gumtrees.com.yvdfywevdyvwe62f3d.com Open in urlscan Pro
162.0.232.165 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
Submission: On September 22 via automatic, source openphish (September 22nd 2020, 1:38:24 am UTC)

Summary HTTP 50 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 16 domains to perform 50 HTTP transactions. The main IP is 162.0.232.165, located in Canada and belongs to NAMECHEAP-NET, US. The main domain is gumtrees.com.yvdfywevdyvwe62f3d.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 28th 2020. Valid for: a year.

This is the only time gumtrees.com.yvdfywevdyvwe62f3d.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Gumtree (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
2	162.0.232.165 162.0.232.165	22612 (NAMECHEAP...) (NAMECHEAP-NET)
13	91.195.49.245 91.195.49.245	41552 (MARKTPLAA...) (MARKTPLAATS-AS)
2	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bc::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
1	52.216.250.102 52.216.250.102	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	104.108.68.187 104.108.68.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
1	2a00:1450:400... 2a00:1450:4001:821::200d	15169 (GOOGLE) (GOOGLE)
1	107.20.229.149 107.20.229.149	14618 (AMAZON-AES) (AMAZON-AES)
5	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	52.73.245.54 52.73.245.54	14618 (AMAZON-AES) (AMAZON-AES)
50	26

2 162.0.232.165 (Canada)

ASN22612 (NAMECHEAP-NET, US)
PTR: server288-5.web-hosting.com

gumtrees.com.yvdfywevdyvwe62f3d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 91.195.49.245 (Germany)

ASN41552 (MARKTPLAATS-AS, NL)

sa.gumtree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bc::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.250.102 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.68.187 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-68-187.deploy.static.akamaitechnologies.com

a2157890407.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

cl.qualaroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.229.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-229-149.compute-1.amazonaws.com

dnt.qualaroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.245.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-245-54.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	gumtree.com sa.gumtree.com	441 KB
8	google.com www.google.com apis.google.com accounts.google.com	125 KB
5	qualtrics.com zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com siteintercept.qualtrics.com	50 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	94 KB
3	optimizely.com cdn.optimizely.com a2157890407.cdn.optimizely.com logx.optimizely.com	88 KB
2	qualaroo.com cl.qualaroo.com dnt.qualaroo.com	47 KB
2	google.de www.google.de	644 B
2	facebook.net connect.facebook.net	63 KB
2	yvdfywevdyvwe62f3d.com gumtrees.com.yvdfywevdyvwe62f3d.com	7 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	facebook.com www.facebook.com
1	gstatic.com www.gstatic.com	133 KB
1	amazonaws.com s3.amazonaws.com	726 B
1	googletagmanager.com www.googletagmanager.com	72 KB
1	googletagservices.com www.googletagservices.com	17 KB
50	16

	Domain	Requested by
13	sa.gumtree.com	gumtrees.com.yvdfywevdyvwe62f3d.com sa.gumtree.com
4	siteintercept.qualtrics.com	zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com
4	apis.google.com	sa.gumtree.com apis.google.com
4	www.google-analytics.com	gumtrees.com.yvdfywevdyvwe62f3d.com www.google-analytics.com
3	www.google.com	gumtrees.com.yvdfywevdyvwe62f3d.com
2	www.google.de	gumtrees.com.yvdfywevdyvwe62f3d.com
2	connect.facebook.net	sa.gumtree.com connect.facebook.net
2	gumtrees.com.yvdfywevdyvwe62f3d.com	www.googletagmanager.com
1	logx.optimizely.com	cdn.optimizely.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.facebook.com	connect.facebook.net
1	zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com	gumtrees.com.yvdfywevdyvwe62f3d.com
1	dnt.qualaroo.com	cl.qualaroo.com
1	accounts.google.com	apis.google.com
1	cl.qualaroo.com	s3.amazonaws.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	a2157890407.cdn.optimizely.com	cdn.optimizely.com
1	www.gstatic.com	www.google.com
1	s3.amazonaws.com	gumtrees.com.yvdfywevdyvwe62f3d.com
1	www.googletagmanager.com	gumtrees.com.yvdfywevdyvwe62f3d.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	cdn.optimizely.com	gumtrees.com.yvdfywevdyvwe62f3d.com
1	www.googletagservices.com	gumtrees.com.yvdfywevdyvwe62f3d.com
50	24

This site contains links to these domains. Also see Links.

Domain
my.gumtree.com
www.gumtree.com
help.gumtree.com
blog.gumtree.com
www.gumtreeforbusiness.co.uk
itunes.apple.com
play.google.com
twitter.com
www.pinterest.com

Subject Issuer	Validity	Valid
gumtrees.com.yvdfywevdyvwe62f3d.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-28` - `2021-08-28`	a year	crt.sh
gumtree.com Sectigo RSA Organization Validation Secure Server CA	`2020-08-12` - `2021-08-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
cl.qualaroo.com Let's Encrypt Authority X3	`2020-08-28` - `2020-11-26`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.qualaroo.com Amazon	`2020-01-16` - `2021-02-16`	a year	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2018-10-08` - `2021-01-06`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
logx.optimizely.com Amazon	`2020-09-21` - `2021-10-21`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
Frame ID: 311B547523983C1A52FA717FD2FCA04B
Requests: 46 HTTP requests in this frame

Frame: https://a2157890407.cdn.optimizely.com/client_storage/a2157890407.html
Frame ID: 54967525DAD57347BB8E4D6754ADAE98
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&annotation=none&origin=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com&url=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com%2Faccuserlogcreateend.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 9184E51C650C85CC01216F6518A5C7CC
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 0D0D951CBAEF0961312CF6480236DE59
Requests: 1 HTTP requests in this frame

