
5	drochila.online drochila.online — Cisco Umbrella Rank: 630497	183 KB
5	2porno.online 2porno.online — Cisco Umbrella Rank: 750338	223 KB
3	holahupa.com holahupa.com — Cisco Umbrella Rank: 15973	50 KB
3	gstatic.com fonts.gstatic.com	42 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9685	1 KB
2	cleverculture.pro www.cleverculture.pro	31 KB
2	defensive-living.com defensive-living.com — Cisco Umbrella Rank: 560854	14 KB
1	tytporno.online tytporno.online	40 KB
0	coosync.com Failed coosync.com Failed
127	13

	Domain	Requested by
48	mezcrafts.ru	mezcrafts.ru
36	endowmentoverhangutmost.com	mezcrafts.ru endowmentoverhangutmost.com
11	m.porno-zadrochi.best	mezcrafts.ru
8	cdn.bncloudfl.com	mezcrafts.ru endowmentoverhangutmost.com
5	drochila.online	mezcrafts.ru
5	2porno.online	mezcrafts.ru
3	holahupa.com	endowmentoverhangutmost.com holahupa.com
3	fonts.gstatic.com	mezcrafts.ru
2	counter.yadro.ru	1 redirects mezcrafts.ru
2	www.cleverculture.pro	defensive-living.com
2	defensive-living.com	mezcrafts.ru defensive-living.com
1	tytporno.online	mezcrafts.ru
0	coosync.com Failed	endowmentoverhangutmost.com
127	13

This site contains links to these domains. Also see Links.

Domain
2porno.online
best-buyonline.ru
all4nails.ru
21-studio.ru
ryukzakevich.ru
muzhchina-i-zhenshina.ru
pingvin2008.ru
delovaya-artel.ru
kredit-wsem.ru
e2-e3.ru
shakalcross.ru

Subject Issuer	Validity	Valid
mezcrafts.ru WE1	`2024-07-09` - `2024-10-07`	3 months	crt.sh
defensive-living.com E6	`2024-08-04` - `2024-11-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.cleverculture.pro R10	`2024-08-08` - `2024-11-06`	3 months	crt.sh
Buypass Class 2 CA 5	`2024-05-17` - `2024-11-12`	6 months	crt.sh
porno-zadrochi.best WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
2porno.online R11	`2024-06-13` - `2024-09-11`	3 months	crt.sh
drochila.online WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
tytporno.online WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
cdn.bncloudfl.com WE1	`2024-06-26` - `2024-09-24`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://mezcrafts.ru/
Frame ID: 604398365CE5B22BBFDA25335CB51162
Requests: 99 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/check.html
Frame ID: 84F2220BCA033068C64C9FF3927964B9
Requests: 1 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/check.html
Frame ID: 86AAD0E2AD29F4C3AAE143BEC7204B74
Requests: 1 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/check.html
Frame ID: A167441B77FA9BACFDDC55DF358E9FAF
Requests: 1 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/check.html
Frame ID: 101C7A9FA34F35D9EA8602AF27611464
Requests: 1 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/check.html
Frame ID: D5B1B5FD9AA746E9DD8572C90EA27134
Requests: 1 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/check.html
Frame ID: ABA53E1E5A939E08DDE3692F914F44A2
Requests: 1 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/check.html
Frame ID: E96A8817229F0EC10CAD9714F5EDDC23
Requests: 1 HTTP requests in this frame

Frame: https://endowmentoverhangutmost.com/check.html
Frame ID: E4096F001BF4CA0A6FD6EB9043E458BF
Requests: 1 HTTP requests in this frame

Frame: https://coosync.com/sn/c?zoneid=2007092&freq=0&srp=KQu0RYqkp4f6ME7rVOWe6q5C15PER3LQyzzHqTWLJsUAb8Fs-6EIvkDDPGrnr5aEBdO7KlbM00xQcHQ75_B4nbU0lP2Hqu-sG_VlaTExBYiTAwKQmGC4UEkiiOgSxQ==&im=1&wcks=1
Frame ID: B915C14AD99491F50C15B7C160ED03D1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: 1C01434B93202D2631D9DB1A7FF4576C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: F4FCFAFA5700E707B51C78E8954CE825
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: 0E20559DB830C23EDCEDDE878A9537E0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: BE8C4931E01A0897E2644809E6DA2066
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: BC661A62C116F58BE85F898EA21DFF8E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: 314F07FC82410EC937F420B56AD384A1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: FB70275F807D0F89D5582E58487B6979
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: A9E42A459C7AE985401FF2BFE5C57EF6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

