ebayfraud.gremlins-in-it.com Open in urlscan Pro
173.254.28.65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ebayfraud.gremlins-in-it.com/fraudulent.html
Submission Tags: @ipnigh
Submission: On April 12 via api (April 12th 2020, 10:05:55 pm UTC) from GB

Summary HTTP 50 Redirects Links 63 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 50 HTTP transactions. The main IP is 173.254.28.65, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is ebayfraud.gremlins-in-it.com.

This is the only time ebayfraud.gremlins-in-it.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
1	173.254.28.65 173.254.28.65	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
7	23.53.41.145 23.53.41.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
24	23.213.165.191 23.213.165.191	16625 (AKAMAI-AS) (AKAMAI-AS)
13 26	152.199.23.155 152.199.23.155	15133 (EDGECAST) (EDGECAST)
1	92.122.212.211 92.122.212.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.97.71 143.204.97.71	16509 (AMAZON-02) (AMAZON-02)
1	66.135.216.178 66.135.216.178	11643 (EBAY) (EBAY)
1 2	2.18.234.107 2.18.234.107	16625 (AKAMAI-AS) (AKAMAI-AS)
50	9

1 173.254.28.65 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: just65.justhost.com

ebayfraud.gremlins-in-it.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.53.41.145 (United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-53-41-145.deploy.static.akamaitechnologies.com

include.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 23.213.165.191 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-191.deploy.static.akamaitechnologies.com

p.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pics.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 152.199.23.155 (United States) 13 redirects

ASN15133 (EDGECAST, US)

i.ebayimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.212.211 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-122-212-211.deploy.static.akamaitechnologies.com

srx.uk.ebayrtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.71 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-71.fra50.r.cloudfront.net

i376.photobucket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.135.216.178 (United States)

ASN11643 (EBAY, US)

adjustdiscount.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.107 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-107.deploy.static.akamaitechnologies.com

rover.ebay.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	ebaystatic.com include.ebaystatic.com p.ebaystatic.com pics.ebaystatic.com q.ebaystatic.com	181 KB
26	ebayimg.com 13 redirects i.ebayimg.com	24 KB
2	ebay.co.uk promo.ebay.co.uk Failed rover.ebay.co.uk	774 B
1	ebay.com adjustdiscount.ebay.com	676 B
1	photobucket.com i376.photobucket.com	3 KB
1	ebayrtm.com srx.uk.ebayrtm.com	1 KB
1	gremlins-in-it.com ebayfraud.gremlins-in-it.com	104 KB
50	7

	Domain	Requested by
26	i.ebayimg.com	13 redirects ebayfraud.gremlins-in-it.com
11	p.ebaystatic.com	ebayfraud.gremlins-in-it.com
8	q.ebaystatic.com	ebayfraud.gremlins-in-it.com
7	include.ebaystatic.com	ebayfraud.gremlins-in-it.com
5	pics.ebaystatic.com	ebayfraud.gremlins-in-it.com
2	rover.ebay.co.uk	1 redirects
1	adjustdiscount.ebay.com	include.ebaystatic.com
1	i376.photobucket.com	ebayfraud.gremlins-in-it.com
1	srx.uk.ebayrtm.com	include.ebaystatic.com
1	ebayfraud.gremlins-in-it.com
0	promo.ebay.co.uk Failed	include.ebaystatic.com
50	11

This site contains links to these domains. Also see Links.

Domain
hub.shop.ebay.co.uk
my.ebay.co.uk
sell.ebay.co.uk
community.ebay.co.uk
contact.ebay.co.uk
pages.ebay.co.uk
www.ebay.co.uk
dealseu.ebay.co.uk
signin.ebay.co.uk
scgi.ebay.co.uk
shop.ebay.co.uk
fashion.ebay.co.uk
motors.ebay.co.uk
deals.ebay.co.uk
offer.ebay.co.uk
cgi1.ebay.co.uk
myworld.ebay.co.uk
feedback.ebay.co.uk
motors.shop.ebay.co.uk
cgi.ebay.co.uk
cgi5.ebay.co.uk
popular.ebay.co.uk
reviews.ebay.co.uk
stores.ebay.co.uk
www.ebay.com
www.ebay.de
www.ebay.com.au
www.ebay.ca
annonces.ebay.fr
www.ebay.ie
uk.shopping.com
www.skype.com
www.paypal.co.uk
www.gumtree.com
www2.ebay.com
web.ebay.co.uk
viv.ebay.co.uk

Subject Issuer	Validity	Valid
ir.ebaystatic.com DigiCert SHA2 Secure Server CA	`2019-07-12` - `2021-03-23`	2 years	crt.sh
www.ebay.com DigiCert SHA2 Secure Server CA	`2019-07-17` - `2020-08-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Frame ID: D5CDD87EFA68F01166A6DF7EE88C438C
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

50
Requests

28 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

310 kB
Transfer

630 kB
Size

0
Cookies

63 Outgoing links

These are links going to different origins than the main page.

URL: http://hub.shop.ebay.co.uk/
Title: Buy

Search URL Search Domain Scan URL

URL: http://my.ebay.co.uk/ws/eBayISAPI.dll?MyEbay&gbh=1
Title: My eBay

Search URL Search Domain Scan URL

URL: http://sell.ebay.co.uk/sell
Title: Sell

Search URL Search Domain Scan URL

URL: http://community.ebay.co.uk/index.jspa
Title: Community

Search URL Search Domain Scan URL

URL: http://contact.ebay.co.uk/ws/eBayISAPI.dll?ShowCUPortal
Title: Contact us

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/help/index.html
Title: Help

Search URL Search Domain Scan URL

URL: http://www.ebay.co.uk/

Search URL Search Domain Scan URL

URL: http://dealseu.ebay.co.uk/
Title: 13

Search URL Search Domain Scan URL

URL: https://signin.ebay.co.uk/ws/eBayISAPI.dll?SignIn
Title: Sign in

Search URL Search Domain Scan URL

URL: https://scgi.ebay.co.uk/ws/eBayISAPI.dll?RegisterEnterInfo
Title: register

Search URL Search Domain Scan URL

URL: http://shop.ebay.co.uk/allcategories/all-categories
Title: CATEGORIES

Search URL Search Domain Scan URL

URL: http://fashion.ebay.co.uk/
Title: FASHION

Search URL Search Domain Scan URL

URL: http://motors.ebay.co.uk/
Title: MOTORS

Search URL Search Domain Scan URL

URL: http://deals.ebay.co.uk/
Title: CHRISTMAS DEALS

Search URL Search Domain Scan URL

URL: http://shop.ebay.co.uk/Cars-Motorcycles-Vehicles-/9800/i.html
Title: Cars, Motorcycles & Vehicles

Search URL Search Domain Scan URL

URL: http://shop.ebay.co.uk/Campers-Caravans-Motorhomes-/121904/i.html
Title: Campers, Caravans & Motorhomes

Search URL Search Domain Scan URL

URL: http://shop.ebay.co.uk/Campervans-Motorhomes-/14256/i.html
Title: Campervans & Motorhomes

Search URL Search Domain Scan URL

URL: http://offer.ebay.co.uk/ws/eBayISAPI.dll?ViewBids
Title: 0 bids

Search URL Search Domain Scan URL

URL: https://signin.ebay.co.uk/ws/eBayISAPI.dll?SignIn&ru=http%3A%2F%2Fcgi.ebay.co.uk%2Fws%2FeBayISAPI.dll%3FViewItem%26item%3D350407099424%26actionType%3Dsinginformore
Title: Sign in for more lists

Search URL Search Domain Scan URL

URL: http://cgi1.ebay.co.uk/ws/eBayISAPI.dll?MakeTrack&item=350407099424&sourcePage=4340&ssPageName=VIP:watchlink:top:en&wt=393b8861d0da0d5daaa90d1147e54e64&_trksid=p4340.l1359
Title: Add to watch list

Search URL Search Domain Scan URL

URL: http://my.ebay.co.uk/ws/eBayISAPI.dll?MyEbay&item=350407099424&currentPage=MyeBayWatching&ssPageName=VI:MEFG:2
Title: My eBay

