sfr.gay Open in urlscan Pro
65.109.99.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sfr.gay/
Effective URL:
https://sfr.gay/
Submission: On November 20 via api (November 20th 2023, 11:59:01 am UTC) from US — Scanned from FI

Summary HTTP 11 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 65.109.99.164, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is sfr.gay.
TLS certificate: Issued by R3 on November 4th 2023. Valid for: 3 months.

This is the only time sfr.gay was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 12	65.109.99.164 65.109.99.164		24940 (HETZNER-AS) (HETZNER-AS)
11	1

12 65.109.99.164 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: cronut.cafe

sfr.gay	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cronut.cafe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cronut.cafe cronut.cafe	37 KB
5	sfr.gay 1 redirects sfr.gay	13 KB
11	2

	Domain	Requested by
7	cronut.cafe	sfr.gay
5	sfr.gay	1 redirects sfr.gay
11	2

This site contains links to these domains. Also see Links.

Domain
crimew.gay
matrix.to
sr.ht
soundcloud.com
cronut.cafe
enby.space
snowdin.town
devilmayquake.com
celestegame.com
tuxcrafting.online
koishii.online
foxie.gay
versary.town
nixgoat.me
oomfie.town
sfr.cronut.cafe

Subject Issuer	Validity	Valid
sfr.gay R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
cronut.cafe R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sfr.gay/
Frame ID: 265C8A452611A85456FA4E70AA5A0BD4
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

aoife!!!

Page URL History Show full URLs

http://sfr.gay/ HTTP 301
https://sfr.gay/ Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

50 kB
Transfer

48 kB
Size

0
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://crimew.gay/sfr
Title: fedi