127
Requests

98 %
HTTPS

27 %
IPv6

13
Domains

13
Subdomains

12
IPs

6
Countries

2564 kB
Transfer

6050 kB
Size

21
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://2porno.online/331-papochka-trahaet-svoyu-dochurku.html
Title: porn

Search URL Search Domain Scan URL

URL: https://best-buyonline.ru/best-buyonline-ru/videos-porno/mezcrafts%20ru
Title: bestbuyonline

Search URL Search Domain Scan URL

URL: https://all4nails.ru/all4nails-ru/videos-porno/mezcrafts%20ru
Title: all4nails

Search URL Search Domain Scan URL

URL: https://21-studio.ru/21-studio-ru/videos-porno/mezcrafts%20ru
Title: 21studio

Search URL Search Domain Scan URL

URL: https://ryukzakevich.ru/ryukzakevich-ru/videos-porno/mezcrafts%20ru
Title: ryukzakevich

Search URL Search Domain Scan URL

URL: https://muzhchina-i-zhenshina.ru/muzhchina-i-zhenshina-ru/videos-porno/mezcrafts%20ru
Title: muzhchinaizhenshina

Search URL Search Domain Scan URL

URL: https://pingvin2008.ru/pingvin2008-ru/videos-porno/mezcrafts%20ru
Title: pingvin2008

Search URL Search Domain Scan URL

URL: https://delovaya-artel.ru/delovaya-artel-ru/videos-porno/mezcrafts%20ru
Title: delovayaartel

Search URL Search Domain Scan URL

URL: https://kredit-wsem.ru/kredit-wsem-ru/videos-porno/mezcrafts%20ru
Title: kreditwsem

Search URL Search Domain Scan URL

URL: https://e2-e3.ru/e2-e3-ru/videos-porno/mezcrafts%20ru
Title: e2e3

Search URL Search Domain Scan URL

URL: https://shakalcross.ru/shakalcross-ru/videos-porno/mezcrafts%20ru
Title: shakalcross

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://counter.yadro.ru/hit;RUIF?t52.6;r;s1600*1200*24;uhttps%3A//mezcrafts.ru/;h;0.2996184089769329 HTTP 302
https://counter.yadro.ru/hit;RUIF?q;t52.6;r;s1600*1200*24;uhttps%3A//mezcrafts.ru/;h;0.2996184089769329

Request Chain 102

https://endowmentoverhangutmost.com/sn/pr/2007092?zoneid=2007092&jp=_clu24u3ghi8cwhlbihxpgi&nojs=0&abvar=0&febuild=1.0.310&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&fn=2&pt=GW67qdGOjpQb3JubyUyME1FWkNSQUZUUzolMjAlRDElODElRDAlQjUlRDAlQkElRDElODElMjAlRDAlQjIlRDAlQjglRDAlQjQlRDAlQjUlRDAlQkUlMjAlRTIlOTYlQjYlRUYlQjglOEYlMjAlRDAlQTElRDAlQkMlRDAlQkUlRDElODIlRDElODAlRDAlQjUlRDElODIlRDElOEMlMjAlRDAlQkYlRDAlQkUlRDElODAlRDAlQkQlRDAlQkUlMjAlRDAlQkUlRDAlQkQlRDAlQkIlRDAlQjAlRDAlQjklRDAlQkQlMjAlRDAlQjglMjAlRDElODElRDAlQkElRDAlQjAlRDElODclRDAlQjAlRDElODIlRDElOEMlMjAlRDAlQkYlRDAlQkUlRDElODAlRDAlQkQlRDAlQkUlMjAlRDAlQjElRDAlQjUlRDElODElRDAlQkYlRDAlQkIlRDAlQjAlRDElODIlRDAlQkQlRDAlQkUlMjAlRDAlQjIlMjBIRCUyMCVEMCVCQSVEMCVCMCVEMSU4NyVEMCVCNSVEMSU4MSVEMSU4MiVEMCVCMiVEMCVCNQ&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=opKTBToaHR0cHM6Ly9tZXpjcmFmdHMucnUv&afid=7149803738482688&dl=10&rtt=50&eclog=0&snc=0&ssc=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&freq=0&uf=0 HTTP 302
https://coosync.com/sn/c?zoneid=2007092&freq=0&srp=KQu0RYqkp4f6ME7rVOWe6q5C15PER3LQyzzHqTWLJsUAb8Fs-6EIvkDDPGrnr5aEBdO7KlbM00xQcHQ75_B4nbU0lP2Hqu-sG_VlaTExBYiTAwKQmGC4UEkiiOgSxQ==&im=1&wcks=1