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/topratedsellers/index.html
Title: Find out more about eBay Top-rated seller - opens in a new window or tab

Search URL Search Domain Scan URL

URL: http://myworld.ebay.co.uk/
Title: Member ID stock-esther

Search URL Search Domain Scan URL

URL: http://feedback.ebay.co.uk/ws/eBayISAPI.dll?ViewFeedback2
Title: Feedback score of 5858

Search URL Search Domain Scan URL

URL: http://my.ebay.co.uk/ws/eBayISAPI.dll?AcceptSavedSeller&ru=http%3A%2F%2Fcgi.ebay.co.uk%2Fws%2FeBayISAPI.dll%3FViewItemNext%26item%3D370456340020&mode=0&ssPageName=STRK:MEFS:ADDVI&sellerid=stock-esther&preference=0
Title: Save this seller

Search URL Search Domain Scan URL

URL: http://motors.shop.ebay.co.uk/Campers-Caravans-Motorhomes-/121904/i.html?_nkw=2003%20FIAT%20AUTOTRAIL%20APACHE%20MOTORHOME%20CAMPER%20VAN%20CARAVAN
Title: See other items from this seller

Search URL Search Domain Scan URL

URL: http://contact.ebay.co.uk/ws1/eBayISAPI.dll?ShowEmailAuctionToFriend&item=350407099424

Search URL Search Domain Scan URL

URL: http://cgi1.ebay.co.uk/ws/eBayISAPI.dll?ShareLink&swd=2&du=http%3A%2F%2Fcgi.ebay.co.uk%2F350407099424&itm=350407099424&t=2003+AUTOTRAIL+APACHE+MOTORHOME+FIAT+CAMPER+VAN+CARAVAN&spid=4340

Search URL Search Domain Scan URL

URL: http://cgi1.ebay.co.uk/ws/eBayISAPI.dll?ShareLink&swd=3&du=http%3A%2F%2Fcgi.ebay.co.uk%2F350407099424&itm=350407099424&t=2003+AUTOTRAIL+APACHE+MOTORHOME+FIAT+CAMPER+VAN+CARAVAN&spid=4340

Search URL Search Domain Scan URL

URL: http://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&item=350407099424&si=5v5C%2BNsxPqpAWqTS0Ebgl2wLDo0%3D&print=all&category=14256
Title: Print this item - opens in a new window or tab

Search URL Search Domain Scan URL

URL: http://cgi1.ebay.co.uk/ws/eBayISAPI.dll?ReportThisItemRedirect&active=1&itemId=350407099424&seller=stock-esther
Title: Report item

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/help/sell/contextual/condition_5.html
Title: See all condition definitions- opens in a new window or tab

Search URL Search Domain Scan URL

URL: http://cgi5.ebay.co.uk/ws/eBayISAPI.dll?SellLikeItem&item=350407099424
Title: Sell one like this

Search URL Search Domain Scan URL

URL: http://shop.ebay.co.uk/i.html?_nkw=Motorhome
Title: Motorhome

Search URL Search Domain Scan URL

URL: http://shop.ebay.co.uk/i.html?_nkw=camper+van
Title: Camper Van

Search URL Search Domain Scan URL

URL: http://shop.ebay.co.uk/i.html?_nkw=Vw+Camper
Title: Vw Camper

Search URL Search Domain Scan URL

URL: http://motors.shop.ebay.co.uk/Campervans-Motorhomes-/14256/i.html?_nkw=camper+van
Title: Campervan

Search URL Search Domain Scan URL

URL: http://motors.shop.ebay.co.uk/Campers-Caravans-Motorhomes-/121904/i.html?_mspp=&_pcats=9800
Title: Motorhomes

Search URL Search Domain Scan URL

URL: http://popular.ebay.co.uk/
Title: Popular Searches

Search URL Search Domain Scan URL

URL: http://reviews.ebay.co.uk/
Title: eBay Reviews

Search URL Search Domain Scan URL

URL: http://stores.ebay.co.uk/
Title: eBay Stores

Search URL Search Domain Scan URL

URL: http://www.ebay.com/
Title: United States

Search URL Search Domain Scan URL

URL: http://www.ebay.de/
Title: Germany

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/
Title: Australia

Search URL Search Domain Scan URL

URL: http://www.ebay.ca/
Title: Canada

Search URL Search Domain Scan URL

URL: http://annonces.ebay.fr/
Title: France

Search URL Search Domain Scan URL

URL: http://www.ebay.ie/
Title: Ireland

Search URL Search Domain Scan URL

URL: http://uk.shopping.com/
Title: Shopping.com UK

Search URL Search Domain Scan URL

URL: http://www.skype.com/intl/en-gb/home
Title: Skype

Search URL Search Domain Scan URL

URL: http://www.paypal.co.uk/uk/
Title: PayPal

Search URL Search Domain Scan URL

URL: http://www.gumtree.com/
Title: Gumtree

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/aboutebay.html
Title: About eBay

Search URL Search Domain Scan URL

URL: http://www2.ebay.com/aw/marketing-uk.shtml
Title: Announcements

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/safetycentre/index.html
Title: Safety Centre

Search URL Search Domain Scan URL

URL: http://web.ebay.co.uk/partnercentre/index.html
Title: Partner Centre

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/vero/index.html
Title: VeRO: Protecting Intellectual Property

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/help/policies/index.html
Title: Policies

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/services/forum/feedback.html
Title: Feedback Forum

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/sitemap.html
Title: Site Map

Search URL Search Domain Scan URL

URL: http://viv.ebay.co.uk/ws/eBayISAPI.dll?EbayTime
Title: eBay official time

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/buyerprotection/
Title: Learn more

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/help/policies/user-agreement.html?rt=nc
Title: User Agreement

Search URL Search Domain Scan URL

URL: http://pages.ebay.co.uk/help/policies/privacy-policy.html?rt=nc
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_35.JPG HTTP 301
https://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_35.JPG

Request Chain 11

http://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_14.JPG HTTP 301
https://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_14.JPG

Request Chain 12

http://i.ebayimg.com/02/!B8LI36w!Wk~$(KGrHqZ,!lEEy+jCzRQGBM2Umokn2w~~0_14.JPG HTTP 301
https://i.ebayimg.com/02/!B8LI36w!Wk~$(KGrHqZ,!lEEy+jCzRQGBM2Umokn2w~~0_14.JPG

Request Chain 13

http://i.ebayimg.com/08/!B8LI4uwBWk~$(KGrHqUOKogEy+jC5Rg4BM2UmrYfq!~~0_14.JPG HTTP 301
https://i.ebayimg.com/08/!B8LI4uwBWk~$(KGrHqUOKogEy+jC5Rg4BM2UmrYfq!~~0_14.JPG

Request Chain 14

http://i.ebayimg.com/14/!B8LI5Gg!mk~$(KGrHqUOKjcEycuPoW)WBM2Ums2S8Q~~0_14.JPG HTTP 301
https://i.ebayimg.com/14/!B8LI5Gg!mk~$(KGrHqUOKjcEycuPoW)WBM2Ums2S8Q~~0_14.JPG

Request Chain 15

http://i.ebayimg.com/04/!B8LI5ywCGk~$(KGrHqN,!lMEy+jC0)ssBM2UmvN68w~~0_14.JPG HTTP 301
https://i.ebayimg.com/04/!B8LI5ywCGk~$(KGrHqN,!lMEy+jC0)ssBM2UmvN68w~~0_14.JPG

Request Chain 16

http://i.ebayimg.com/06/!B8LI6vwBWk~$(KGrHqYOKp!Ey+jC0CGYBM2UmyRVlQ~~0_14.JPG HTTP 301
https://i.ebayimg.com/06/!B8LI6vwBWk~$(KGrHqYOKp!Ey+jC0CGYBM2UmyRVlQ~~0_14.JPG

Request Chain 17

http://i.ebayimg.com/09/!B8LI7mwEWk~$(KGrHqF,!iUEzN3MUC8QBM2Um06qI!~~0_14.JPG HTTP 301
https://i.ebayimg.com/09/!B8LI7mwEWk~$(KGrHqF,!iUEzN3MUC8QBM2Um06qI!~~0_14.JPG

