valuef.gumroad.com Open in urlscan Pro
104.18.243.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hypno.shader.gay/
Effective URL:
https://valuef.gumroad.com/l/hypno-eyes?a=281319763
Submission: On June 13 via api (June 13th 2024, 11:03:10 am UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 53 HTTP transactions. The main IP is 104.18.243.99, located in and belongs to CLOUDFLARENET, US. The main domain is valuef.gumroad.com.
TLS certificate: Issued by E1 on May 2nd 2024. Valid for: 3 months.

This is the only time valuef.gumroad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.78.61.207 5.78.61.207	212317 (HETZNER-C...) (HETZNER-CLOUD3-AS)
27	104.18.243.99 104.18.243.99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.17.176.98 104.17.176.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:249... 2600:9000:2490:400:e:e47a:54c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
1	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
53	12

1 5.78.61.207 (Portland, United States) 1 redirects

ASN212317 (HETZNER-CLOUD3-AS, DE)
PTR: static.207.61.78.5.clients.your-server.de

hypno.shader.gay	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.18.243.99 (None, )

ASN13335 (CLOUDFLARENET, US)

valuef.gumroad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.gumroad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
public-files.gumroad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.176.98 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.gumroad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2490:400:e:e47a:54c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.iframe.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f110.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	gumroad.com valuef.gumroad.com assets.gumroad.com — Cisco Umbrella Rank: 129627 public-files.gumroad.com — Cisco Umbrella Rank: 172925	9 MB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	14 KB
6	iframe.ly cdn.iframe.ly — Cisco Umbrella Rank: 32967
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	89 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	145 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2347
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 951	7 KB
1	shader.gay 1 redirects hypno.shader.gay	104 B
53	9

	Domain	Requested by
14	assets.gumroad.com	valuef.gumroad.com assets.gumroad.com
13	public-files.gumroad.com	valuef.gumroad.com
8	www.youtube.com	assets.gumroad.com www.googletagmanager.com www.youtube.com
6	cdn.iframe.ly	valuef.gumroad.com assets.gumroad.com
5	valuef.gumroad.com	valuef.gumroad.com static.cloudflareinsights.com assets.gumroad.com
2	connect.facebook.net	assets.gumroad.com connect.facebook.net
2	www.googletagmanager.com	assets.gumroad.com www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.facebook.com	connect.facebook.net
1	static.cloudflareinsights.com	valuef.gumroad.com
1	hypno.shader.gay	1 redirects
53	11

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
discord.shader.gay
twitter.com
app.gumroad.com

Subject Issuer	Validity	Valid
gumroad.com E1	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.iframe.ly Amazon RSA 2048 M03	`2023-10-23` - `2024-11-21`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-22` - `2024-06-20`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://valuef.gumroad.com/l/hypno-eyes?a=281319763
Frame ID: 2FACF2B314F58BC314B16CABF090607E
Requests: 46 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fgiphy.com%2Fgifs%2FEGrzRgowrMcRVXscgt&key=31708e31359468f73bc5b03e9dcab7da
Frame ID: B7BD51E3BF48F9914910141EF11A6AB8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DAJwefMO8fGE&key=31708e31359468f73bc5b03e9dcab7da
Frame ID: CC40EB0F53FC4E20AA9FA99C9EBF7F3F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fgiphy.com%2Fgifs%2F4r78oUpWNzAMSdnf3y&key=31708e31359468f73bc5b03e9dcab7da
Frame ID: D8168781BC86EECE07866274829704A1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/c8_x58QcIfU?feature=oembed&showinfo=0&controls=0&rel=0&enablejsapi=1
Frame ID: 11B5938E8F79A067B64ED5391AACB474
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/w5mmkrvkqao?feature=oembed&showinfo=0&controls=0&rel=0&enablejsapi=1
Frame ID: 05AD9931EBC1B80E532C9DB72D994872
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EyyvwvUvzKw?feature=oembed&showinfo=0&controls=0&rel=0&enablejsapi=1
Frame ID: E9EF92AD5A5CCD9FA4A0ADB9F1F61ECF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/v-KSC8AQU2Q?feature=oembed&showinfo=0&controls=0&rel=0&enablejsapi=1
Frame ID: 94C572DB3CB99BA4DA18E703E588F131
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Xsl_ckOA1qs?feature=oembed&showinfo=0&controls=0&rel=0&enablejsapi=1
Frame ID: 8EFECE8CFAFEB727686D48D968C93302
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/oM9O5TiYTuw?feature=oembed&showinfo=0&controls=0&rel=0&enablejsapi=1
Frame ID: 6EEDF2BCC0B41081730CC870DC7B033F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fgiphy.com%2Fgifs%2FEGrzRgowrMcRVXscgt&key=31708e31359468f73bc5b03e9dcab7da
Frame ID: 404454A16DE4AC663B1A0F1822835D9D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DAJwefMO8fGE&key=31708e31359468f73bc5b03e9dcab7da
Frame ID: 1CF198AE9E187FDC49EAE0138B675B21
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fgiphy.com%2Fgifs%2F4r78oUpWNzAMSdnf3y&key=31708e31359468f73bc5b03e9dcab7da
Frame ID: 82F4F2353185F9C789758F4FDB84EB59
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VRChat Hypno Eyes (Novabeast Preset ✨)

Page URL History Show full URLs

http://hypno.shader.gay/ HTTP 307
https://hypno.shader.gay/ HTTP 302
https://valuef.gumroad.com/l/hypno-eyes?a=281319763 Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

53
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

9965 kB
Transfer

12955 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=35LQDS6zfOI
Title: WALKTHROUGH VIDEO

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=gGNFH25oUAk
Title: WALKTHROUGH VIDEO

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ctFisdZbngc
Title: View it here (TUTORIAL VIDEO).

