valuef.gumroad.com Open in urlscan Pro
104.17.176.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://goo.shader.gay/
Effective URL:
https://valuef.gumroad.com/l/goo?a=281319763
Submission: On June 13 via api (June 13th 2024, 11:03:01 am UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 57 HTTP transactions. The main IP is 104.17.176.98, located in and belongs to CLOUDFLARENET, US. The main domain is valuef.gumroad.com.
TLS certificate: Issued by E1 on May 2nd 2024. Valid for: 3 months.

This is the only time valuef.gumroad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.78.61.207 5.78.61.207	212317 (HETZNER-C...) (HETZNER-CLOUD3-AS)
43	104.17.176.98 104.17.176.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:249... 2600:9000:2490:de00:e:e47a:54c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
57	11

1 5.78.61.207 (Portland, United States) 1 redirects

ASN212317 (HETZNER-CLOUD3-AS, DE)
PTR: static.207.61.78.5.clients.your-server.de

goo.shader.gay	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 104.17.176.98 (None, )

ASN13335 (CLOUDFLARENET, US)

valuef.gumroad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.gumroad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
public-files.gumroad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2490:de00:e:e47a:54c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.iframe.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	gumroad.com valuef.gumroad.com assets.gumroad.com — Cisco Umbrella Rank: 129627 public-files.gumroad.com — Cisco Umbrella Rank: 172925	11 MB
5	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	14 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	91 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	145 KB
2	iframe.ly cdn.iframe.ly — Cisco Umbrella Rank: 32967
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2347	256 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 951	7 KB
1	shader.gay 1 redirects goo.shader.gay	98 B
57	9

	Domain	Requested by
26	public-files.gumroad.com	valuef.gumroad.com
12	assets.gumroad.com	assets.gumroad.com valuef.gumroad.com
5	www.youtube.com	assets.gumroad.com www.googletagmanager.com www.youtube.com
5	valuef.gumroad.com	valuef.gumroad.com static.cloudflareinsights.com assets.gumroad.com
2	connect.facebook.net	assets.gumroad.com connect.facebook.net
2	www.googletagmanager.com	assets.gumroad.com www.googletagmanager.com
2	cdn.iframe.ly	valuef.gumroad.com assets.gumroad.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.facebook.com	connect.facebook.net
1	static.cloudflareinsights.com	valuef.gumroad.com
1	goo.shader.gay	1 redirects
57	11

This site contains links to these domains. Also see Links.

Domain
shader.gay
vrchat.com
www.youtube.com
discord.shader.gay
app.gumroad.com

Subject Issuer	Validity	Valid
gumroad.com E1	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.iframe.ly Amazon RSA 2048 M03	`2023-10-23` - `2024-11-21`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-22` - `2024-06-20`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://valuef.gumroad.com/l/goo?a=281319763
Frame ID: B067B00A85F32C04A96EAA83F70F1782
Requests: 56 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DW7Y5RJiOn44&key=31708e31359468f73bc5b03e9dcab7da
Frame ID: 1B05D0D13C3938AEFA749D12582833B2
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TVFKUSLEMRA?feature=oembed&showinfo=0&controls=0&rel=0&enablejsapi=1
Frame ID: ECE123BD2A3F63C691BC07E3D528EE9E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ZvauaoedSLc?feature=oembed&showinfo=0&controls=0&rel=0&enablejsapi=1
Frame ID: 90267E37B44D97200EC82CDA9BD295E9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5JLNEiK3m5M?feature=oembed&showinfo=0&controls=0&rel=0&enablejsapi=1
Frame ID: 63DEA6E782F7D78BE328F2B5E13093FB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DW7Y5RJiOn44&key=31708e31359468f73bc5b03e9dcab7da
Frame ID: EF9BE5720B7597618B6D3E2B6A58737C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

💦 VRChat Goo Shader 2.0 ✨

Page URL History Show full URLs

http://goo.shader.gay/ HTTP 307
https://goo.shader.gay/ HTTP 302
https://valuef.gumroad.com/l/goo?a=281319763 Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

57
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

11188 kB
Transfer

18418 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://shader.gay/goo2/discount.html
Title: 👉 here 👈

Search URL Search Domain Scan URL

URL: https://vrchat.com/home/world/wrld_7f53389e-ce72-4a5b-95c2-f0ebd070ec22
Title: Public avatar world here!