Request Chain 18

http://i.ebayimg.com/23/!B8LI8VQ!Wk~$(KGrHqMOKiUEzU9b9+c(BM2Um3uBuw~~0_14.JPG HTTP 301
https://i.ebayimg.com/23/!B8LI8VQ!Wk~$(KGrHqMOKiUEzU9b9+c(BM2Um3uBuw~~0_14.JPG

Request Chain 19

http://i.ebayimg.com/15/!B8LI87QCWk~$(KGrHqV,!hcEyrsF6JN3BM2Um53)IQ~~0_14.JPG HTTP 301
https://i.ebayimg.com/15/!B8LI87QCWk~$(KGrHqV,!hcEyrsF6JN3BM2Um53)IQ~~0_14.JPG

Request Chain 21

http://i.ebayimg.com/07/!B8LI9ogEGk~$(KGrHqQOKi4EzTTBbtqEBM2Um8cT!g~~0_14.JPG HTTP 301
https://i.ebayimg.com/07/!B8LI9ogEGk~$(KGrHqQOKi4EzTTBbtqEBM2Um8cT!g~~0_14.JPG

Request Chain 22

http://i.ebayimg.com/02/!B8LI-DwEWk~$(KGrHqN,!lsEy+jC0w1oBM2Um-NkGw~~0_14.JPG HTTP 301
https://i.ebayimg.com/02/!B8LI-DwEWk~$(KGrHqN,!lsEy+jC0w1oBM2Um-NkGw~~0_14.JPG

Request Chain 23

http://i.ebayimg.com/08/!B8LI-zQBWk~$(KGrHqJ,!ioEzNs53FIlBM2UnBL0Gg~~0_14.JPG HTTP 301
https://i.ebayimg.com/08/!B8LI-zQBWk~$(KGrHqJ,!ioEzNs53FIlBM2UnBL0Gg~~0_14.JPG

Request Chain 48

http://rover.ebay.co.uk/idmap/0?footer&cb=vjo.dsf.assembly.VjClientAssembler._callback2&_vrdm=1586729127126 HTTP 301
https://rover.ebay.co.uk/idmap/0?footer&cb=vjo.dsf.assembly.VjClientAssembler._callback2&_vrdm=1586729127126

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request fraudulent.html Show response
ebayfraud.gremlins-in-it.com/ 103 KB
104 KB 328ms
309ms Document
text/html 173.254.28.65
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: HTTP/1.1
Server: 173.254.28.65 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: just65.justhost.com
Software: Apache /
Resource Hash: 3c4f4b90197d08b038b39c0708788036a1e0039922979dd1b1a109b5a3ab257e

Request headers

Host: ebayfraud.gremlins-in-it.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
Server: Apache
Last-Modified: Sun, 12 Dec 2010 21:47:37 GMT
Accept-Ranges: bytes
Content-Length: 105740
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK GH-ZAM_RedesignEbayNoneFull_e693i12326331_en_GB.css
include.ebaystatic.com/v4css/en_GB/e693i/ 22 KB
5 KB 64ms
45ms Stylesheet
text/css 23.53.41.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4css/en_GB/e693i/GH-ZAM_RedesignEbayNoneFull_e693i12326331_en_GB.css
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: HTTP/1.1
Server: 23.53.41.145 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-53-41-145.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: cf9e296db0c94099d083185b8b637b6dfa6d790f6a43184ac8a97eb3aa4d6801

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Nov 2010 01:50:00 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "56b0-49494f56da002-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=26088
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4585
Expires: Mon, 13 Apr 2020 05:20:13 GMT

GET
H/1.1 200
OK BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
include.ebaystatic.com/v4css/en_GB/e693i/ 99 KB
20 KB 65ms
46ms Stylesheet
text/css 23.53.41.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: HTTP/1.1
Server: 23.53.41.145 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-53-41-145.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e36286262bbc37bf792f0631e45624b79927a4e26577036ea8f1fb29e92e4292

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Nov 2010 01:49:52 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "18aea-49494f4f6b415-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=26180
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20236
Expires: Mon, 13 Apr 2020 05:21:45 GMT

GET
H/1.1 200
OK SYS-ZAM_vjo_e693i12326333_1_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e693i/ 101 KB
30 KB 65ms
45ms Script
application/javascript 23.53.41.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e693i/SYS-ZAM_vjo_e693i12326333_1_en_GB.js
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: HTTP/1.1
Server: 23.53.41.145 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-53-41-145.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: a79b05c1e7bd4690018cb54fe861e3be3225e40c7ce1b98d93b4df5f74459109

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Nov 2010 01:49:44 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "192b4-49494f476795c-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=26160
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30626
Expires: Mon, 13 Apr 2020 05:21:25 GMT

GET
H/1.1 200
OK GH-ZAM_RedesignEbayNoneFull_e693i12326333_1_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e693i/ 60 KB
16 KB 64ms
45ms Script
application/javascript 23.53.41.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e693i/GH-ZAM_RedesignEbayNoneFull_e693i12326333_1_en_GB.js
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: HTTP/1.1
Server: 23.53.41.145 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-53-41-145.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: bdeb86a1104cb7bd1c4c57a68542fcf03bf502158d2df9021eec0881a71e0801

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Nov 2010 01:49:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "efb6-49494f437deb6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=26068
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16079
Expires: Mon, 13 Apr 2020 05:19:53 GMT

GET
H/1.1 200
OK logoEbay_x45.gif
p.ebaystatic.com/aw/pics/uk/logos/ 2 KB
3 KB 70ms
51ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/uk/logos/logoEbay_x45.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

60531d6ef692e14da848197b5a42c89be4c86d4a2274f0b183db7998e6b3e99b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from lvsaz01picscache-971955:80
Last-Modified: Tue, 30 May 2017 22:24:10 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 2545
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK imgHolidayHeader_12122010_158x59.jpg
pics.ebaystatic.com/aw/pics/uk/holiday/holiday2010/ 5 KB
5 KB 65ms
46ms Image
image/jpeg 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/uk/holiday/holiday2010/imgHolidayHeader_12122010_158x59.jpg

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a3e3ad65ba206ab3d0e48cb298d6146c3e668c7eeb5bb359fe9ba54557f1f3de

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939225:80
Last-Modified: Tue, 30 May 2017 22:24:08 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 4754
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK sprHdr.png
pics.ebaystatic.com/aw/pics/globalHeader/ 327 B
812 B 34ms
34ms Image
image/png 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/globalHeader/sprHdr.png

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c0d1f6a77aeecef2a2aa60f8e85208319c62e3173e945ee0c10fa1ec89dfa1a0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/GH-ZAM_RedesignEbayNoneFull_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939226:80
Last-Modified: Tue, 30 May 2017 20:59:28 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 327
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK sprHdr4.png
q.ebaystatic.com/aw/pics/homepage/ 2 KB
2 KB 64ms
46ms Image
image/png 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/homepage/sprHdr4.png

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

94f44ddf0f72a27ae3942d8fa931f77ee6e37cb3c70ceba999afaf0fe2220280

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/GH-ZAM_RedesignEbayNoneFull_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from lvspicscache-2505095:80
Last-Modified: Tue, 30 May 2017 20:59:37 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1858
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK imgDaysCountdown.gif
pics.ebaystatic.com/aw/pics/uk/holiday/holiday2010/ 125 B
610 B 73ms
55ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/uk/holiday/holiday2010/imgDaysCountdown.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bf4d0e260729bd7513434c58566a5b0615d2bccb21afac31cfe3db84e9d28eb2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939225:80
Last-Modified: Tue, 30 May 2017 22:24:08 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 125
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK iconLtArrow_20x20.gif
p.ebaystatic.com/aw/pics/icon/ 260 B
745 B 42ms
34ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/icon/iconLtArrow_20x20.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

83fc7606a282fc9519b1a10fb0e79c2173b36b0edba855083e5a2c8e973d15e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from lvspicscache-2505092:80
Last-Modified: Tue, 30 May 2017 20:59:38 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 260
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_35.JPG
i.ebayimg.com/05/
Redirect Chain

http://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_35.JPG
https://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_35.JPG