Frame: https://dnt.qualaroo.com/frame.html
Frame ID: DA8316E3B1F2BF6A25E5D034D098C306
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=1405348973096319&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aedcb3f4e9b78%26domain%3Dgumtrees.com.yvdfywevdyvwe62f3d.com%26origin%3Dhttps%253A%252F%252Fgumtrees.com.yvdfywevdyvwe62f3d.com%252Ff1ee7a82651cb94%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgumtree&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: F81D88772B62E4CC9FA18275B98A8CA1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

50
Requests

100 %
HTTPS

64 %
IPv6

16
Domains

24
Subdomains

26
IPs

7
Countries

1169 kB
Transfer

3428 kB
Size

7
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://my.gumtree.com/postad
Title: Post an ad

Search URL Search Domain Scan URL

URL: https://my.gumtree.com/manage/messages
Title: Messages 1

Search URL Search Domain Scan URL

URL: https://my.gumtree.com/login
Title: Login/Register

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/my-account/favourites
Title: Favourites

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/my-account/saved-searches
Title: My Alerts

Search URL Search Domain Scan URL

URL: https://my.gumtree.com/manage/ads
Title: Manage my Ads

Search URL Search Domain Scan URL

URL: https://my.gumtree.com/manage-account/
Title: My Details

Search URL Search Domain Scan URL

URL: https://my.gumtree.com/create-account
Title: Create Account

Search URL Search Domain Scan URL

URL: http://help.gumtree.com/knowledgeHome
Title: Help & Contact

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/cars-vans-motorbikes
Title: Motors

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/for-sale
Title: For Sale

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/flats-houses
Title: Property

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/business-services
Title: Services

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/community
Title: Community

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/pets
Title: Pets

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/termsofuse
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/privacy_policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://blog.gumtree.com/aboutus
Title: About Gumtree

Search URL Search Domain Scan URL

URL: http://www.gumtreeforbusiness.co.uk/
Title: Gumtree for Business

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/partners
Title: Our Partners

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: http://help.gumtree.com/articles/General_Information/Safety-Advice-Pages
Title: Stay Safe Online

Search URL Search Domain Scan URL

URL: http://help.gumtree.com/articles/General_Information/How-to-Post-an-Ad
Title: How to Sell

Search URL Search Domain Scan URL

URL: http://help.gumtree.com/articles/General_Information/Replying-to-Adverts-Safely
Title: How to Buy

Search URL Search Domain Scan URL

URL: http://help.gumtree.com/articles/General_Information/General-rules
Title: Posting Rules

Search URL Search Domain Scan URL

URL: http://help.gumtree.com/articles/General_Information/Features-General-Information
Title: Promote Your Ad

Search URL Search Domain Scan URL

URL: http://blog.gumtree.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/content/car-price-index
Title: Car Price Index

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/content/inside-track/
Title: Car Guides - The Inside Track

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/content/upcycling-hub/
Title: Upcycle Revolution

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/content/pet-education/
Title: Pet Rehoming Advice

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/popular-search
Title: Popular Searches

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/gb/app/gumtree/id487946174?mt=8
Title: iOS app

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.gumtree.android&hl=en_GB
Title: Android App

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/content/download-mobile-apps/
Title: More About Our Apps

Search URL Search Domain Scan URL

URL: https://twitter.com/gumtree

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/gumtreeuk/
Title: Pin It

Search URL Search Domain Scan URL

URL: https://www.gumtree.com/cookies
Title: Cookies Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request accuserlogcreateend.html Show response
gumtrees.com.yvdfywevdyvwe62f3d.com/ 25 KB
7 KB 537ms
180ms Document
text/html 162.0.232.165
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.165 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server288-5.web-hosting.com
Software: Apache /
Resource Hash: ac98fca7dd0c6b4936a9225c79b8f0c91ebc012ad2aae21761df0511bac590ef

Request headers

:method: GET
:authority: gumtrees.com.yvdfywevdyvwe62f3d.com
:scheme: https
:path: /accuserlogcreateend.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 22 Sep 2020 01:38:07 GMT
server: Apache
last-modified: Tue, 14 Nov 2017 00:45:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7182
content-type: text/html

GET
H/1.1 200
OK d237efbb17f6d8af898d38b4.seller.css
sa.gumtree.com/responsive/styles/responsive/styles/ 171 KB
30 KB 184ms
70ms Stylesheet
text/css 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

9bf1b7671b38bc0b1d26342b16e5d7739ee17ceaf17041ad45f5c2035e2a6e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 13:14:23 GMT
Server: nginx
ETag: W/"5a01b1af-2ab83"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=157680000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=157680000
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
17 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b2d4e3ed0e2eada205b277f6923e1868283496c8d83200eea33ee56a49e5017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "640 / 846 of 1000 / last-modified: 1600726579"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17732
x-xss-protection: 0
expires: Tue, 22 Sep 2020 01:38:07 GMT

GET
H/1.1 200
OK 988ec81679f105496e8be7cc.header.js Show response
sa.gumtree.com/responsive/javascript/responsive/ 34 KB
13 KB 185ms
65ms Script
application/javascript 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.gumtree.com/responsive/javascript/responsive/988ec81679f105496e8be7cc.header.js

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

30655d63fdf744bc01aa80fe74f420ac8ec7d467b927ae3a500741bfa4d49b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Dec 2017 11:09:52 GMT
Server: nginx
ETag: W/"5a325c00-888f"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=157680000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=157680000
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H2 200 2157890407.js Show response
cdn.optimizely.com/js/ 293 KB
87 KB 131ms
111ms Script
text/javascript 2a02:26f0:6c00:2bc::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/2157890407.js