Search URL Search Domain Scan URL

URL: https://matrix.to/#/@sfr:enby.space
Title: matrix

Search URL Search Domain Scan URL

URL: https://sr.ht/~sfr
Title: sourcehut

Search URL Search Domain Scan URL

URL: https://soundcloud.com/enbyspace
Title: soundcloud

Search URL Search Domain Scan URL

URL: https://cronut.cafe/
Title: two

Search URL Search Domain Scan URL

URL: https://enby.space/
Title: whole

Search URL Search Domain Scan URL

URL: https://snowdin.town/
Title: snowdin dot town

Search URL Search Domain Scan URL

URL: https://devilmayquake.com/
Title: ULTRAKILL

Search URL Search Domain Scan URL

URL: https://celestegame.com/
Title: celeste

Search URL Search Domain Scan URL

URL: https://tuxcrafting.online/

Search URL Search Domain Scan URL

URL: https://koishii.online/

Search URL Search Domain Scan URL

URL: https://foxie.gay/

Search URL Search Domain Scan URL

URL: https://versary.town/

Search URL Search Domain Scan URL

URL: https://nixgoat.me/

Search URL Search Domain Scan URL

URL: https://oomfie.town/

Search URL Search Domain Scan URL

URL: https://cronut.cafe/~sfr
Title: cronut.cafe/~sfr

Search URL Search Domain Scan URL

URL: https://sfr.cronut.cafe/
Title: sfr.cronut.cafe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sfr.gay/ HTTP 301
https://sfr.gay/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sfr.gay/ Redirect Chain http://sfr.gay/ https://sfr.gay/	5 KB 5 KB	98ms 31ms	Document text/html	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `66d2db0e416f47f7d1283b013b349e38fbf4780a442beaad0769958230619c23` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers accept-ranges bytes content-length 4645 content-type text/html date Mon, 20 Nov 2023 11:58:56 GMT etag "652d1f8a-1225" last-modified Mon, 16 Oct 2023 11:33:30 GMT server nginx Redirect headers Connection keep-alive Content-Length 162 Content-Type text/html Date Mon, 20 Nov 2023 11:58:56 GMT Location https://sfr.gay/ Server nginx
GET H2	200	main.css sfr.gay/	820 B 940 B	32ms 31ms	Stylesheet text/css	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sfr.gay/main.css Requested by Host: sfr.gay URL: https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `9106bb984330eb17d505a4812c3c659e3b816b2ba9715d81b5996e76e6c46a0e` Request headers accept-language fi-FI,fi;q=0.9 Referer https://sfr.gay/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 11:58:56 GMT last-modified Tue, 21 Mar 2023 12:26:45 GMT server nginx accept-ranges bytes etag "6419a285-334" content-length 820 content-type text/css
GET H2	200	ralsei.gif cronut.cafe/~sfr/media/badges/	2 KB 2 KB	245ms 31ms	Image image/gif	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cronut.cafe/~sfr/media/badges/ralsei.gif Requested by Host: sfr.gay URL: https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `efbe480a7c9b3bd65ad9c3118465fef3bac9d1fbd35d291bafd1e6b14f045375` Request headers accept-language fi-FI,fi;q=0.9 Referer https://sfr.gay/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 11:58:56 GMT x-clacks-overhead GNU Terry Pratchett last-modified Sat, 19 Nov 2022 16:06:54 GMT server nginx etag "6378ff1e-742" onion-location http://cronutrw6krxbl73cljype7mkk6r7dmgu5ac5qxtg6ucszhziam4ysyd.onion/~sfr/media/badges/ralsei.gif content-type image/gif accept-ranges bytes content-length 1858
GET H2	200	chjara.gif cronut.cafe/~sfr/media/badges/	375 B 613 B	246ms 31ms	Image image/gif	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cronut.cafe/~sfr/media/badges/chjara.gif Requested by Host: sfr.gay URL: https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `0ec50ce45e2814246e6c9c477cca963a10947de6189aeb9a541432355671eab1` Request headers accept-language fi-FI,fi;q=0.9 Referer https://sfr.gay/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 11:58:56 GMT x-clacks-overhead GNU Terry Pratchett last-modified Sat, 19 Nov 2022 16:06:54 GMT server nginx etag "6378ff1e-177" onion-location http://cronutrw6krxbl73cljype7mkk6r7dmgu5ac5qxtg6ucszhziam4ysyd.onion/~sfr/media/badges/chjara.gif content-type image/gif accept-ranges bytes content-length 375
GET H2	200	lillie.png cronut.cafe/~sfr/media/badges/	5 KB 5 KB	243ms 30ms	Image image/png	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cronut.cafe/~sfr/media/badges/lillie.png Requested by Host: sfr.gay URL: https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `a0aebc7d64783b60daa36a5ec662333575b52cc9703bf3e445c6b4b0eb87f80f` Request headers accept-language fi-FI,fi;q=0.9 Referer https://sfr.gay/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 11:58:56 GMT x-clacks-overhead GNU Terry Pratchett last-modified Wed, 05 Apr 2023 16:49:45 GMT server nginx etag "642da6a9-12bc" onion-location http://cronutrw6krxbl73cljype7mkk6r7dmgu5ac5qxtg6ucszhziam4ysyd.onion/~sfr/media/badges/lillie.png content-type image/png accept-ranges bytes content-length 4796
GET H2	200	mae.png cronut.cafe/~sfr/media/badges/	3 KB 3 KB	274ms 61ms	Image image/png	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cronut.cafe/~sfr/media/badges/mae.png Requested by Host: sfr.gay URL: https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `40442f790d84c0c4fea93cce3e3209506c6023293d3f2f3d0a2a81e848cec2c3` Request headers accept-language fi-FI,fi;q=0.9 Referer https://sfr.gay/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 11:58:56 GMT x-clacks-overhead GNU Terry Pratchett last-modified Thu, 06 Apr 2023 16:48:57 GMT server nginx etag "642ef7f9-a6f" onion-location http://cronutrw6krxbl73cljype7mkk6r7dmgu5ac5qxtg6ucszhziam4ysyd.onion/~sfr/media/badges/mae.png content-type image/png accept-ranges bytes content-length 2671
GET H2	200	annie.png cronut.cafe/~sfr/media/badges/	8 KB 8 KB	274ms 62ms	Image image/png	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cronut.cafe/~sfr/media/badges/annie.png Requested by Host: sfr.gay URL: https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `5a409bd5a52696aeaf93c9584853db15a3524f90dc070133cefad0f510f4ebdb` Request headers accept-language fi-FI,fi;q=0.9 Referer https://sfr.gay/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 11:58:56 GMT x-clacks-overhead GNU Terry Pratchett last-modified Sun, 21 Nov 2021 19:18:34 GMT server nginx etag "619a9b8a-20b7" onion-location http://cronutrw6krxbl73cljype7mkk6r7dmgu5ac5qxtg6ucszhziam4ysyd.onion/~sfr/media/badges/annie.png content-type image/png accept-ranges bytes content-length 8375
GET H2	200	lux.png cronut.cafe/~sfr/media/badges/	4 KB 4 KB	303ms 91ms	Image image/png	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cronut.cafe/~sfr/media/badges/lux.png Requested by Host: sfr.gay URL: https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `d9947ea2730507c36a003f93a1d130307cad4ceab89b3c1e4c7ea97d277c0f59` Request headers accept-language fi-FI,fi;q=0.9 Referer https://sfr.gay/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 11:58:56 GMT x-clacks-overhead GNU Terry Pratchett last-modified Thu, 03 Aug 2023 06:03:56 GMT server nginx etag "64cb434c-e48" onion-location http://cronutrw6krxbl73cljype7mkk6r7dmgu5ac5qxtg6ucszhziam4ysyd.onion/~sfr/media/badges/lux.png content-type image/png accept-ranges bytes content-length 3656
GET H2	200	oomfie.gif cronut.cafe/~sfr/media/badges/	14 KB 14 KB	227ms 63ms	Image image/gif	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cronut.cafe/~sfr/media/badges/oomfie.gif Requested by Host: sfr.gay URL: https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `1f8195c53d5e29395adf1454cc730a105962c52b450f3e1cf7df471ab55365ec` Request headers accept-language fi-FI,fi;q=0.9 Referer https://sfr.gay/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 11:58:56 GMT x-clacks-overhead GNU Terry Pratchett last-modified Thu, 11 May 2023 19:36:25 GMT server nginx etag "645d43b9-37f6" onion-location http://cronutrw6krxbl73cljype7mkk6r7dmgu5ac5qxtg6ucszhziam4ysyd.onion/~sfr/media/badges/oomfie.gif content-type image/gif accept-ranges bytes content-length 14326
GET H2	200	oneko.js Show response sfr.gay/	4 KB 4 KB	342ms 342ms	Script application/javascript	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sfr.gay/oneko.js Requested by Host: sfr.gay URL: https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `28d7427fee12e007517ccf496602684eafd9e95a2dfac25eb77940cc2f1ad77b` Request headers accept-language fi-FI,fi;q=0.9 Referer https://sfr.gay/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 11:58:56 GMT last-modified Sun, 19 Mar 2023 18:34:35 GMT server nginx accept-ranges bytes etag "641755bb-10b5" content-length 4277 content-type application/javascript
GET H2	200	oneko.gif sfr.gay/media/	3 KB 3 KB	31ms 30ms	Image image/gif	65.109.99.164 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sfr.gay/media/oneko.gif Requested by Host: sfr.gay URL: https://sfr.gay/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.99.164 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cronut.cafe Software nginx / Resource Hash `f4c5688eb8ee6f22b08ab8df361222307dc6fe2d5bdcfa12582cea694707e66d` Request headers accept-language fi-FI,fi;q=0.9 Referer https://sfr.gay/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 11:58:56 GMT last-modified Fri, 24 Feb 2023 22:23:22 GMT server nginx accept-ranges bytes etag "63f938da-cf4" content-length 3316 content-type image/gif