1 KB
2 KB

294ms
206ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_35.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:25 GMT
via: http/1.1 58cb8afbabd6 (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 1
status: 200
x-envoy-upstream-service-time: 155
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dpie%7Dn%60bnb%2853%3B4261%2Busqdrrp%2Buk%60%2Bceb%7C%28dlh-171706d08e0-0x153
x-ebay-request-id: 171706d0-8e00-a9e1-d7d6-033bfdd9907e![
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_35.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F7B1)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_14.JPG
i.ebayimg.com/05/
Redirect Chain

http://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_14.JPG
https://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_14.JPG

1 KB
2 KB

304ms
223ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:26 GMT
via: http/1.1 58cb8afbabd6 (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 1
status: 200
x-envoy-upstream-service-time: 155
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dpie%7Dn%60bnb%285004354%2Busqdrrp%2Buk%60%2Bceb%7C%28dlh-171706d08f1-0x17a
x-ebay-request-id: 171706d0-8f10-a99b-1f85-f3e2ff156e33![
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/05/!B8LI3NQEWk~$(KGrHqN,!lUEy+jC1dDEBM2Uml8BbQ~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F6C3)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI36w!Wk~$(KGrHqZ,!lEEy+jCzRQGBM2Umokn2w~~0_14.JPG
i.ebayimg.com/02/
Redirect Chain

http://i.ebayimg.com/02/!B8LI36w!Wk~$(KGrHqZ,!lEEy+jCzRQGBM2Umokn2w~~0_14.JPG
https://i.ebayimg.com/02/!B8LI36w!Wk~$(KGrHqZ,!lEEy+jCzRQGBM2Umokn2w~~0_14.JPG

1 KB
2 KB

296ms
217ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/02/!B8LI36w!Wk~$(KGrHqZ,!lEEy+jCzRQGBM2Umokn2w~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:26 GMT
via: http/1.1 05cdb23223dd (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 0
status: 200
x-envoy-upstream-service-time: 155
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dpie%7Dn%60bnb%2853%3B3%3E65%2Busqdrrp%2Buk%60%2Bceb%7C%28dlh-171706d08e6-0x172
x-ebay-request-id: 171706d0-8e60-aad7-6496-5ea7fddd6ecc!Ebayimg.Composite!slczmedia-3486816.stratus.slc.ebay.com!r1zmedia[]
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/02/!B8LI36w!Wk~$(KGrHqZ,!lEEy+jCzRQGBM2Umokn2w~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F7AE)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI4uwBWk~$(KGrHqUOKogEy+jC5Rg4BM2UmrYfq!~~0_14.JPG
i.ebayimg.com/08/
Redirect Chain

http://i.ebayimg.com/08/!B8LI4uwBWk~$(KGrHqUOKogEy+jC5Rg4BM2UmrYfq!~~0_14.JPG
https://i.ebayimg.com/08/!B8LI4uwBWk~$(KGrHqUOKogEy+jC5Rg4BM2UmrYfq!~~0_14.JPG

1 KB
2 KB

284ms
205ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/08/!B8LI4uwBWk~$(KGrHqUOKogEy+jC5Rg4BM2UmrYfq!~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:25 GMT
via: http/1.1 05cdb23223dd (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 1
status: 200
x-envoy-upstream-service-time: 145
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dpie%7Dn%60bnb%28501%3D03%3B%2Busqdrrp%2Buk%60%2Bceb%7C%28dlh-171706d08e2-0x15b
x-ebay-request-id: 171706d0-8e20-a9e4-f916-9c28ff0e6593!Ebayimg.Composite!slczmedia-3728648.stratus.slc.ebay.com!r1zmedia[]
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/08/!B8LI4uwBWk~$(KGrHqUOKogEy+jC5Rg4BM2UmrYfq!~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F77B)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI5Gg!mk~$(KGrHqUOKjcEycuPoW)WBM2Ums2S8Q~~0_14.JPG
i.ebayimg.com/14/
Redirect Chain

http://i.ebayimg.com/14/!B8LI5Gg!mk~$(KGrHqUOKjcEycuPoW)WBM2Ums2S8Q~~0_14.JPG
https://i.ebayimg.com/14/!B8LI5Gg!mk~$(KGrHqUOKjcEycuPoW)WBM2Ums2S8Q~~0_14.JPG

1 KB
2 KB

283ms
204ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/14/!B8LI5Gg!mk~$(KGrHqUOKjcEycuPoW)WBM2Ums2S8Q~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:26 GMT
via: http/1.1 58cb8afbabd6 (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 1
status: 200
x-envoy-upstream-service-time: 150
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dpie%7Dn%60bnb%2851662%3E%3B%2Busqdrrp%2Buk%60%2Bceb%7C%28dlh-171706d08e2-0x160
x-ebay-request-id: 171706d0-8e20-a9e5-35d3-8b97fe38c3fe![
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/14/!B8LI5Gg!mk~$(KGrHqUOKjcEycuPoW)WBM2Ums2S8Q~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F6EB)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI5ywCGk~$(KGrHqN,!lMEy+jC0)ssBM2UmvN68w~~0_14.JPG
i.ebayimg.com/04/
Redirect Chain

http://i.ebayimg.com/04/!B8LI5ywCGk~$(KGrHqN,!lMEy+jC0)ssBM2UmvN68w~~0_14.JPG
https://i.ebayimg.com/04/!B8LI5ywCGk~$(KGrHqN,!lMEy+jC0)ssBM2UmvN68w~~0_14.JPG

1 KB
2 KB

275ms
196ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/04/!B8LI5ywCGk~$(KGrHqN,!lMEy+jC0)ssBM2UmvN68w~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:25 GMT
via: http/1.1 58cb8afbabd6 (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 1
status: 200
x-envoy-upstream-service-time: 143
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dpie%7Dn%60bnb%2852%3A16%3F1%2Busqdrrp%2Buk%60%2Bceb%7C%28dlh-171706d08dd-0x164
x-ebay-request-id: 171706d0-8dd0-a9e0-f003-f5cbfdf0ed5f![
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/04/!B8LI5ywCGk~$(KGrHqN,!lMEy+jC0)ssBM2UmvN68w~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F731)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI6vwBWk~$(KGrHqYOKp!Ey+jC0CGYBM2UmyRVlQ~~0_14.JPG
i.ebayimg.com/06/
Redirect Chain

http://i.ebayimg.com/06/!B8LI6vwBWk~$(KGrHqYOKp!Ey+jC0CGYBM2UmyRVlQ~~0_14.JPG
https://i.ebayimg.com/06/!B8LI6vwBWk~$(KGrHqYOKp!Ey+jC0CGYBM2UmyRVlQ~~0_14.JPG

1 KB
2 KB

261ms
203ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/06/!B8LI6vwBWk~$(KGrHqYOKp!Ey+jC0CGYBM2UmyRVlQ~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:26 GMT
via: http/1.1 58cb8afbabd6 (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 0
status: 200
x-envoy-upstream-service-time: 148
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dpie%7Dn%60bnb%2854342%3F7%2Busqdrrp%2Buk%60%2Bceb%7C%28dlh-171706d08e1-0x180
x-ebay-request-id: 171706d0-8e10-a99c-1860-f475fde496a0![
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/06/!B8LI6vwBWk~$(KGrHqYOKp!Ey+jC0CGYBM2UmyRVlQ~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F7A2)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI7mwEWk~$(KGrHqF,!iUEzN3MUC8QBM2Um06qI!~~0_14.JPG
i.ebayimg.com/09/
Redirect Chain

http://i.ebayimg.com/09/!B8LI7mwEWk~$(KGrHqF,!iUEzN3MUC8QBM2Um06qI!~~0_14.JPG
https://i.ebayimg.com/09/!B8LI7mwEWk~$(KGrHqF,!iUEzN3MUC8QBM2Um06qI!~~0_14.JPG