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

873a681a7ecabac3fc6be30092e25736d8f55ad3472e2d58c5df388a7833e11b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: 0wxJMqm0aeEaGryVj.vgfTu_ijHpj5K5
content-encoding: gzip
etag: "9c46a0dfb3f49f0ba0ff1aac677a5c58"
x-amz-request-id: 958ED0C4AA0D373B
status: 200
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:2bc::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 88351
x-amz-id-2: O8THph8jPRUPBSfX9KRLUNGT6j5Rzol9k4+5SzrRbto3GsI3W/5h+EcGlLTKjwYCeIIhUsqPAKw=
last-modified: Thu, 21 Feb 2019 14:39:21 GMT
server: AmazonS3
date: Tue, 22 Sep 2020 01:38:08 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 2487
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 736 B
552 B 18ms
15ms Script
text/javascript 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22ea72198951b30d0a4c22603ff5962af0a4f7f09366cb04a9e3825016b6e126

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 464
x-xss-protection: 1; mode=block
expires: Tue, 22 Sep 2020 01:38:08 GMT

GET
H/1.1 200
OK d0558d91063038236b60e3ef.App_Store_Badge.svg
sa.gumtree.com/responsive/images/svg/ 12 KB
12 KB 192ms
63ms Image
image/svg+xml 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sa.gumtree.com/responsive/images/svg/d0558d91063038236b60e3ef.App_Store_Badge.svg

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Last-Modified: Thu, 17 Sep 2020 13:41:03 GMT
Server: nginx
ETag: "5f63676f-3041"
Strict-Transport-Security: max-age=157680000
Content-Type: image/svg+xml
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12353
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H/1.1 200
OK 2961d6a9fb7950bd9b994027.google-play-badge.svg
sa.gumtree.com/responsive/images/svg/ 9 KB
9 KB 213ms
85ms Image
image/svg+xml 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sa.gumtree.com/responsive/images/svg/2961d6a9fb7950bd9b994027.google-play-badge.svg

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

a0aa7e0275e1e0093e52dc6b098c69e5cf63273cb1efafcb0550e88539c14129

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Last-Modified: Thu, 17 Sep 2020 13:41:03 GMT
Server: nginx
ETag: "5f63676f-2388"
Strict-Transport-Security: max-age=157680000
Content-Type: image/svg+xml
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9096
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H/1.1 200
OK 1b5c08e47b1559e8de5dad21.vendor.js Show response
sa.gumtree.com/responsive/javascript/responsive/ 226 KB
72 KB 59ms
58ms Script
application/javascript 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.gumtree.com/responsive/javascript/responsive/1b5c08e47b1559e8de5dad21.vendor.js

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

0ea81474390786ce645b9e696b6329181661351c3becb59c0903a5a6d63f5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 13:14:22 GMT
Server: nginx
ETag: W/"5a01b1ae-388e4"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=157680000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=157680000
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H/1.1 200
OK 95c26308a11202c4f70b7099.gumtree.js Show response
sa.gumtree.com/responsive/javascript/responsive/ 720 KB
202 KB 54ms
54ms Script
application/javascript 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.gumtree.com/responsive/javascript/responsive/95c26308a11202c4f70b7099.gumtree.js

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

e1b92191308018a110d2b7564cde825bc00b3f79972dc710ab1c9e21bb74a873

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 13:14:22 GMT
Server: nginx
ETag: W/"5a01b1ae-b3e20"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=157680000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=157680000
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H2 200 pubads_impl_2020091601.js Show response
securepubads.g.doubleclick.net/gpt/ 263 KB
92 KB 35ms
33ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067503

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 08:40:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94378
x-xss-protection: 0
expires: Tue, 22 Sep 2020 01:38:08 GMT

GET
H/1.1 200
OK Castledown-Regular.woff2
sa.gumtree.com/responsive/font/castledown/ 40 KB
40 KB 147ms
59ms Font
application/font-woff2 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.gumtree.com/responsive/font/castledown/Castledown-Regular.woff2?v=16c0f5f624

Requested by

Host: sa.gumtree.com
URL: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

a980d6909b59c8a24ea6940ea9423e2afbaf43521625716b079ff3a74a604576

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Origin: https://gumtrees.com.yvdfywevdyvwe62f3d.com
Referer: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Last-Modified: Thu, 17 Sep 2020 13:41:02 GMT
Server: nginx
ETag: "5f63676e-9e3c"
Strict-Transport-Security: max-age=157680000
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40508
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H/1.1 200
OK Castledown-Bold.woff2
sa.gumtree.com/responsive/font/castledown/ 39 KB
40 KB 150ms
58ms Font
application/font-woff2 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.gumtree.com/responsive/font/castledown/Castledown-Bold.woff2?v=a90246d71c

Requested by

Host: sa.gumtree.com
URL: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

ef17b110cd0f1c10429144560ce8daa00482f7e8c2fa2959b6236881619b7862

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Origin: https://gumtrees.com.yvdfywevdyvwe62f3d.com
Referer: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Last-Modified: Thu, 17 Sep 2020 13:41:02 GMT
Server: nginx
ETag: "5f63676e-9dac"
Strict-Transport-Security: max-age=157680000
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40364
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
72 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-FF7Z

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a99e800aa78d96c6473c3c9be543ea696a360c244c4b778b201c2fad76372d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:08 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73763
x-xss-protection: 0
last-modified: Tue, 22 Sep 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Sep 2020 01:38:08 GMT

GET
H/1.1 200
OK gumtree_logo.svg
sa.gumtree.com/responsive/images/svg/ 2 KB
2 KB 103ms
35ms Image
image/svg+xml 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sa.gumtree.com/responsive/images/svg/gumtree_logo.svg?v=7520cf27b2

Requested by

Host: sa.gumtree.com
URL: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

c2af04f93ca8cc9a28419c6dc2297509ca3446efb6bc21cb623483f454468d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Last-Modified: Thu, 17 Sep 2020 13:41:03 GMT
Server: nginx
ETag: "5f63676f-60e"
Strict-Transport-Security: max-age=157680000
Content-Type: image/svg+xml
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1550
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H/1.1 200
OK gumtree_logo_text.svg
sa.gumtree.com/responsive/images/svg/ 5 KB
6 KB 149ms
82ms Image
image/svg+xml 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sa.gumtree.com/responsive/images/svg/gumtree_logo_text.svg?v=c975a8f45f

Requested by

Host: sa.gumtree.com
URL: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

ce48ccf69d2de8ab23244a9d5af16d03242447a1b40d527f4a80b0d2f2ea1ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Last-Modified: Thu, 17 Sep 2020 13:41:03 GMT
Server: nginx
ETag: "5f63676f-1561"
Strict-Transport-Security: max-age=157680000
Content-Type: image/svg+xml
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5473
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H/1.1 200
OK spinner.svg
sa.gumtree.com/responsive/images/svg/ 456 B
811 B 67ms
34ms Image
image/svg+xml 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sa.gumtree.com/responsive/images/svg/spinner.svg?v=8db41d6272

Requested by

Host: sa.gumtree.com
URL: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

e310673ef98d1a4a73ba6aeab6501f4808d101fce6f28fea2695f13ccc4c1041

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Last-Modified: Thu, 17 Sep 2020 13:41:03 GMT
Server: nginx
ETag: "5f63676f-1c8"
Strict-Transport-Security: max-age=157680000
Content-Type: image/svg+xml
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 456
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H/1.1 200
OK google-logo.svg
sa.gumtree.com/responsive/images/svg-sprite/ 2 KB
3 KB 109ms
52ms Image
image/svg+xml 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sa.gumtree.com/responsive/images/svg-sprite/google-logo.svg?v=29592560dd

Requested by

Host: sa.gumtree.com
URL: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

9a661d9c096b1a3606c96f43790d4f96840e8203e558d357c6daf2881c826e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Last-Modified: Thu, 17 Sep 2020 13:41:03 GMT
Server: nginx
ETag: "5f63676f-8f0"
Strict-Transport-Security: max-age=157680000
Content-Type: image/svg+xml
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2288
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H/1.1 200
OK gumtree.woff2
sa.gumtree.com/responsive/font/gumtree/ 11 KB
11 KB 130ms
54ms Font
application/font-woff2 91.195.49.245
MARKTPLAATS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.gumtree.com/responsive/font/gumtree/gumtree.woff2?v=50712fffbf

Requested by

Host: sa.gumtree.com
URL: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.195.49.245 , Germany, ASN41552 (MARKTPLAATS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

7083ea41a75dd59d10340bcc461449a9d99b29566f4d8cb6936bcad1c6515fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Origin: https://gumtrees.com.yvdfywevdyvwe62f3d.com
Referer: https://sa.gumtree.com/responsive/styles/responsive/styles/d237efbb17f6d8af898d38b4.seller.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:08 GMT
Last-Modified: Thu, 17 Sep 2020 13:41:02 GMT
Server: nginx
ETag: "5f63676e-2af4"
Strict-Transport-Security: max-age=157680000
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10996
Expires: Sun, 21 Sep 2025 01:38:08 GMT

GET
H/1.1 200
OK dly.js Show response
s3.amazonaws.com/ki.js/59519/ 377 B
726 B 481ms
127ms Script
application/ecmascript 52.216.250.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/ki.js/59519/dly.js
Requested by: Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.250.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 338cb1dadf286fdf3f9d0ae0844f8b92e2a1f8cc6f802ef590c481ce5567bc45

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 01:38:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Nov 2019 14:42:07 GMT
Server: AmazonS3
x-amz-request-id: A35DD2835BF83D77
ETag: "1e27da2fb96d38678cdfa0da14de9d16"
Content-Type: application/ecmascript
Cache-Control: s-maxage=3600, max-age=0
Accept-Ranges: bytes
Content-Length: 292
x-amz-id-2: beyIC2yOvnPDRNBNvuGnPUm+BliT4IZYNOp+FDffaEZJi6zJ1EW+Lj6OoJxu1tQaDVQxer9A5S8=

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6TWYOsKNtRFaLeFqv5xN42-l/ 338 KB
133 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6TWYOsKNtRFaLeFqv5xN42-l/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1eed7eeb3d66a6c76d2567bc3a6ef502be67a866f965e42296b87cc85dda3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2259
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135875
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 04:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Sep 2021 01:00:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1348
date: Tue, 22 Sep 2020 01:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 22 Sep 2020 03:15:40 GMT

GET
H2 404 c3650cdf-216a-4ba2-80b0-9d6c540b105e58d2670b-ea0f-484e-b88c-0e2c1499ec9bd71e4b42-8570-44e3-89b6-845326fa43b6
gumtrees.com.yvdfywevdyvwe62f3d.com/ 0
0 179ms
178ms Script
text/html 162.0.232.165
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/c3650cdf-216a-4ba2-80b0-9d6c540b105e58d2670b-ea0f-484e-b88c-0e2c1499ec9bd71e4b42-8570-44e3-89b6-845326fa43b6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-FF7Z
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.165 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server288-5.web-hosting.com
Software: Apache /
Resource Hash

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
date: Tue, 22 Sep 2020 01:38:08 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H2 200 client:platform.js Show response
apis.google.com/js/ 49 KB
20 KB 49ms
30ms Script
application/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client:platform.js

Requested by

Host: sa.gumtree.com
URL: https://sa.gumtree.com/responsive/javascript/responsive/95c26308a11202c4f70b7099.gumtree.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5f7fd68350c268e830880d248ac21dd4ad9e17f06e61ef61866a62770e44e49

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r2aai/7O/GXjgCHATFmEuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "6429d6e04804c69057472bf83b9d6229"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-r2aai/7O/GXjgCHATFmEuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 22 Sep 2020 01:38:08 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: sa.gumtree.com
URL: https://sa.gumtree.com/responsive/javascript/responsive/95c26308a11202c4f70b7099.gumtree.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c20a986c522cc1e1d8ed1dce378bf6fdaa73d57cb5b76b9c38fa4ef0ee33e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FRZBgFWi8ILyeCVji+kBuA==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
etag: "716aec9796f98c92366765ad75146292"
x-fb-debug: MHpOPxFW+GpyCLBDrDECN72CXd1UZMau4/7CJb4o8/LX+sjbWj7/POuSIkH3bJauN6vQ/FPekn6jlp8jHinQUA==
x-fb-trip-id: 1781455057
x-fb-content-md5: 77f2e0cac4cb835c24026039c047a4e1
x-frame-options: DENY
date: Tue, 22 Sep 2020 01:38:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 22 Sep 2020 01:47:44 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 920
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 22 Sep 2020 02:22:48 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 a2157890407.html
a2157890407.cdn.optimizely.com/client_storage/ Frame 5496 0
0 253ms
166ms Document
text/html 104.108.68.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a2157890407.cdn.optimizely.com/client_storage/a2157890407.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/2157890407.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.68.187 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-68-187.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a2157890407.cdn.optimizely.com
:scheme: https
:path: /client_storage/a2157890407.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Response headers

status: 200
x-amz-id-2: jSbKMp7jjKz1uOkFEtnybNIQJR3JCOB5PIDRZQTnPC48yYBf5nbcjmAFlr4uJ4NybC+bSGQCGgA=
x-amz-request-id: 2E3DDFC8B6C230DE
x-amz-replication-status: COMPLETED
last-modified: Thu, 21 Feb 2019 14:39:06 GMT
etag: "56699472c406fc9b1995f5b98a11d95d"
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: bEMWwLuaBKYgcW0MGG7nzoYlZT8gPSKc
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 696
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
date: Tue, 22 Sep 2020 01:38:08 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="21";dur=0,cdnip;desc="104.108.68.187";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 201 KB
61 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3c08b7b507d8a3068111633eaf49cb82&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fdb3139b8158033da279cd76b26501f3edc30af6ebbe9738d13792474c36f388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://gumtrees.com.yvdfywevdyvwe62f3d.com
Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: n5VqXZFFrwdIVMRiVc01zA==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 62346
etag: "371c7a02200b2037641a1cd92dbc3868"
x-fb-debug: vXxaLIL6vBvVsmk2Ht5TmCiCUXf7mnShwJ/n4JwVaXURRD4dpixfLkJ3Tt6ZlviNCc/LJVgITkvFhzV5E1qSHQ==
x-fb-trip-id: 1781455057
x-fb-content-md5: f01059709bf909f8cf10498e68925836
x-frame-options: DENY
date: Tue, 22 Sep 2020 01:38:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 22 Sep 2021 00:48:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
102 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-22612908-21&cid=228000357.1600738689&jid=973754363&gjid=100924595&_gid=1313908317.1600738689&_u=aGBAgAIhAAAAAE~&z=263640679

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Sep 2020 01:38:08 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://gumtrees.com.yvdfywevdyvwe62f3d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
61 B 6ms
6ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&aip=1&a=836942820&t=pageview&_s=1&dl=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com%2Faccuserlogcreateend.html&ul=en-us&de=UTF-8&dt=Login%20%7C%20My%20Gumtree%20-%20Gumtree&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAIh~&jid=973754363&gjid=100924595&cid=228000357.1600738689&tid=UA-22612908-21&_gid=1313908317.1600738689&cg1=Login&cd1=Login&cd2=1&cd10=1&cd12=10000392&cd14=bushfire-desktop-seller&cd23=0&cd25=HOMEPAGE_LOCATION-NONE%3BDFP_IN_SLOT12-NONE%3BAD_FREE-NONE%3BSEND_ALL_BIDS-NONE%3BAPP_BANNER_UPDATE-NONE%3BSEARCH_ALERTS_ADDITIONAL_CTA-NONE%3BDISPLAY_A_INSTEAD_OF_B-V2%3BA_4TH_AD-NONE%3BMADGEX_ROLLOUT-NONE%3BNUMBER_CONVERSATIONS_UNREAD-NONE%3BAFSH_CAROUSEL-NONE%3BSEARCH_TO_PREBID-NONE%3BRECENT_SEARCHES_TYPEAHEAD-NONE%3BHEADER_BIDDING_S2S-NONE&cd28=HOMEPAGE_LOCATION-NONE%3BDFP_IN_SLOT12-NONE%3BAD_FREE-NONE%3BSEND_ALL_BIDS-NONE%3BAPP_BANNER_UPDATE-NONE%3BSEARCH_ALERTS_ADDITIONAL_CTA-NONE%3BDISPLAY_A_INSTEAD_OF_B-V2%3BA_4TH_AD-NONE%3BMADGEX_ROLLOUT-NONE%3BNUMBER_CONVERSATIONS_UNREAD-NONE%3BAFSH_CAROUSEL-NONE%3BSEARCH_TO_PREBID-NONE%3BRECENT_SEARCHES_TYPEAHEAD-NONE%3BHEADER_BIDDING_S2S-NONE&cd69=063c2b73-f48a-4c57-b660-9830689102b3&cd120=0&cd50=(NULL)&z=1700707074

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 01:26:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 717
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 7ms
6ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&aip=1&a=836942820&t=event&ni=0&_s=2&dl=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com%2Faccuserlogcreateend.html&ul=en-us&de=UTF-8&dt=Login%20%7C%20My%20Gumtree%20-%20Gumtree&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Login&ea=loginBeginEvent&el=undefined&_u=aGBAgAIhAAAAAE~&jid=&gjid=&cid=228000357.1600738689&tid=UA-22612908-21&_gid=1313908317.1600738689&cg1=Login&cd1=Login&cd2=1&cd10=1&cd12=10000392&cd14=bushfire-desktop-seller&cd23=0&cd25=HOMEPAGE_LOCATION-NONE%3BDFP_IN_SLOT12-NONE%3BAD_FREE-NONE%3BSEND_ALL_BIDS-NONE%3BAPP_BANNER_UPDATE-NONE%3BSEARCH_ALERTS_ADDITIONAL_CTA-NONE%3BDISPLAY_A_INSTEAD_OF_B-V2%3BA_4TH_AD-NONE%3BMADGEX_ROLLOUT-NONE%3BNUMBER_CONVERSATIONS_UNREAD-NONE%3BAFSH_CAROUSEL-NONE%3BSEARCH_TO_PREBID-NONE%3BRECENT_SEARCHES_TYPEAHEAD-NONE%3BHEADER_BIDDING_S2S-NONE&cd28=HOMEPAGE_LOCATION-NONE%3BDFP_IN_SLOT12-NONE%3BAD_FREE-NONE%3BSEND_ALL_BIDS-NONE%3BAPP_BANNER_UPDATE-NONE%3BSEARCH_ALERTS_ADDITIONAL_CTA-NONE%3BDISPLAY_A_INSTEAD_OF_B-V2%3BA_4TH_AD-NONE%3BMADGEX_ROLLOUT-NONE%3BNUMBER_CONVERSATIONS_UNREAD-NONE%3BAFSH_CAROUSEL-NONE%3BSEARCH_TO_PREBID-NONE%3BRECENT_SEARCHES_TYPEAHEAD-NONE%3BHEADER_BIDDING_S2S-NONE&cd69=063c2b73-f48a-4c57-b660-9830689102b3&cd120=0&z=776181672

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 01:26:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 717
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 304 KB
104 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8527f61d986456987e5ed68348b68061b7523bb02452355768b2748d5266ee7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 10:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 54252
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106154
x-xss-protection: 0
expires: Tue, 21 Sep 2021 10:33:56 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 71 B
154 B 29ms
17ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 14:05:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 41545
vary: Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
expires: Tue, 21 Sep 2021 14:05:43 GMT

GET
H3-Q050 404 fastbutton
apis.google.com/se/0/_/+1/ Frame 9184 0
0 35ms
34ms Document
text/html 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&annotation=none&origin=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com&url=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com%2Faccuserlogcreateend.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/ZskFj0FoA0wdfFvH70fnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=tall&annotation=none&origin=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com&url=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com%2Faccuserlogcreateend.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=CkmrNBaCYuKOCi420e-q114nw06JEJxioD2ji6b5tdAgaMezogm1PINA22ljrIRjx91Aun9VgiNU3dHMxYSeRAQSolRhB91S7QYaqkLkBYOwDsVZr24ZAIzXXcTELYSLlWzaxuZgQk57jiaVGOu7dBAADhctssOIAhZO-UGW8eU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Sep 2020 01:38:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-/ZskFj0FoA0wdfFvH70fnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
491 B 43ms
28ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-22612908-21&cid=228000357.1600738689&jid=973754363&_u=aGBAgAIhAAAAAE~&z=380119102

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 01:38:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 19ms
18ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-22612908-21&cid=228000357.1600738689&jid=973754363&_u=aGBAgAIhAAAAAE~&z=380119102

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 01:38:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dlyqoo.js Show response
cl.qualaroo.com/ki.js/59519/ 143 KB
47 KB 440ms
409ms Script
application/ecmascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.qualaroo.com/ki.js/59519/dlyqoo.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/ki.js/59519/dly.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 109069d10b6d07d7af4d9faebcbea4cbb7373b20fb4dd05811610ba9016d6301

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:09 GMT
content-encoding: gzip
cdn-edgestorageid: 481
x-amz-request-id: 414A5DC3E94C30D5
status: 200
cdn-cachedat: 2020-09-21 14:07:07
cdn-pullzone: 92714
content-length: 47695
x-amz-id-2: f+QWmFR6NU654nOqvPNTdedndCqI0tOFlBSruGppdoNzdD+aAYVdEg0q57byJSsg4xySL94BfeU=
last-modified: Mon, 25 Nov 2019 14:42:07 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding, Accept-Encoding
content-type: application/ecmascript
cdn-cache: REVALIDATED
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
cache-control: s-maxage=3600, max-age=0
cdn-requestid: 2b1a1ad98e4a5d246c2409013047857e
accept-ranges: bytes
cdn-requestcountrycode: DE

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 0D0D 0
0 71ms
52ms Document
text/html 2a00:1450:4001:821::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qXGm1IdsFtB5t5DZb+7j6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=CkmrNBaCYuKOCi420e-q114nw06JEJxioD2ji6b5tdAgaMezogm1PINA22ljrIRjx91Aun9VgiNU3dHMxYSeRAQSolRhB91S7QYaqkLkBYOwDsVZr24ZAIzXXcTELYSLlWzaxuZgQk57jiaVGOu7dBAADhctssOIAhZO-UGW8eU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Sep 2020 01:38:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-qXGm1IdsFtB5t5DZb+7j6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK frame.html
dnt.qualaroo.com/ Frame DA83 0
0 499ms
121ms Document
text/html 107.20.229.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dnt.qualaroo.com/frame.html
Requested by: Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/59519/dlyqoo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.229.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-229-149.compute-1.amazonaws.com
Software: nginx/1.8.0 /
Resource Hash

Request headers

Host: dnt.qualaroo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Response headers

Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 22 Sep 2020 01:38:09 GMT
Expires: Thu, 22 Oct 2020 01:38:09 GMT
Server: nginx/1.8.0
Content-Length: 242
Connection: keep-alive

GET
H2 200 / Show response
zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com/SIE/ 52 KB
16 KB 74ms
32ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3W2wPXtGAwjuohT