127 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
mezcrafts.ru/ 2 MB
322 KB 2869ms
2790ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Domain/Path	Expires	Name / Value
mezcrafts.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6062ac641580c194770eb6fff495a730
mezcrafts.ru/	1970-01-20 22:49:29	Name: kt_tcookie Value: 1
.yadro.ru/	1970-01-21 07:24:46	Name: FTID Value: 1cjMWB094Eur1cjMWB002FRw
mezcrafts.ru/	1970-01-21 08:13:54	Name: UGVyc2lzdFN0b3JhZ2U Value: %7B%7D
.yadro.ru/	1970-01-21 07:24:46	Name: VID Value: 2vE3hF25zFer1cjMWB002FTH
endowmentoverhangutmost.com/	1970-01-20 22:39:28	Name: cart Value: 1
endowmentoverhangutmost.com/	1970-01-20 22:39:28	Name: cart_p Value: 2
endowmentoverhangutmost.com/	1970-01-21 08:13:58	Name: CHCK Value: 1
endowmentoverhangutmost.com/	1970-01-21 08:13:58	Name: UID Value: 240808195166b85d41cdd947a58ba271cd4f
mezcrafts.ru/	1969-12-31 23:59:59	Name: bnState_2007092 Value: {"impressions":1,"delayStarted":0}
mezcrafts.ru/	1969-12-31 23:59:59	Name: bnState_2006844 Value: {"impressions":1,"delayStarted":0}
mezcrafts.ru/	1969-12-31 23:59:59	Name: bnState_2007091 Value: {"impressions":1,"delayStarted":0}
mezcrafts.ru/	1969-12-31 23:59:59	Name: bnState_2007093 Value: {"impressions":1,"delayStarted":0}
mezcrafts.ru/	1969-12-31 23:59:59	Name: bnState_2006843 Value: {"impressions":1,"delayStarted":0}
mezcrafts.ru/	1969-12-31 23:59:59	Name: bnState_2007094 Value: {"impressions":1,"delayStarted":0}
mezcrafts.ru/	1969-12-31 23:59:59	Name: bnState_2006845 Value: {"impressions":1,"delayStarted":0}
mezcrafts.ru/	1969-12-31 23:59:59	Name: bnState_1949159 Value: {"impressions":1,"delayStarted":0}
holahupa.com/	1970-01-21 08:13:58	Name: CHCK Value: 1
holahupa.com/	1970-01-21 08:13:58	Name: UID Value: 240808195134bdd1c83a044bed901a08da0a
endowmentoverhangutmost.com/	1970-01-20 23:22:36	Name: CRIBLOCK Value: ONx1SAAAAABmtVwA
endowmentoverhangutmost.com/	1970-01-20 23:22:36	Name: CRICAP Value: ONx1SAAAAAAAAAAC

Source	Level	URL Text
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2007092/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2006844/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2007091/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2007093/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2006843/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2007094/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/2006845/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://endowmentoverhangutmost.com/lv/esnk/1949159/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://mezcrafts.ru/images/bg-main-top-dark.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mezcrafts.ru/images/bg-main-bottom-dark.jpg Message: Failed to load resource: the server responded with a status of 404 ()

mezcrafts.ru Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

127 Requests

98 %HTTPS

27 %IPv6

13 Domains

13 Subdomains

12 IPs

6 Countries

2564 kBTransfer

6050 kBSize

21 Cookies

11 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mezcrafts.ru Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

98 %
HTTPS

27 %
IPv6

13
Domains

13
Subdomains

12
IPs

6
Countries

2564 kB
Transfer

6050 kB
Size

21
Cookies

127 HTTP transactions
1 data transactions