1 KB
2 KB

268ms
208ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/09/!B8LI7mwEWk~$(KGrHqF,!iUEzN3MUC8QBM2Um06qI!~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:25 GMT
via: http/1.1 05cdb23223dd (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 1
status: 200
x-envoy-upstream-service-time: 154
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dpie%7Dn%60bnb%28532%3D4%3E7%2Busqdrrp%2Buk%60%2Bceb%7C%28dlh-171706d08e0-0x169
x-ebay-request-id: 171706d0-8e00-ac3c-fae3-7e92fddfc263!Ebayimg.Composite!slczmedia-3418294.stratus.slc.ebay.com!r1zmedia[]
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/09/!B8LI7mwEWk~$(KGrHqF,!iUEzN3MUC8QBM2Um06qI!~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F79B)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI8VQ!Wk~$(KGrHqMOKiUEzU9b9+c(BM2Um3uBuw~~0_14.JPG
i.ebayimg.com/23/
Redirect Chain

http://i.ebayimg.com/23/!B8LI8VQ!Wk~$(KGrHqMOKiUEzU9b9+c(BM2Um3uBuw~~0_14.JPG
https://i.ebayimg.com/23/!B8LI8VQ!Wk~$(KGrHqMOKiUEzU9b9+c(BM2Um3uBuw~~0_14.JPG

1 KB
2 KB

296ms
236ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/23/!B8LI8VQ!Wk~$(KGrHqMOKiUEzU9b9+c(BM2Um3uBuw~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:26 GMT
via: http/1.1 05cdb23223dd (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 0
status: 200
x-envoy-upstream-service-time: 166
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dosu%7Dn%60bnb%28556%3D%3F15%2Busqdrrp%2Bjqp%2Bceb%7C%28dlh-171706d08f5-0x16a
x-ebay-request-id: 171706d0-8f50-aa66-59e3-4b34fe2fb01d!Ebayimg.Composite!lvszmedia-3258966.stratus.lvs.ebay.com!r1zmedia[]
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/23/!B8LI8VQ!Wk~$(KGrHqMOKiUEzU9b9+c(BM2Um3uBuw~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F74B)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI87QCWk~$(KGrHqV,!hcEyrsF6JN3BM2Um53)IQ~~0_14.JPG
i.ebayimg.com/15/
Redirect Chain

http://i.ebayimg.com/15/!B8LI87QCWk~$(KGrHqV,!hcEyrsF6JN3BM2Um53)IQ~~0_14.JPG
https://i.ebayimg.com/15/!B8LI87QCWk~$(KGrHqV,!hcEyrsF6JN3BM2Um53)IQ~~0_14.JPG

1 KB
2 KB

303ms
245ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/15/!B8LI87QCWk~$(KGrHqV,!hcEyrsF6JN3BM2Um53)IQ~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:26 GMT
via: http/1.1 05cdb23223dd (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 1
status: 200
x-envoy-upstream-service-time: 177
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dosu%7Dn%60bnb%28557740%3B%2Busqdrrp%2Bjqp%2Bceb%7C%28dlh-171706d08ed-0x164
x-ebay-request-id: 171706d0-8ed0-acc4-2745-700efe4a74a9!Ebayimg.Composite!lvszmedia-3242278.stratus.lvs.ebay.com!r1zmedia[]
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/15/!B8LI87QCWk~$(KGrHqV,!hcEyrsF6JN3BM2Um53)IQ~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F731)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK rtm Show response
srx.uk.ebayrtm.com/ 789 B
1 KB 1016ms
995ms Script
application/x-javascript 92.122.212.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://srx.uk.ebayrtm.com/rtm?RtmCmd&a=json&p=699:973:974:825:827:829:283:280:433:876:912&ph=0:0:0:0:0:0:0:0:0:0:0&ev=0:0:0:0:0:0:0:1:0:0:0&g=2bc250ac12c0a06c1d90e6e0ff9e9919&uf=0&c=1H4sIAAAAAAAAAIVWbU%2FjRhD%2BXqn%2FYaVKvbZa6L7bJvKHXAgkKiFRkgO1QrJMsiSrM3bqF15O%2FPg%2Bu87RXqWqCOyZ2ZnZeXlm8A%2FrzpLr6omwhDBzptgZN2S2WhPBOPv%2Bu4NIojS8GT%2B%2BWYo%2FSYaf1vP1cji9IsPFcDQZk9l8PV9O5rMxuZgO12Q0nC3GS3IzvAa5HOIdvOmUG8N1orj0vORps68Op%2FY%2Bfz3dVKfdZ0i5jFMueMJUYKI0iZm%2FmydJyiOmjWKRkEKG0z4sbkT%2FTtS7tuEpDyKerl8Pls6qtqr31SOoOeKzdese3CZvLY3IrCrbfUOW9jF3pSt39Lp7vLc1qR7IR7utq%2BqxofwfwkVtn1zVNWT%2BXNq6oZLewlFNRvkh37j2lSaM7PKiqMqGLqt8S9b5C0UNOYsYo8OXwjZU0IvOFiTEdu5sYwt6XrsnS1Zua%2BnS7fbtyT4vt2TrpXTV3bdedVTlm%2F1954qW%2Fm7zEM2Fq5sWwe9c09Z566oSd6F%2F%2BKHjPzt3eLRlS7m4IVfeK%2FIbCMX%2BwQ0dQq%2FKrfO2QVDk9eNg%2BByYj4Urt81gdE4WRf5q68EI7uq8IBObB%2FOv%2FKrnyWVddYfBqKo%2BQ%2Fm86u4LSy6L%2FIvXHSOh31y72dtyMH5BzUpviIzJVbWBfjO4cC92S45mqP7gsnZFMZj4Utzmzf4%2Bb1w5mKFRDZngDlw1c5u6es6f7GD%2BBL%2FLfOuqwbLqYPFtTCt0qShca8m5a%2FaDlT3kKBhKvq%2BeEevKlZ8Hq65Ewx8G6xv8kqGtXV7QVWHtwft577Chk6pu7MEbUq45%2Bbg%2FHFHQ2seDhd%2ButlBqSZDSi9ptd%2FZXclFb%2BwU8Lrfh8n8fzPLPlg67tiLrOncFgLsFNoa4d28J8LMa05krbL6z5CdPND9TKXyvb9223dPog%2FnwATApqq6mt3ski%2Bh9gedd61E8Lneu9Cj7YqkYRElMNhuKm8rm0TWNB88sLzvk7F8P%2BcanUSOHGirtK%2FnpfUiOU%2FMzPQGSC9%2F%2B%2BsltLJkAhlX9SpFhUdj6Q%2FM%2FxuuqBQaubLlD9HRablEYPMqW3Ni92wAF07I52E0ANr3R3yAdQNl0Ad8ULW6ad5tb69GNIPIHi5svbOhHQ%2BnX2S1ej45sDbwBOOhm3lCsDBlHqfzjevGya375%2FruN22Id3XWoMOa3f%2BtvWb%2FKYBOWk1CcqYhTGTGllWFYVoZKyVSitFQsVlRIhgNPxjqcxJhGqaOw7kTSby0NdyaJT5mUIsjVexDhWPb7LpapglcfNMfWZFr0yy8WvRsch7OoZ0UqA2vCm2N5nva2Kh1Nptfj1Tgbfhqtp%2FPrIJVHdTgTcaJNFHMPNJ8u10dbAS0fVy7BB0GkQ2zIqY8xitNRjiVJwgbevKI7Dfnxa6OaPqlR7mcGSlDNnwBGaLxv7G90%2FuPQ36RUnyYi4EpoE2S8T4LFoRRcsSMfpYvleLWeXo7JH9PFYk6uppeT9Xi5CqfwEHN5d2YywTS7O%2BMMLciEVBGEXGfS8CS%2BO5NSa51xJiKo6pir7ATnmiUmyk40zg3DudQmMWASACSTSSx0sDQ8808YKMGiODPKxGCEjLjorbWXJSw8Oa5RkmUSzpOgqzNltOrlPBMmFnGmtYxFZmSie1vQmhsVaBloGWxNpqOjThzDj9JxsEK%2BijET%2FMhMIVYW6OAhTvxdSmYa4IWtEMwHzwSuQbt5KAIXJhQB%2Bn1OPnXPhKCTyNcBVMQ4THmvqjkS85QwxieneeRPIxTcO%2FW%2B2deSo9gyDsqeChGJXqxQNYwkyo8xPJJCiKgnDUbT9KTvWvQ3mRx1URzek0InPD6aqcgczQD1DKOS%2BIGMjyiS6Rzb6i7gzoSnxCfSAsv5xtnnKf4VXNuX1o9FGgsTvqB6U3T8OEHsHazCJCnax6jiVCRSUclETA2nOqFaUi2owMSHDyeTfmrsNnxTJSmGM9HsjQuBbaHe8IllUKw3gdRMpN4EkCmYepNAS6L6i6JUhCD67ybgOj1JknCCLJDGXx83KPsZCgAA&ord=1289310016569&e=USC:1&z=0&bw=1600&cg=1586729125883&enc=UTF-8&v=4&cb=vjo.dsf.assembly.VjClientAssembler._callback0&_vrdm=1586729125886
Requested by: Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4js/en_GB/e693i/SYS-ZAM_vjo_e693i12326333_1_en_GB.js
Protocol: HTTP/1.1
Server: 92.122.212.211 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-122-212-211.deploy.static.akamaitechnologies.com
Software: ebay server /
Resource Hash: 6fc7940b00673e7ad2f1fa084f1138a1f45ffc182553fece242c383c3f5503b3