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| onekoInterval

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cronut.cafe
sfr.gay
65.109.99.164
0ec50ce45e2814246e6c9c477cca963a10947de6189aeb9a541432355671eab1
1f8195c53d5e29395adf1454cc730a105962c52b450f3e1cf7df471ab55365ec
28d7427fee12e007517ccf496602684eafd9e95a2dfac25eb77940cc2f1ad77b
40442f790d84c0c4fea93cce3e3209506c6023293d3f2f3d0a2a81e848cec2c3
5a409bd5a52696aeaf93c9584853db15a3524f90dc070133cefad0f510f4ebdb
66d2db0e416f47f7d1283b013b349e38fbf4780a442beaad0769958230619c23
9106bb984330eb17d505a4812c3c659e3b816b2ba9715d81b5996e76e6c46a0e
a0aebc7d64783b60daa36a5ec662333575b52cc9703bf3e445c6b4b0eb87f80f
d9947ea2730507c36a003f93a1d130307cad4ceab89b3c1e4c7ea97d277c0f59
efbe480a7c9b3bd65ad9c3118465fef3bac9d1fbd35d291bafd1e6b14f045375
f4c5688eb8ee6f22b08ab8df361222307dc6fe2d5bdcfa12582cea694707e66d

sfr.gay Open in urlscan Pro 65.109.99.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

50 kBTransfer

48 kBSize

0 Cookies

17 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

sfr.gay Open in urlscan Pro
65.109.99.164 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

50 kB
Transfer

48 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions