gumtree.au3ds.shop Open in urlscan Pro
104.21.57.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gumtree.au3ds.shop/218754617
Submission: On January 31 via manual (January 31st 2023, 11:12:52 pm UTC) from AU — Scanned from AU

Summary HTTP 16 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 104.21.57.109, located in and belongs to CLOUDFLARENET, US. The main domain is gumtree.au3ds.shop.
TLS certificate: Issued by GTS CA 1P5 on January 30th 2023. Valid for: 3 months.

This is the only time gumtree.au3ds.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	104.21.57.109 104.21.57.109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.135.155 34.107.135.155	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.21.234.246 104.21.234.246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.225.160.17 91.225.160.17	56400 (ASSPDCHER...) (ASSPDCHERNEGA ---DataIX---)
16	5

12 104.21.57.109 (None, )

ASN13335 (CLOUDFLARENET, US)

gumtree.au3ds.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.135.155 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 155.135.107.34.bc.googleusercontent.com

static.gumtree.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.246 (None, )

ASN13335 (CLOUDFLARENET, US)

tlgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.225.160.17 (Odesa, Ukraine)

ASN56400 (ASSPDCHERNEGA ---DataIX---, UA)

flycom.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	au3ds.shop gumtree.au3ds.shop	92 KB
1	flycom.net.ua flycom.net.ua	155 KB
1	tlgur.com tlgur.com	17 KB
1	gumtree.com.au static.gumtree.com.au — Cisco Umbrella Rank: 492075	44 KB
0	Failed function sub() { [native code] }. Failed
16	5

	Domain	Requested by
12	gumtree.au3ds.shop	gumtree.au3ds.shop
1	flycom.net.ua	gumtree.au3ds.shop
1	tlgur.com	gumtree.au3ds.shop
1	static.gumtree.com.au	gumtree.au3ds.shop
0	mbckjcfnjmoiinpgddefodcighgikkgn Failed	gumtree.au3ds.shop
16	5

This site contains links to these domains. Also see Links.

Domain
blog.gumtree.com.au
www.gumtree.com.au
help.gumtree.com.au
gumtree-info-au.gonetfunds.store

Subject Issuer	Validity	Valid
*.au3ds.shop GTS CA 1P5	`2023-01-30` - `2023-04-30`	3 months	crt.sh
www.gumtree.com.au DigiCert TLS RSA SHA256 2020 CA1	`2022-09-07` - `2023-10-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
flycom.net.ua R3	`2022-12-10` - `2023-03-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://gumtree.au3ds.shop/218754617
Frame ID: F424862231DD177B1390E72D9E819FFA
Requests: 10 HTTP requests in this frame

Frame: https://gumtree.au3ds.shop/supportChatFrame/218754617
Frame ID: 85A86E005B3510767C7A76E19FB5237D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Receiving funds Cross trainer machine spirit fitness used | Gumtree Australia | 11523324

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

307 kB
Transfer

847 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.gumtree.com.au/important-covid-19-update/
Title: COVID-19 Safety Precautions

Search URL Search Domain Scan URL

URL: https://www.gumtree.com.au/

Search URL Search Domain Scan URL

URL: https://www.gumtree.com.au/m-messages.html

Search URL Search Domain Scan URL

URL: https://help.gumtree.com.au/?ab=90&_gl=1*1sfkcp0*_ga*MTgzNzY4NjMwNi4xNjY4OTMzMDQ0*_ga_TC0NXL1S6B*MTY2ODk0MDQwMi4zLjEuMTY2ODk0MDQxNi4wLjAuMA..

Search URL Search Domain Scan URL

URL: https://gumtree-info-au.gonetfunds.store/s-seller/Gumtree/1028016421/date/1
Title: Rohota Maria Highly Rated

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 218754617 Show response gumtree.au3ds.shop/	193 KB 8 KB	866ms 674ms	Document text/html	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gumtree.au3ds.shop/218754617 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `db4b22cd6c381d8eb9937b037f040f274b82731f0546a5768ed1d43691a8acea` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7926224c8c8d29a2-MEL content-encoding br content-type text/html; charset=utf-8 date Tue, 31 Jan 2023 23:12:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rVPyIfgJMnu%2Bthr2WUum1PRf9tqkDoIVrLSktK4nyGmQuC4bqssAJtHTYopSY9464jtZ9I0GtLVpqlfaai4VfONPI01yb5PHQGqgeqxyJqCLF2iZvysOTowGXwOv8A7LU3Z3bo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by Express
GET H2	200	support_parent.css gumtree.au3ds.shop/css/	3 KB 1 KB	637ms 635ms	Stylesheet text/css	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gumtree.au3ds.shop/css/support_parent.css Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/218754617 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `0bf065d787636a2aa2c7b57dfafa6aa243b990258cded6700a601ddc2da153e8` Request headers accept-language en-AU,en;q=0.9 Referer https://gumtree.au3ds.shop/218754617 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 23:12:46 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 03 Nov 2022 02:26:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"d96-1843b4fb7d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhRw9g69DF%2BEl3QIoYn9MxV0%2BcBnZb8lUAV4EhaCB3QH9CV%2BJtvlH3weDZBTEyiWKsf67sV%2FzkK6dNVGV%2Bx88o6NmjrUSia3NFy9NUzCklSxvrEDuaP3VRFxDA00dnxSyBVhiAQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 79262250ca0129a2-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	app.full.a099bd683129137cef67.css gumtree.au3ds.shop/Receiving%20funds%20%D0%A8%D0%B0%D0%BB%D0%B0%D1%88%D0%B0%20_%20Gumtree%20Australia%20_%2011523324_files/	159 KB 26 KB	920ms 919ms	Stylesheet text/css	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gumtree.au3ds.shop/Receiving%20funds%20%D0%A8%D0%B0%D0%BB%D0%B0%D1%88%D0%B0%20_%20Gumtree%20Australia%20_%2011523324_files/app.full.a099bd683129137cef67.css Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/218754617 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `bdf6b9bf76a3e384f4b420f6629e2b0f35f1e2410c2e9784b1e394ea6dd6ed22` Request headers accept-language en-AU,en;q=0.9 Referer https://gumtree.au3ds.shop/218754617 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 23:12:47 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 27 Jan 2023 18:07:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"27da5-185f46993f0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUGhSv5U%2F7inN8dsDrVHF%2BpX7Cm9Bv8tLCe5ZX9JaVHSFCGu%2BImUk1C7a%2FFDi6k40mOBUYCqVVV2k6TmCrkKbD8mWc%2BKh2LUwvFE%2FEo2llkPWhBxhiD75jBDUzh%2BszxjZOToO%2BI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 79262250ca0229a2-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	vip.full.e0372ba95b01a135ad86.css gumtree.au3ds.shop/Receiving%20funds%20%D0%A8%D0%B0%D0%BB%D0%B0%D1%88%D0%B0%20_%20Gumtree%20Australia%20_%2011523324_files/	137 KB 22 KB	903ms 902ms	Stylesheet text/css	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gumtree.au3ds.shop/Receiving%20funds%20%D0%A8%D0%B0%D0%BB%D0%B0%D1%88%D0%B0%20_%20Gumtree%20Australia%20_%2011523324_files/vip.full.e0372ba95b01a135ad86.css Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/218754617 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `c96ee259cebdc5de0b84fecfcf975f10d547b0dcef36a3e53b2a036ef7bdf7b0` Request headers accept-language en-AU,en;q=0.9 Referer https://gumtree.au3ds.shop/218754617 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 23:12:47 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 27 Jan 2023 18:07:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"22201-185f46993f0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhlxJL4j8JSc8PEpfkU%2BiTHa%2B3lQw3sshioyIGJqhlN0%2F5etoSYPvXDl1aqB%2FmquGFckfm32CF0oGaQAqMHnJIBLI8e5Zd%2BW8%2FL%2FMDMX%2Fw%2Bbhd9K0zSDG0fwKj%2BTgycSrmE7EOI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 79262250ca0329a2-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	logo-white.svg gumtree.au3ds.shop/Receiving%20funds%20%D0%A8%D0%B0%D0%BB%D0%B0%D1%88%D0%B0%20_%20Gumtree%20Australia%20_%2011523324_files/	4 KB 2 KB	626ms 625ms	Image image/svg+xml	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gumtree.au3ds.shop/Receiving%20funds%20%D0%A8%D0%B0%D0%BB%D0%B0%D1%88%D0%B0%20_%20Gumtree%20Australia%20_%2011523324_files/logo-white.svg Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/218754617 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `f9963895d705f3cc57cf2545567c546c2b771b184aeaef589054e0862f9a5212` Request headers accept-language en-AU,en;q=0.9 Referer https://gumtree.au3ds.shop/218754617 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 23:12:47 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 27 Jan 2023 18:07:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"e75-185f46997d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4g%2FNRj1r0nK5AdlLt7fQRVFpgXN1ruZv%2Bui4bNsQqKkxp0KzHeppnP9ssb8Fk7spTt8j2jWQfe4iVhn6H3P2vHLlhqsJ9IwZTN%2Beq9cfUZPWLHZefCTvqA4fl8dvQt8Nn5XnT%2F4%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 cf-ray 792622568b1e5a91-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		fonts.css mbckjcfnjmoiinpgddefodcighgikkgn/common/ui/fonts/	0 0

GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9bd34aa57abd3a6b4b88af4f00cc6cd542552184b7dd4e644aa746e0e4640096` Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/jpeg
GET H3	404	null gumtree.au3ds.shop/	9 B 478 B	654ms 654ms	Image text/plain	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gumtree.au3ds.shop/null Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/218754617 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5` Request headers accept-language en-AU,en;q=0.9 Referer https://gumtree.au3ds.shop/218754617 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 23:12:47 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMUKfPTWzE7TSW1nlCbQFcIK2cGfNJFfl1iCSPrSQb8wAEpOKSWBhUEacYVVUICyoWN40ZvNQMTtZr4y7Pru7z58oYkTX5DiTXNUaa6Kdn%2FKSfq7jSGWMZmJn9pLHJaNqezJJ24%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 cf-ray 792622570bbe5a91-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9
GET H2	200	icomoon.322224.woff static.gumtree.com.au/latest/webfonts/	43 KB 44 KB	283ms 86ms	Font application/octet-stream	34.107.135.155 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://static.gumtree.com.au/latest/webfonts/icomoon.322224.woff Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/Receiving%20funds%20%D0%A8%D0%B0%D0%BB%D0%B0%D1%88%D0%B0%20_%20Gumtree%20Australia%20_%2011523324_files/app.full.a099bd683129137cef67.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.135.155 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 155.135.107.34.bc.googleusercontent.com Software UploadServer / Resource Hash `0c3cba2258b178342538de363a6b5dd09467dadd21d51e37bc982ec642f25de2` Request headers Referer https://gumtree.au3ds.shop/ Origin https://gumtree.au3ds.shop accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 22:15:56 GMT age 3411 x-guploader-uploadid ADPycdsEHyCn5QwkAKQAeld2JJ86jMeSkSsCiozPrIXqLGP1LPPHZh4a9RL1awI8pFJ4N8ll7Xx6bNsnRbYgZGZJ80NDLQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44172 last-modified Wed, 14 Oct 2020 22:55:21 GMT server UploadServer etag "fb23b5ea398627043e0e61bd687a9af0" vary X-Goog-Allowed-Resources x-goog-hash crc32c=Il2O+g==, md5=+yO16jmGJwQ+DmG9aHqa8A== x-goog-generation 1602716121766517 access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 x-goog-stored-content-length 44172 accept-ranges bytes content-type application/octet-stream expires Tue, 31 Jan 2023 23:15:56 GMT
GET H3	200	218754617 Show response gumtree.au3ds.shop/supportChatFrame/ Frame 85A8	23 KB 7 KB	781ms 780ms	Document text/html	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gumtree.au3ds.shop/supportChatFrame/218754617 Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/218754617 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `be477a7d98b3377f26a07873e8103643a699023ff415a11f4b6fb12c16aa70ed` Request headers Referer https://gumtree.au3ds.shop/218754617 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 792622574c1c5a91-MEL content-encoding br content-type text/html; charset=utf-8 date Tue, 31 Jan 2023 23:12:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFIaKiRFGzAQxTU8bX8dj5%2B%2BN1K3VSh27rHYMT2DsjVRYF95gW4eeYehxy67NR73Rw0tveql%2FW%2F2pRXz46b4eAo9fg69lAQUQ289iB7EXElN%2FR9zmgPMUgT%2FQMY%2FNxI%2BmdWicPo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by Express
GET H2	200	G7B9pPd8 tlgur.com/d/	16 KB 17 KB	278ms 94ms	Image image/jpeg	104.21.234.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tlgur.com/d/G7B9pPd8 Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/css/support_parent.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.234.246 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2e2f7630c880a767f1826760b77dc9318934a08c52ad6a024492ba31f1bf5580` Request headers accept-language en-AU,en;q=0.9 Referer https://gumtree.au3ds.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 23:12:47 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 437082 content-disposition inline; filename=UTF-8''G7B9pPd8.jpg alt-svc* h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16492 last-modified Thu, 03 Nov 2022 01:30:48 GMT server cloudflare etag "G7B9pPd8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mWFWHo5naMFrd5UwV1ygiH6GoLxdJgdsmcb7P2G96Jeyy6nR1qgaZuSfMRn9vNtGuN%2Fy6pPHHdHfuIsMFv9IykZcEuXFOho1K9qRNH6TW3%2Fw%2Bq6ZgdxcHx0ODU%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=37756800 accept-ranges bytes cf-ray 7926225879e317c8-MEL expires Sun, 07 Apr 2024 21:48:04 GMT
GET H3	200	support_chat.css gumtree.au3ds.shop/css/ Frame 85A8	97 KB 16 KB	902ms 901ms	Stylesheet text/css	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gumtree.au3ds.shop/css/support_chat.css Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/supportChatFrame/218754617 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `5a6150db74c3f33743e1cca2e048a4f2e61ef322fdec540dca13777853f0faca` Request headers accept-language en-AU,en;q=0.9 Referer https://gumtree.au3ds.shop/supportChatFrame/218754617 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 23:12:48 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 13 Aug 2021 05:53:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"1843a-17b3e127450" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTO4CTg%2Fm3nuzE4Jsx7EWthlchzmYJ18A4ZFJarXzgrClKqxGgRA%2BP%2BjUrUi%2FbhVdq9j3CW2XfAOMlWpRPdWDVZKdcRfK74RURnaafRDhPC6RkRddEeH58GTd%2BR3Pn%2BKwfYQA3o%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7926225c4b675a91-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	hp-girl-2a.png flycom.net.ua/wp-content/uploads/2016/12/ Frame 85A8	154 KB 155 KB	2612ms 728ms	Image image/png	91.225.160.17 ASSPDCHERNEGA ---...
General Check archive.org Show headers Download Go to Show image Full URL https://flycom.net.ua/wp-content/uploads/2016/12/hp-girl-2a.png Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/supportChatFrame/218754617 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.225.160.17 Odesa, Ukraine, ASN56400 (ASSPDCHERNEGA ---DataIX---, UA), Reverse DNS Software nginx / Resource Hash `c117b1ff6b3f98af0a1c9ebf3e88455de656a6f2a2c81dcc9d5482fbf772c239` Request headers accept-language en-AU,en;q=0.9 Referer https://gumtree.au3ds.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 23:12:50 GMT Last-Modified Mon, 24 Dec 2018 11:17:38 GMT Server nginx ETag "5c20c052-2696e" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 158062 Expires Fri, 10 Feb 2023 23:12:50 GMT
GET H3	200	axios.min.js Show response gumtree.au3ds.shop/js/ Frame 85A8	14 KB 5 KB	631ms 630ms	Script application/javascript	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gumtree.au3ds.shop/js/axios.min.js Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/supportChatFrame/218754617 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1` Request headers accept-language en-AU,en;q=0.9 Referer https://gumtree.au3ds.shop/supportChatFrame/218754617 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 23:12:48 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 13 Aug 2021 05:53:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"3813-17b3e127450" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuAS6eFArYE5B7YPG5fg9s5Ep3j9XmzoUOjkyZ68seHD%2BHHQ8%2B%2Fgjg9z7zyu5MCMx6KLBwZdmxKibh7cWj98%2Bnopsk4zrkAUx8Yj%2FqXf%2FpzSwwCVGajDLFB%2FpZWFA3Wif%2FPVn80%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7926225c4b6a5a91-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	support.js Show response gumtree.au3ds.shop/js/ Frame 85A8	3 KB 1 KB	631ms 631ms	Script application/javascript	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gumtree.au3ds.shop/js/support.js Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/supportChatFrame/218754617 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `8c1db9f821aff832259b875e5b14b7321430065d7851a53602a2cded37c2f3fa` Request headers accept-language en-AU,en;q=0.9 Referer https://gumtree.au3ds.shop/supportChatFrame/218754617 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 23:12:48 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 13 Aug 2021 05:53:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"acb-17b3e127450" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGBsWhvA56Du%2BdBygCEyu5yC1O2Yhq9oQsnEsbcAUtkaQj9zKkjDfOJGfsm5x4S17qHlvS8jj%2Fpgk4Tu9rv5NCeiEYqEbd1abP%2FsOrwMujKV3i0K2wM8D%2F3S7lNL4cYydzG3MAM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7926225c4b6d5a91-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	200	getMessages Show response gumtree.au3ds.shop/api/support/ Frame 85A8	15 B 493 B	451ms 451ms	XHR application/json	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gumtree.au3ds.shop/api/support/getMessages Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a` Request headers Accept application/json, text/plain, / Referer https://gumtree.au3ds.shop/supportChatFrame/218754617 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Tue, 31 Jan 2023 23:12:49 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wu0%2BE3bhuOQ5OdE4ag83%2BhCiuFevvYHKGxSk0nRCME6KLKOz6hki10pkhkXP5tsY0Nit7%2BB9HPJX34a0%2B0wAkPdg8mwNKYYQfTcVVw5duqJ3f6jRmvka8Bc%2FlBM4BLmVOaQuJ%2Bc%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 792622628b6a5a91-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15
POST H3	200	getMessages Show response gumtree.au3ds.shop/api/support/ Frame 85A8	15 B 490 B	463ms 462ms	XHR application/json	104.21.57.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gumtree.au3ds.shop/api/support/getMessages Requested by Host: gumtree.au3ds.shop URL: https://gumtree.au3ds.shop/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.57.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a` Request headers Accept application/json, text/plain, / Referer https://gumtree.au3ds.shop/supportChatFrame/218754617 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Tue, 31 Jan 2023 23:12:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWASI8H5q%2F7Wp%2FLPtf3Qeaig9ezlr8ORV6OCFZYY%2FkfsqtY3mU9m0hmgi5MuwdGjJif99jmdK2jqOOuH6xrps%2F6zuQORBVoXg6mOlrh8zd8LKxt0gmafzUCWTuR2dvAYGOv0BCo%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 7926226ebc525a91-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mbckjcfnjmoiinpgddefodcighgikkgn
URL: chrome-extension://mbckjcfnjmoiinpgddefodcighgikkgn/common/ui/fonts/fonts.css