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=4HwbRJhQ26Q
Title: View it here (TUTORIAL VIDEO).

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=jbOCzh30j7U
Title: View it here (TUTORIAL VIDEO).

Search URL Search Domain Scan URL

URL: http://discord.shader.gay/
Title: http://discord.shader.gay

Search URL Search Domain Scan URL

URL: https://twitter.com/Value_Factory
Title: https://twitter.com/Value_Factory

Search URL Search Domain Scan URL

URL: https://app.gumroad.com/checkout?affiliate_id=281319763&product=cwqvu&option=bAgWBEKrhxLE3UbMXBvB7w%3D%3D&quantity=1
Title: Ich möchte das haben!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hypno.shader.gay/ HTTP 307
https://hypno.shader.gay/ HTTP 302
https://valuef.gumroad.com/l/hypno-eyes?a=281319763 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request hypno-eyes Show response
valuef.gumroad.com/l/
Redirect Chain

http://hypno.shader.gay/
https://hypno.shader.gay/
https://valuef.gumroad.com/l/hypno-eyes?a=281319763

54 KB
14 KB

292ms
231ms

Document
text/html

104.18.243.99
CLOUDFLARENET

General

Domain/Path	Expires	Name / Value
valuef.gumroad.com/	1970-01-20 21:17:56	Name: _mkra_stck Value: mysql%3A1718276588.5717692
.gumroad.com/	1970-01-21 06:53:56	Name: _gumroad_guid Value: 7a79b026-2628-4254-bf41-e7c03c7c3cbc
.gumroad.com/	1970-01-20 21:28:01	Name: _gumroad_affiliate_id_izj-MyoVvmj9YJhAmsxP1A%3D%3D Value: 1718276583
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: GHqhPUmysaI
.youtube.com/	1970-01-21 01:37:08	Name: VISITOR_INFO1_LIVE Value: Ce6sSQozP9w
.youtube.com/	1970-01-21 01:37:08	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgJg%3D%3D
.gumroad.com/	1970-01-21 06:53:56	Name: _gumroad_app_session Value: 9%2BYU6Zhi5e7D4%2BoEgO3Ney9tdXnAaYBu7MNr0ZHfhVLSOvsA1ekFTCvmpDcnu0tkR7NWiohnSZ8oJqF6RSNnsPj%2BNmMmtGIe7YHWj3QaosYcu5tJjmIggp%2F4tYh45ALeBf%2BTOkaWZqr58h41dcRAq52pKyMb%2FSrNJ%2BYD0Einc7jxuuNR7m1TYkMqV1BXggAy0Ut%2Bt8B0y%2F3CJtTw3JURHaTdv0BYc12IbkLnshkv0di%2B5lxy6LDqKfBzzZz4RHZOtw97%2FkN14VRnJBizFzKtTxNB7UYx4vYRXcENKtscIOIO56%2Bab6B3%2Fht4matmVq4QIyQkQBDswcR5KEb4noUazZLl7vEdN%2B3%2FWuIzanAqFaz%2FghcjOakWzerafRDdoQ%3D%3D--gxpM96KDkrU3CwWj--W8saz2CFE5CKRjivjXexpg%3D%3D
.gumroad.com/	1970-01-21 06:53:56	Name: _ga Value: GA1.1.1520047456.1718276587
.gumroad.com/	1970-01-21 06:53:56	Name: _ga_6LJN6D94N6 Value: GS1.1.1718276586.1.0.1718276586.0.0.0

Header	Value
Content-Security-Policy	default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com .facebook.com .facebook.net .google-analytics.com .g.doubleclick.net .googletagmanager.com analytics.google.com .analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ .braintreegateway.com www.paypalobjects.com .paypal.com .braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com .braintreegateway.com .braintree-api.com www.paypalobjects.com .paypal.com .google-analytics.com .googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com .facebook.net .facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com .jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com 'nonce-Sdxm64BZUKgaHFpSvZUZ33L8mvWIxRAcKFN1Q9Is/XI=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

valuef.gumroad.com Open in urlscan Pro 104.18.243.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

58 %IPv6

9 Domains

11 Subdomains

12 IPs

3 Countries

9965 kBTransfer

12955 kBSize

9 Cookies

8 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

valuef.gumroad.com Open in urlscan Pro
104.18.243.99 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

9965 kB
Transfer

12955 kB
Size

9
Cookies

53 HTTP transactions
5 data transactions