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:26 GMT
RlogId: t6ndbulkgb%7Bq%3C%3Dpiejbathmdc%7Fw%285427%3F%3F3-171706d0b8b-0x1fe06
Server: ebay server
Connection: keep-alive
Down-RlogIds: MadronaExt-To-RTM=empty;MadronaExt-To-Madrona=t6mwrj9%3Ftilktsn%28b%601sv*w%60ut3550-171706d0b95-0x1ce;
Content-Length: 789
Content-Type: application/x-javascript;charset=UTF-8

GET
H2

200

!B8LI9ogEGk~$(KGrHqQOKi4EzTTBbtqEBM2Um8cT!g~~0_14.JPG
i.ebayimg.com/07/
Redirect Chain

http://i.ebayimg.com/07/!B8LI9ogEGk~$(KGrHqQOKi4EzTTBbtqEBM2Um8cT!g~~0_14.JPG
https://i.ebayimg.com/07/!B8LI9ogEGk~$(KGrHqQOKi4EzTTBbtqEBM2Um8cT!g~~0_14.JPG

1 KB
2 KB

262ms
241ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/07/!B8LI9ogEGk~$(KGrHqQOKi4EzTTBbtqEBM2Um8cT!g~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:25 GMT
via: http/1.1 05cdb23223dd (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 1
status: 200
x-envoy-upstream-service-time: 164
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dosu%7Dn%60bnb%2851%3A5%3F%3F%3A%2Busqdrrp%2Bjqp%2Bceb%7C%28dlh-171706d08fa-0x16a
x-ebay-request-id: 171706d0-8fa0-aa65-2256-1ea0fe493bfb!Ebayimg.Composite!lvszmedia-3690989.stratus.lvs.ebay.com!r1zmedia[]
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/07/!B8LI9ogEGk~$(KGrHqQOKi4EzTTBbtqEBM2Um8cT!g~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F6BE)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI-DwEWk~$(KGrHqN,!lsEy+jC0w1oBM2Um-NkGw~~0_14.JPG
i.ebayimg.com/02/
Redirect Chain

http://i.ebayimg.com/02/!B8LI-DwEWk~$(KGrHqN,!lsEy+jC0w1oBM2Um-NkGw~~0_14.JPG
https://i.ebayimg.com/02/!B8LI-DwEWk~$(KGrHqN,!lsEy+jC0w1oBM2Um-NkGw~~0_14.JPG

1 KB
2 KB

251ms
197ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/02/!B8LI-DwEWk~$(KGrHqN,!lsEy+jC0w1oBM2Um-NkGw~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:25 GMT
via: http/1.1 58cb8afbabd6 (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 1
status: 200
x-envoy-upstream-service-time: 143
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dpie%7Dn%60bnb%2853%3B3%3F5%3A%2Busqdrrp%2Buk%60%2Bceb%7C%28dlh-171706d08dc-0x16d
x-ebay-request-id: 171706d0-8dc0-aad7-64f5-997afddff7a9![
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/02/!B8LI-DwEWk~$(KGrHqN,!lsEy+jC0w1oBM2Um-NkGw~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F74D)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H2

200

!B8LI-zQBWk~$(KGrHqJ,!ioEzNs53FIlBM2UnBL0Gg~~0_14.JPG
i.ebayimg.com/08/
Redirect Chain

http://i.ebayimg.com/08/!B8LI-zQBWk~$(KGrHqJ,!ioEzNs53FIlBM2UnBL0Gg~~0_14.JPG
https://i.ebayimg.com/08/!B8LI-zQBWk~$(KGrHqJ,!ioEzNs53FIlBM2UnBL0Gg~~0_14.JPG

1 KB
2 KB

301ms
250ms

Image
image/jpeg

152.199.23.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ebayimg.com/08/!B8LI-zQBWk~$(KGrHqJ,!ioEzNs53FIlBM2UnBL0Gg~~0_14.JPG
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: envoy /
Resource Hash: a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 22:05:25 GMT
via: http/1.1 05cdb23223dd (ApacheTrafficServer/6.2.3 [cMsSf ])
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 1
status: 200
x-envoy-upstream-service-time: 179
x-ebay-c-version: 1.0.0
content-length: 1359
last-modified: Sun, 12 Apr 2020 22:05:26 GMT
server: envoy
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
rlogid: t6yhccjd%3C%3Dosu%7Dn%60bnb%28547%3C15%3A%2Busqdrrp%2Bjqp%2Bceb%7C%28dlh-171706d08fb-0x160
x-ebay-request-id: 171706d0-8fb0-aa66-e7f6-34a8fe418f78!Ebayimg.Composite!lvszmedia-3349729.stratus.lvs.ebay.com!r1zmedia[]
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
expires: Mon, 12 Apr 2021 22:05:26 GMT

Redirect headers

Location: https://i.ebayimg.com/08/!B8LI-zQBWk~$(KGrHqJ,!ioEzNs53FIlBM2UnBL0Gg~~0_14.JPG
Date: Sun, 12 Apr 2020 22:05:25 GMT
Cache-Control: max-age=31536000
Server: ECAcc (ska/F72F)
Content-Length: 0
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK s.gif
q.ebaystatic.com/aw/pics/ 49 B
533 B 34ms
32ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/s.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939225:80
Last-Modified: Tue, 30 May 2017 21:03:22 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK hdr_escrow_760x50.gif
i376.photobucket.com/albums/oo207/divdal2/ 2 KB
3 KB 84ms
62ms Image
image/webp 143.204.97.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i376.photobucket.com/albums/oo207/divdal2/hdr_escrow_760x50.gif
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: HTTP/1.1
Server: 143.204.97.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-71.fra50.r.cloudfront.net
Software: imgproxy /
Resource Hash: d58cb6f3c0c6711f38ee988526139e7564b70ec32b70e6ad1269e152a379ccf8

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 15:46:01 GMT
Via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
Age: 195564
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="hdr_escrow_760x50.webp"
Connection: keep-alive
Content-Length: 2434
X-Request-Id: PDerUtE2Y992ei-cG_WW_
Server: imgproxy
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: CPRW1u6_bgMP08Ga8lEA7-XbEFiTkTluGxY-Creo9-f94kMMDyEjnw==
Expires: Fri, 10 Apr 2020 16:46:01 GMT

GET
H/1.1 200
OK iconGreenStar_25x25.gif
p.ebaystatic.com/aw/pics/icon/ 174 B
662 B 33ms
32ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/icon/iconGreenStar_25x25.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fcd6f0b200fefaea4895b12af378cc2fad1a7504544fea07559d729e8f5f5c3e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from lvsaz01picscache-971955:80
Last-Modified: Tue, 30 May 2017 20:59:38 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 174
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK aboutme-small.gif
q.ebaystatic.com/aw/pics/uk/ 245 B
733 B 82ms
45ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/uk/aboutme-small.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b0d54a527992b115bf825a7e49e26a1e016b6886c14e5d918fcd3d0836484d53

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from lvsaz01picscache-971955:80
Last-Modified: Thu, 01 Jun 2017 22:36:45 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 245
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK iconTrsLarge.gif
p.ebaystatic.com/aw/pics/icons/ 2 KB
3 KB 71ms
52ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/icons/iconTrsLarge.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1fb8d9aa5a9d0c6cf9276033c09ac0b936aabb300844193ffd5b26cb306f1f45

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939228:80
Last-Modified: Tue, 30 May 2017 20:59:39 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 2309
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK sprIconsStatusMsg.png
p.ebaystatic.com/aw/pics/cmp/ds2/icons/ 2 KB
2 KB 66ms
47ms Image
image/png 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/ds2/icons/sprIconsStatusMsg.png

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

aa99d757c6ff19d30831f3887a4c9c3634835f9d9c0c8aa15727efd1b7cb501f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939228:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1565
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK imgLoading_30x30.gif
p.ebaystatic.com/aw/pics/globalAssets/ 3 KB
4 KB 64ms
45ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/globalAssets/imgLoading_30x30.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c63edc732b0ad022207d9b5557b8faff9015f578c3e962f506599daa2bdf96a4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from lvspicscache-2505093:80
Last-Modified: Tue, 30 May 2017 20:59:27 GMT
Server: Apache
X-EdgeConnect-Cache-Status: 1
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3179
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK spriteToolbarIcons.gif
p.ebaystatic.com/aw/pics/cmp/icn/ 323 B
808 B 69ms
49ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/icn/spriteToolbarIcons.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2d284dd3709246e29de436f67fd85332c4265b74898ad2d2f124f57ab4721647

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939228:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 323
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK sprButtons.png
p.ebaystatic.com/aw/pics/cmp/ds2/ 11 KB
11 KB 68ms
50ms Image
image/png 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/ds2/sprButtons.png

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from lvspicscache-2505093:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 10896
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK sprAddToListImg.png
pics.ebaystatic.com/aw/pics/myebay/images/ 578 B
1 KB 34ms
34ms Image
image/png 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/myebay/images/sprAddToListImg.png

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cfe7279b9494be7db4f12feb543c915c164ed481249698065829948f693b475b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: MISS from lvspicscache-2505095:80
Last-Modified: Tue, 30 May 2017 21:01:23 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 578
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK sproverlaycrnspntslt.png
q.ebaystatic.com/aw/pics/cmp/ui/ 1 KB
2 KB 77ms
47ms Image
image/png 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/cmp/ui/sproverlaycrnspntslt.png

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e42b70b880ffaf18e9e69b2cf200b10a1a0462a504d41cf219508c2b488775f3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939226:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1406
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK sproverlaycrnspntsrt.png
p.ebaystatic.com/aw/pics/cmp/ui/ 3 KB
4 KB 37ms
36ms Image
image/png 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/ui/sproverlaycrnspntsrt.png

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8d2b883d8960ac4433027475a3693406d40a977d575bb369f78bf6c8e1f198b0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939227:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
X-EdgeConnect-Cache-Status: 1
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3155
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK sprIconClose.gif
p.ebaystatic.com/aw/pics/cmp/icn/ 386 B
871 B 45ms
38ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/icn/sprIconClose.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

96417edb913ce16a159724fca2eaa4fed53eca92691c97b49220d19f44756436

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:26 GMT
X-Cache-Lookup: HIT from slcpicscache-1939228:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 386
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:26 GMT

GET
H/1.1 200
OK eTRS_GradTop.gif
q.ebaystatic.com/aw/pics/myebay/images/ 98 B
582 B 37ms
33ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/myebay/images/eTRS_GradTop.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

342761cf26f256b70913b6e614181476802c2637c63e564fee5928574dcf8f5d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939227:80
Last-Modified: Tue, 30 May 2017 21:01:23 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 98
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK iconGreenTick_10x10.gif
q.ebaystatic.com/aw/pics/icons/ 178 B
663 B 57ms
50ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/icons/iconGreenTick_10x10.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

37a7b3aaa9859ee31019a8b5f6b885b2083d8f8e6845508fd5e12d333089bf50

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939226:80
Last-Modified: Tue, 30 May 2017 20:59:39 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 178
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK sprTabs.png
q.ebaystatic.com/aw/pics/cmp/ds2/ui/ 290 B
778 B 50ms
48ms Image
image/png 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/cmp/ds2/ui/sprTabs.png

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

16d0d7c037588627ad29366de1bbea2114bcee00024fec53a2d88d98f35b999b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from lvsaz01picscache-971956:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 290
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK sprTallCore.gif
pics.ebaystatic.com/aw/pics/nextGenVit/ 2 KB
2 KB 35ms
34ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/nextGenVit/sprTallCore.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5d4d9a3030feca5b92c13719bc85a843042560a3c522477f54735c4269b48ea3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:25 GMT
X-Cache-Lookup: HIT from slcpicscache-1939226:80
Last-Modified: Tue, 30 May 2017 21:01:28 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1754
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:25 GMT

GET
H/1.1 200
OK imgGuarantee_footer.gif
q.ebaystatic.com/aw/pics/uk/buy/trust/ 979 B
1 KB 39ms
37ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/uk/buy/trust/imgGuarantee_footer.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

323f01c9e76a2b81fe79897d13d873fa9bd34617f4767503ad864497fadfe07c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:26 GMT
X-Cache-Lookup: HIT from lvsaz01picscache-971955:80
Last-Modified: Tue, 30 May 2017 22:23:57 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 979
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:26 GMT

GET
H/1.1 200
OK SYS-ZAM_Omniture_e693i12326333_5_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e693i/ 17 KB
10 KB 52ms
51ms Script
application/javascript 23.53.41.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e693i/SYS-ZAM_Omniture_e693i12326333_5_en_GB.js
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: HTTP/1.1
Server: 23.53.41.145 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-53-41-145.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 559950c0156f927ae05ba1d4edfa21a91bbf09f59cd1804ccdd39e219b55748e

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Nov 2010 01:49:44 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "42a2-49494f474fa8a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=26165
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9889
Expires: Mon, 13 Apr 2020 05:21:31 GMT

GET
H/1.1 200
OK BuyingApp_Common_e693i12326333_6b_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e693i/ 155 KB
45 KB 53ms
52ms Script
application/javascript 23.53.41.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e693i/BuyingApp_Common_e693i12326333_6b_en_GB.js
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: HTTP/1.1
Server: 23.53.41.145 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-53-41-145.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 04bfb5b2c408120d2beef34a5dfb7d18d5e419621e2d0f511a358e3cc293c100

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Nov 2010 01:49:32 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "26bca-49494f3bf357e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=26121
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45787
Expires: Mon, 13 Apr 2020 05:20:47 GMT

GET
H/1.1 200
OK BuyingApp_ViewItemShipping_e693i12326333_6_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e693i/ 16 KB
5 KB 50ms
49ms Script
application/javascript 23.53.41.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326333_6_en_GB.js
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html
Protocol: HTTP/1.1
Server: 23.53.41.145 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-53-41-145.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: defa6e4a62c314d7a98ae2297999c57c3702263dcdb6a1bbfed60d43b3aeb0e9

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Nov 2010 01:49:33 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3ec0-49494f3ccb65a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=26158
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4866
Expires: Mon, 13 Apr 2020 05:21:24 GMT

GET
H/1.1 200
OK sprPanelGrads.gif
p.ebaystatic.com/aw/pics/cmp/ui/ 1 KB
2 KB 32ms
32ms Image
image/gif 23.213.165.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/ui/sprPanelGrads.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/fraudulent.html

Protocol

HTTP/1.1

Server

23.213.165.191 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-191.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

62380f6749b6867f93ffe6eff4f3dd0b584dc2b666ca2077c82291bc046f9887

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://include.ebaystatic.com/v4css/en_GB/e693i/BuyingApp_ViewItemShipping_e693i12326331_en_GB.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 22:05:26 GMT
X-Cache-Lookup: HIT from slcpicscache-1939228:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1180
X-XSS-Protection: 1; mode=block
Expires: Mon, 12 Apr 2021 22:05:26 GMT

GET
H/1.1 200
OK eBayISAPI.dll Show response
adjustdiscount.ebay.com/ws/ 9 B
676 B 724ms
681ms Script
text/html 66.135.216.178
EBAY

General

Check archive.org

Show headers Download Go to

Full URL: http://adjustdiscount.ebay.com/ws/eBayISAPI.dll?AdjustDiscount&coupon=lnb-sh%2Cmh%2Crmhkldqf-ct%60qex%60ad
Requested by: Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4js/en_GB/e693i/BuyingApp_Common_e693i12326333_6b_en_GB.js
Protocol: HTTP/1.1
Server: 66.135.216.178 , United States, ASN11643 (EBAY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3230d5a466b3c13c64900f09ddebfb05f3a3235ac393fbe804c88651e45357c4

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sun, 12 Apr 2020 22:05:26 GMT
Content-Encoding: gzip
Server: Apache-Coyote/1.1
Cache-Control: private
Content-Length: 29
Content-Type: text/html;charset=UTF-8

GET eBayISAPI.dll
promo.ebay.co.uk/ws/ 0
0

GET
H2

200

0 Show response
rover.ebay.co.uk/idmap/
Redirect Chain

http://rover.ebay.co.uk/idmap/0?footer&cb=vjo.dsf.assembly.VjClientAssembler._callback2&_vrdm=1586729127126
https://rover.ebay.co.uk/idmap/0?footer&cb=vjo.dsf.assembly.VjClientAssembler._callback2&_vrdm=1586729127126

76 B
470 B

278ms
203ms

Script
text/json

2.18.234.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rover.ebay.co.uk/idmap/0?footer&cb=vjo.dsf.assembly.VjClientAssembler._callback2&_vrdm=1586729127126

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.18.234.107 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-234-107.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

f4da7636450865d4b970aae1c67e32ee2189e3548ee2491be716003a89f08157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://ebayfraud.gremlins-in-it.com/fraudulent.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: ebay server
x-edgeconnect-midmile-rtt: 143
date: Sun, 12 Apr 2020 22:05:27 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa PSDo PSAa OUR SAMo IND UNI COM NAV INT STA DEM PRE"
status: 200
x-ebay-c-request-id: ri=hzhQzhdXabSS,rci=799f83c4e6f9e5c0
cache-control: private, no-cache
rlogid: t6qjpbq%3F%3Cumjthu%60t*0637%3B7%28twwgsvv%28umj%28bad%7F%29%60jk-171706d0e7f-0x199
content-type: text/json;charset=ISO-8859-1
content-length: 76
x-edgeconnect-origin-mex-latency: 28

Redirect headers

Location: https://rover.ebay.co.uk/idmap/0?footer&cb=vjo.dsf.assembly.VjClientAssembler._callback2&_vrdm=1586729127126
X-EdgeConnect-Origin-MEX-Latency: 32
Date: Sun, 12 Apr 2020 22:05:27 GMT
Connection: keep-alive
X-EdgeConnect-MidMile-RTT: 139
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: promo.ebay.co.uk
URL: http://promo.ebay.co.uk/ws/eBayISAPI.dll?AutoRefreshStoreCategories&storeid=1174472&cb=vjo.dsf.assembly.VjClientAssembler._callback1&_vrdm=1586729126833

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adjustdiscount.ebay.com
ebayfraud.gremlins-in-it.com
i.ebayimg.com
i376.photobucket.com
include.ebaystatic.com
p.ebaystatic.com
pics.ebaystatic.com
promo.ebay.co.uk
q.ebaystatic.com
rover.ebay.co.uk
srx.uk.ebayrtm.com
promo.ebay.co.uk
143.204.97.71
152.199.23.155
173.254.28.65
2.18.234.107
23.213.165.191
23.53.41.145
66.135.216.178
92.122.212.211
04bfb5b2c408120d2beef34a5dfb7d18d5e419621e2d0f511a358e3cc293c100
16d0d7c037588627ad29366de1bbea2114bcee00024fec53a2d88d98f35b999b
1fb8d9aa5a9d0c6cf9276033c09ac0b936aabb300844193ffd5b26cb306f1f45
2d284dd3709246e29de436f67fd85332c4265b74898ad2d2f124f57ab4721647
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3230d5a466b3c13c64900f09ddebfb05f3a3235ac393fbe804c88651e45357c4
323f01c9e76a2b81fe79897d13d873fa9bd34617f4767503ad864497fadfe07c
342761cf26f256b70913b6e614181476802c2637c63e564fee5928574dcf8f5d
37a7b3aaa9859ee31019a8b5f6b885b2083d8f8e6845508fd5e12d333089bf50
3c4f4b90197d08b038b39c0708788036a1e0039922979dd1b1a109b5a3ab257e
559950c0156f927ae05ba1d4edfa21a91bbf09f59cd1804ccdd39e219b55748e
5d4d9a3030feca5b92c13719bc85a843042560a3c522477f54735c4269b48ea3
60531d6ef692e14da848197b5a42c89be4c86d4a2274f0b183db7998e6b3e99b
62380f6749b6867f93ffe6eff4f3dd0b584dc2b666ca2077c82291bc046f9887
6fc7940b00673e7ad2f1fa084f1138a1f45ffc182553fece242c383c3f5503b3
83fc7606a282fc9519b1a10fb0e79c2173b36b0edba855083e5a2c8e973d15e2
8d2b883d8960ac4433027475a3693406d40a977d575bb369f78bf6c8e1f198b0
94f44ddf0f72a27ae3942d8fa931f77ee6e37cb3c70ceba999afaf0fe2220280
96417edb913ce16a159724fca2eaa4fed53eca92691c97b49220d19f44756436
a3e3ad65ba206ab3d0e48cb298d6146c3e668c7eeb5bb359fe9ba54557f1f3de
a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a
a79b05c1e7bd4690018cb54fe861e3be3225e40c7ce1b98d93b4df5f74459109
aa99d757c6ff19d30831f3887a4c9c3634835f9d9c0c8aa15727efd1b7cb501f
b0d54a527992b115bf825a7e49e26a1e016b6886c14e5d918fcd3d0836484d53
bdeb86a1104cb7bd1c4c57a68542fcf03bf502158d2df9021eec0881a71e0801
bf4d0e260729bd7513434c58566a5b0615d2bccb21afac31cfe3db84e9d28eb2
c0d1f6a77aeecef2a2aa60f8e85208319c62e3173e945ee0c10fa1ec89dfa1a0
c63edc732b0ad022207d9b5557b8faff9015f578c3e962f506599daa2bdf96a4
cf9e296db0c94099d083185b8b637b6dfa6d790f6a43184ac8a97eb3aa4d6801
cfe7279b9494be7db4f12feb543c915c164ed481249698065829948f693b475b
d58cb6f3c0c6711f38ee988526139e7564b70ec32b70e6ad1269e152a379ccf8
defa6e4a62c314d7a98ae2297999c57c3702263dcdb6a1bbfed60d43b3aeb0e9
e36286262bbc37bf792f0631e45624b79927a4e26577036ea8f1fb29e92e4292
e42b70b880ffaf18e9e69b2cf200b10a1a0462a504d41cf219508c2b488775f3
eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae
f4da7636450865d4b970aae1c67e32ee2189e3548ee2491be716003a89f08157
fcd6f0b200fefaea4895b12af378cc2fad1a7504544fea07559d729e8f5f5c3e

ebayfraud.gremlins-in-it.com Open in urlscan Pro 173.254.28.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

50 Requests

28 %HTTPS

0 %IPv6

7 Domains

11 Subdomains

9 IPs

2 Countries

310 kBTransfer

630 kBSize

0 Cookies

63 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

ebayfraud.gremlins-in-it.com Open in urlscan Pro
173.254.28.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

28 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

310 kB
Transfer

630 kB
Size

0
Cookies

50 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!