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gumtree.au3ds.shop/	1969-12-31 23:59:59	Name: connect.sid Value: s%3A0TknIg42HRbZNPEfRS4Wv8hmOLuKXMsn.TZLD49HsPJxPKnNLbJrF3EJoTmIUnOoA2g8q7dzW%2BlE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://mbckjcfnjmoiinpgddefodcighgikkgn/common/ui/fonts/fonts.css Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://gumtree.au3ds.shop/null Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

flycom.net.ua
gumtree.au3ds.shop
mbckjcfnjmoiinpgddefodcighgikkgn
static.gumtree.com.au
tlgur.com
mbckjcfnjmoiinpgddefodcighgikkgn
104.21.234.246
104.21.57.109
34.107.135.155
91.225.160.17
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0bf065d787636a2aa2c7b57dfafa6aa243b990258cded6700a601ddc2da153e8
0c3cba2258b178342538de363a6b5dd09467dadd21d51e37bc982ec642f25de2
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
2e2f7630c880a767f1826760b77dc9318934a08c52ad6a024492ba31f1bf5580
5a6150db74c3f33743e1cca2e048a4f2e61ef322fdec540dca13777853f0faca
5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a
8c1db9f821aff832259b875e5b14b7321430065d7851a53602a2cded37c2f3fa
9bd34aa57abd3a6b4b88af4f00cc6cd542552184b7dd4e644aa746e0e4640096
bdf6b9bf76a3e384f4b420f6629e2b0f35f1e2410c2e9784b1e394ea6dd6ed22
be477a7d98b3377f26a07873e8103643a699023ff415a11f4b6fb12c16aa70ed
c117b1ff6b3f98af0a1c9ebf3e88455de656a6f2a2c81dcc9d5482fbf772c239
c96ee259cebdc5de0b84fecfcf975f10d547b0dcef36a3e53b2a036ef7bdf7b0
db4b22cd6c381d8eb9937b037f040f274b82731f0546a5768ed1d43691a8acea
f9963895d705f3cc57cf2545567c546c2b771b184aeaef589054e0862f9a5212

gumtree.au3ds.shop Open in urlscan Pro 104.21.57.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

307 kBTransfer

847 kBSize

1 Cookies

5 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

gumtree.au3ds.shop Open in urlscan Pro
104.21.57.109 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

307 kB
Transfer

847 kB
Size

1
Cookies

16 HTTP transactions
1 data transactions