Requested by

Host: gumtrees.com.yvdfywevdyvwe62f3d.com
URL: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5f55f33a504946b40e3552f12f51787261bc6042e8f746db01d749f6e23ccbc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 427168
cf-polished: origSize=54177
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05550f19060000cc3eee289200000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"d3a1-ZA+89G+qVVKCcniL8/0WG1PMPWY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 5d684e080deacc3e-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 like.php
www.facebook.com/v2.5/plugins/ Frame F81D 0
0 64ms
64ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=1405348973096319&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aedcb3f4e9b78%26domain%3Dgumtrees.com.yvdfywevdyvwe62f3d.com%26origin%3Dhttps%253A%252F%252Fgumtrees.com.yvdfywevdyvwe62f3d.com%252Ff1ee7a82651cb94%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgumtree&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3c08b7b507d8a3068111633eaf49cb82&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.5/plugins/like.php?action=like&app_id=1405348973096319&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aedcb3f4e9b78%26domain%3Dgumtrees.com.yvdfywevdyvwe62f3d.com%26origin%3Dhttps%253A%252F%252Fgumtrees.com.yvdfywevdyvwe62f3d.com%252Ff1ee7a82651cb94%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgumtree&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.1
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: xBHJiFP1XmlbaAED/v3jUQoB6BH0s6qqWgcvx99d8pS/p9rn5sAE3PWPGUT9aAodCNTjkHsquM1gWfkcE0FXmw==
date: Tue, 22 Sep 2020 01:38:09 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 91ms
34ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-FF7Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

2d25f06ba5a1e228262948c457155e24a1d91bfb5dad460bd1dcfe2106011f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11315
x-xss-protection: 0
server: cafe
etag: 17904044164015545428
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Sep 2020 01:38:09 GMT

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 406ms
404ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_3W2wPXtGAwjuohT&Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Host: zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com
URL: https://zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3W2wPXtGAwjuohT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa1468b60fa55a043bec805e92a2a58b01b01af2dab62d9f0b239ec85c00c821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Sep 2020 01:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://gumtrees.com.yvdfywevdyvwe62f3d.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 5d684e086e08cc3e-ZRH
vary: Accept-Encoding
cf-request-id: 05550f193d0000cc3eee28a200000001

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004041890/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004041890/?random=1600738689351&cv=9&fst=1600738689351&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg990&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com%2Faccuserlogcreateend.html&tiba=Login%20%7C%20My%20Gumtree%20-%20Gumtree&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75f9920daab879f51955ede3817608d89eb3863a37248d1b1fdea694ce3c06db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 01:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1032
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1004041890/ 42 B
134 B 30ms
29ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004041890/?random=1600738689351&cv=9&fst=1600736400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg990&sendb=1&frm=0&url=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com%2Faccuserlogcreateend.html&tiba=Login%20%7C%20My%20Gumtree%20-%20Gumtree&async=1&fmt=3&is_vtc=1&random=1605268900&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 01:38:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1004041890/ 42 B
538 B 41ms
27ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1004041890/?random=1600738689351&cv=9&fst=1600736400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg990&sendb=1&frm=0&url=https%3A%2F%2Fgumtrees.com.yvdfywevdyvwe62f3d.com%2Faccuserlogcreateend.html&tiba=Login%20%7C%20My%20Gumtree%20-%20Gumtree&async=1&fmt=3&is_vtc=1&random=1605268900&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 01:38:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
380 B 477ms
118ms XHR
text/plain 52.73.245.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/2157890407.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.245.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-245-54.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 22 Sep 2020 01:38:10 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://gumtrees.com.yvdfywevdyvwe62f3d.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 2e2e0bbd-3411-4ed3-9e6b-d64177fb79a3

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 87 KB
26 KB 31ms
30ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Host: zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com
URL: https://zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3W2wPXtGAwjuohT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8e1420905c2d289c2a5af4e6dc9ddb1d6c9738a4263de9284c29b8390197426d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 430898
cf-polished: origSize=90342
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05550f1ad60000cc3eee290200000001
last-modified: Wed, 09 Sep 2020 21:53:37 GMT
server: cloudflare
x-powered-by: Express
etag: W/"160e6-17474dc1ee8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 5d684e0afec9cc3e-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 12.8f8692fd03c1726f0227.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
877 B 32ms
31ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.8f8692fd03c1726f0227.chunk.js?Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Host: zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com
URL: https://zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3W2wPXtGAwjuohT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2ef4312f429cbda7c6d1b1a298427f8ed412f9fac0f287d653d744fdf6a4ce77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 430898
cf-polished: origSize=2639
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05550f1b060000cc3eee291200000001
last-modified: Wed, 09 Sep 2020 21:53:37 GMT
server: cloudflare
x-powered-by: Express
etag: W/"a4f-17474dc1ee8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 5d684e0b3ee5cc3e-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 1.baf51cf6b4810d5e1387.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 25 KB
6 KB 33ms
32ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.baf51cf6b4810d5e1387.chunk.js?Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Host: zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com
URL: https://zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3W2wPXtGAwjuohT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a54eb5f8c1844210445373575f93c1505f85b0f52d504acc14fcd0e1afe49ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumtrees.com.yvdfywevdyvwe62f3d.com/accuserlogcreateend.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 430898
cf-polished: origSize=26961
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05550f1b060000cc3eee292200000001
last-modified: Wed, 09 Sep 2020 21:53:37 GMT
server: cloudflare
x-powered-by: Express
etag: W/"6951-17474dc1ee8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 5d684e0b3ee6cc3e-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Gumtree (E-commerce)