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLEaEK5uFqd03IjFS_Lm7llH2zibLsioIY
Title: playlist here.

Search URL Search Domain Scan URL

URL: https://discord.shader.gay/
Title: Discord

Search URL Search Domain Scan URL

URL: https://shader.gay/goo2/tos.html
Title: Terms of Service (TOS) is available here

Search URL Search Domain Scan URL

URL: https://app.gumroad.com/checkout?affiliate_id=281319763&product=pzfmx&option=OTq6X8IUqWXfqSFS-FXFGQ%3D%3D&quantity=1
Title: Ich möchte das haben!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://goo.shader.gay/ HTTP 307
https://goo.shader.gay/ HTTP 302
https://valuef.gumroad.com/l/goo?a=281319763 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request goo Show response
valuef.gumroad.com/l/
Redirect Chain

http://goo.shader.gay/
https://goo.shader.gay/
https://valuef.gumroad.com/l/goo?a=281319763

39 KB
12 KB

657ms
628ms

Document
text/html

104.17.176.98
CLOUDFLARENET

General

Domain/Path	Expires	Name / Value
valuef.gumroad.com/	1970-01-20 21:17:56	Name: _mkra_stck Value: mysql%3A1718276580.6762927
.gumroad.com/	1970-01-21 06:53:56	Name: _gumroad_guid Value: 4156bf7b-ac9c-4766-9fff-394365dd45a4
.gumroad.com/	1970-01-20 21:28:01	Name: _gumroad_affiliate_id_izj-MyoVvmj9YJhAmsxP1A%3D%3D Value: 1718276575
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: bsPSXTW4ttI
.youtube.com/	1970-01-21 01:37:08	Name: VISITOR_INFO1_LIVE Value: fQmEVO1J7OY
.youtube.com/	1970-01-21 01:37:08	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgSA%3D%3D
.gumroad.com/	1970-01-21 06:53:56	Name: _gumroad_app_session Value: fak8vuSLtT901XxyBNCsQoFLop8HwsMkk%2BX681aNtipbC6e2n%2FL2SC2voHsbhtQAFejqlIjQFnJ6%2B2OBkVvkn%2Bgzp2sckYSk4I%2FAZkLCStxWGKK0rFK5X9vIPm2FhNe32E2N4qOSDXA0glY15YRE56lMyll0yRZFPB2JkjelMeCW7UKjTmcSVHBh978%2FAwHeoPT8wOXNzSNiDg0Tx6rSxnR8eouC%2FuD8icszDwEY8wRoiyHmpPzDoJq%2B5JT0%2Bu1LKybQYjbQYxiQT74GzIN8xmMqMUe%2BBL%2FVWAhmd%2B4b1b7iPST%2FmVMvGdALZFtA%2FvErFJ6wqielpDxjBp9cGIhBwe576NKhtHAj%2B1CghdwXu7Ny%2BjAW%2BWbknA%2BNXM6Sxg%3D%3D--%2B%2Bv9QmumZDMrJyKZ--D04ImKXDlz7tIt33WR67Zw%3D%3D
.gumroad.com/	1970-01-21 06:53:56	Name: _ga Value: GA1.1.970163091.1718276577
.gumroad.com/	1970-01-21 06:53:56	Name: _ga_6LJN6D94N6 Value: GS1.1.1718276576.1.0.1718276577.0.0.0

Header	Value
Content-Security-Policy	default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com .facebook.com .facebook.net .google-analytics.com .g.doubleclick.net .googletagmanager.com analytics.google.com .analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ .braintreegateway.com www.paypalobjects.com .paypal.com .braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com .braintreegateway.com .braintree-api.com www.paypalobjects.com .paypal.com .google-analytics.com .googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com .facebook.net .facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com .jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com 'nonce-o92YqiQmTqkQCdFtOEzHboOrCAUt+uln04KJ9icZgOk=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

valuef.gumroad.com Open in urlscan Pro 104.17.176.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

64 %IPv6

9 Domains

11 Subdomains

11 IPs

3 Countries

11188 kBTransfer

18418 kBSize

9 Cookies

6 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

valuef.gumroad.com Open in urlscan Pro
104.17.176.98 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

11188 kB
Transfer

18418 kB
Size

9
Cookies

57 HTTP transactions
4 data transactions