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gumtrees.com.yvdfywevdyvwe62f3d.com/	1970-01-21 08:28:25	Name: ki_r Value:
.yvdfywevdyvwe62f3d.com/	1970-01-19 16:58:10	Name: optimizelyEndUserId Value: oeu1600738688669r0.34156913331355954
gumtrees.com.yvdfywevdyvwe62f3d.com/	1970-01-21 08:28:25	Name: ki_t Value: 1600738689227%3B1600738689227%3B1600738689227%3B1%3B1
.gumtrees.com.yvdfywevdyvwe62f3d.com/	1970-01-19 12:38:58	Name: _gat Value: 1
.google.com/	1970-01-19 17:02:29	Name: NID Value: 204=CkmrNBaCYuKOCi420e-q114nw06JEJxioD2ji6b5tdAgaMezogm1PINA22ljrIRjx91Aun9VgiNU3dHMxYSeRAQSolRhB91S7QYaqkLkBYOwDsVZr24ZAIzXXcTELYSLlWzaxuZgQk57jiaVGOu7dBAADhctssOIAhZO-UGW8eU
.gumtrees.com.yvdfywevdyvwe62f3d.com/	1970-01-19 12:40:25	Name: _gid Value: GA1.4.1313908317.1600738689
.gumtrees.com.yvdfywevdyvwe62f3d.com/	1970-01-20 06:10:10	Name: _ga Value: GA1.4.228000357.1600738689

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2157890407.cdn.optimizely.com
accounts.google.com
apis.google.com
cdn.optimizely.com
cl.qualaroo.com
connect.facebook.net
dnt.qualaroo.com
googleads.g.doubleclick.net
gumtrees.com.yvdfywevdyvwe62f3d.com
logx.optimizely.com
s3.amazonaws.com
sa.gumtree.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
zn3w2wpxtgawjuoht-ebayclassifieds.siteintercept.qualtrics.com
104.108.68.187
104.17.209.240
107.20.229.149
162.0.232.165
172.217.23.130
172.217.23.162
2a00:1450:4001:800::2003
2a00:1450:4001:818::2003
2a00:1450:4001:819::2003
2a00:1450:4001:819::2004
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:820::200e
2a00:1450:4001:821::200d
2a00:1450:4001:821::200e
2a00:1450:4001:824::2002
2a00:1450:4001:824::2004
2a00:1450:400c:c07::9c
2a00:f48:2000:1023::3
2a02:26f0:6c00:2bc::13b8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.216.250.102
52.73.245.54
91.195.49.245
0ea81474390786ce645b9e696b6329181661351c3becb59c0903a5a6d63f5e9f
109069d10b6d07d7af4d9faebcbea4cbb7373b20fb4dd05811610ba9016d6301
22ea72198951b30d0a4c22603ff5962af0a4f7f09366cb04a9e3825016b6e126
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
2d25f06ba5a1e228262948c457155e24a1d91bfb5dad460bd1dcfe2106011f20
2ef4312f429cbda7c6d1b1a298427f8ed412f9fac0f287d653d744fdf6a4ce77
30655d63fdf744bc01aa80fe74f420ac8ec7d467b927ae3a500741bfa4d49b73
338cb1dadf286fdf3f9d0ae0844f8b92e2a1f8cc6f802ef590c481ce5567bc45
3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070
586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab
5f55f33a504946b40e3552f12f51787261bc6042e8f746db01d749f6e23ccbc9
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6c20a986c522cc1e1d8ed1dce378bf6fdaa73d57cb5b76b9c38fa4ef0ee33e60
7083ea41a75dd59d10340bcc461449a9d99b29566f4d8cb6936bcad1c6515fa9
75f9920daab879f51955ede3817608d89eb3863a37248d1b1fdea694ce3c06db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8527f61d986456987e5ed68348b68061b7523bb02452355768b2748d5266ee7b
873a681a7ecabac3fc6be30092e25736d8f55ad3472e2d58c5df388a7833e11b
8b2d4e3ed0e2eada205b277f6923e1868283496c8d83200eea33ee56a49e5017
8e1420905c2d289c2a5af4e6dc9ddb1d6c9738a4263de9284c29b8390197426d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9a661d9c096b1a3606c96f43790d4f96840e8203e558d357c6daf2881c826e10
9bf1b7671b38bc0b1d26342b16e5d7739ee17ceaf17041ad45f5c2035e2a6e76
a0aa7e0275e1e0093e52dc6b098c69e5cf63273cb1efafcb0550e88539c14129
a54eb5f8c1844210445373575f93c1505f85b0f52d504acc14fcd0e1afe49ffe
a980d6909b59c8a24ea6940ea9423e2afbaf43521625716b079ff3a74a604576
a99e800aa78d96c6473c3c9be543ea696a360c244c4b778b201c2fad76372d2f
aa1468b60fa55a043bec805e92a2a58b01b01af2dab62d9f0b239ec85c00c821
ac98fca7dd0c6b4936a9225c79b8f0c91ebc012ad2aae21761df0511bac590ef
c2af04f93ca8cc9a28419c6dc2297509ca3446efb6bc21cb623483f454468d8e
ce48ccf69d2de8ab23244a9d5af16d03242447a1b40d527f4a80b0d2f2ea1ade
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d5f7fd68350c268e830880d248ac21dd4ad9e17f06e61ef61866a62770e44e49
e1b92191308018a110d2b7564cde825bc00b3f79972dc710ab1c9e21bb74a873
e1eed7eeb3d66a6c76d2567bc3a6ef502be67a866f965e42296b87cc85dda3d3
e310673ef98d1a4a73ba6aeab6501f4808d101fce6f28fea2695f13ccc4c1041
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef17b110cd0f1c10429144560ce8daa00482f7e8c2fa2959b6236881619b7862
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdb3139b8158033da279cd76b26501f3edc30af6ebbe9738d13792474c36f388

gumtrees.com.yvdfywevdyvwe62f3d.com Open in urlscan Pro 162.0.232.165 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

64 %IPv6

16 Domains

24 Subdomains

26 IPs

7 Countries

1169 kBTransfer

3428 kBSize

7 Cookies

40 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gumtrees.com.yvdfywevdyvwe62f3d.com Open in urlscan Pro
162.0.232.165 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

64 %
IPv6

16
Domains

24
Subdomains

26
IPs

7
Countries

1169 kB
Transfer

3428 kB
Size

7
Cookies

50 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!