ebayfraud.gremlins-in-it.com Open in urlscan Pro
173.254.28.65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ebayfraud.gremlins-in-it.com/200554108272-safe.html
Effective URL:
http://ebayfraud.gremlins-in-it.com/
Submission: On February 10 via manual (February 10th 2022, 1:13:50 am UTC) from US — Scanned from IT

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 48 HTTP transactions. The main IP is 173.254.28.65, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is ebayfraud.gremlins-in-it.com.

This is the only time ebayfraud.gremlins-in-it.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
3	173.254.28.65 173.254.28.65	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
8	104.75.89.51 104.75.89.51	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2.21.142.217 2.21.142.217	16625 (AKAMAI-AS) (AKAMAI-AS)
16	104.75.89.144 104.75.89.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	2a02:26f0:fb:... 2a02:26f0:fb:5a3::24d4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.59.171.9 23.59.171.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 8	2606:4700::68... 2606:4700::6812:b3b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	8

3 173.254.28.65 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: just65.justhost.com

ebayfraud.gremlins-in-it.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gremlins-in-it.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.89.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-51.deploy.static.akamaitechnologies.com

include.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.21.142.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-217.deploy.static.akamaitechnologies.com

p.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.75.89.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-144.deploy.static.akamaitechnologies.com

pics.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:fb:5a3::24d4 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

i.ebayimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.59.171.9 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-171-9.deploy.static.akamaitechnologies.com

srx.uk.ebayrtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:b3b (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ti2.auctiva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	ebaystatic.com include.ebaystatic.com — Cisco Umbrella Rank: 508023 p.ebaystatic.com — Cisco Umbrella Rank: 9015 pics.ebaystatic.com — Cisco Umbrella Rank: 10841 q.ebaystatic.com — Cisco Umbrella Rank: 12524	220 KB
8	auctiva.com 4 redirects ti2.auctiva.com — Cisco Umbrella Rank: 113850	8 KB
4	ebayimg.com 1 redirects i.ebayimg.com — Cisco Umbrella Rank: 3887	6 KB
3	gremlins-in-it.com ebayfraud.gremlins-in-it.com www.gremlins-in-it.com	39 KB
1	ebayrtm.com srx.uk.ebayrtm.com	1 KB
0	ebay.com Failed adjustdiscount.ebay.com Failed
48	6

	Domain	Requested by
12	p.ebaystatic.com	ebayfraud.gremlins-in-it.com include.ebaystatic.com
10	q.ebaystatic.com	ebayfraud.gremlins-in-it.com include.ebaystatic.com
8	ti2.auctiva.com	4 redirects www.gremlins-in-it.com
8	include.ebaystatic.com	ebayfraud.gremlins-in-it.com www.gremlins-in-it.com
6	pics.ebaystatic.com	ebayfraud.gremlins-in-it.com include.ebaystatic.com
4	i.ebayimg.com	1 redirects ebayfraud.gremlins-in-it.com
2	ebayfraud.gremlins-in-it.com	www.gremlins-in-it.com
1	www.gremlins-in-it.com	ebayfraud.gremlins-in-it.com
1	srx.uk.ebayrtm.com	include.ebaystatic.com
0	adjustdiscount.ebay.com Failed	include.ebaystatic.com
48	10

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://ebayfraud.gremlins-in-it.com/
Frame ID: 3C947B1D1719E88FE74104A83DAB74D4
Requests: 42 HTTP requests in this frame

Frame: http://www.gremlins-in-it.com/ebayfraud/description-safe.html
Frame ID: B4AEE7914EC757B43F5E79C03F45BA85
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Index of /

Page URL History Show full URLs

http://ebayfraud.gremlins-in-it.com/200554108272-safe.html Page URL
http://ebayfraud.gremlins-in-it.com/ Page URL

Page Statistics

48
Requests

0 %
HTTPS

29 %
IPv6

6
Domains

10
Subdomains

8
IPs

3
Countries

272 kB
Transfer

725 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ebayfraud.gremlins-in-it.com/200554108272-safe.html Page URL
http://ebayfraud.gremlins-in-it.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG HTTP 301
https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG

Request Chain 39

http://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG HTTP 307
https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG

Request Chain 41

http://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG HTTP 307
https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG

Request Chain 43

http://ti2.auctiva.com/web/imghost1.gif HTTP 301
https://ti2.auctiva.com/web/imghost1.gif

Request Chain 44

http://ti2.auctiva.com/web/auctivablue88x33.gif HTTP 301
https://ti2.auctiva.com/web/auctivablue88x33.gif

Request Chain 45

http://ti2.auctiva.com/web/credLnk0.gif HTTP 301
https://ti2.auctiva.com/web/credLnk0.gif

Request Chain 46

http://ti2.auctiva.com/images/BYS_stampsmall.png HTTP 301
https://ti2.auctiva.com/images/BYS_stampsmall.png

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 200554108272-safe.html Show response
ebayfraud.gremlins-in-it.com/ 95 KB
35 KB 553ms
170ms Document
text/html 173.254.28.65
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html
Protocol: HTTP/1.1
Server: 173.254.28.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: just65.justhost.com
Software: Apache /
Resource Hash: a9f3c6e0cf13c366a319f0987d4365b5c2cef3ef164f9531bf069d622c38cd23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 12 Dec 2010 20:26:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK GH-ZAM_RedesignEbayNoneFull_e695i12360762_en_GB.css
include.ebaystatic.com/v4css/en_GB/e695i/ 22 KB
5 KB 90ms
39ms Stylesheet
text/css 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4css/en_GB/e695i/GH-ZAM_RedesignEbayNoneFull_e695i12360762_en_GB.css
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html
Protocol: HTTP/1.1
Server: 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-51.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 12f7c45dd688626a0e98697d1a559b1621696e976e4ec3e836244162ec645509

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from pics-cache-3:80
Last-Modified: Sat, 20 Nov 2010 03:48:38 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "56b0-49573e5f6e2b4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4585

GET
H/1.1 200
OK BuyingApp_ViewItemShipping_e695i12360762_en_GB.css
include.ebaystatic.com/v4css/en_GB/e695i/ 99 KB
20 KB 807ms
755ms Stylesheet
text/css 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html
Protocol: HTTP/1.1
Server: 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-51.deploy.static.akamaitechnologies.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 07f41230a2b138ba2bdbc152cc5464f41104e4cebf5d438bcb29a14de4615086

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
Content-Encoding: gzip
X-Cache-Lookup: MISS from pics-cache-1:80
Last-Modified: Sat, 20 Nov 2010 03:48:26 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "18aea-49573e539f1bc-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20236

GET
H/1.1 200
OK SYS-ZAM_vjo_e695i12382599_1_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e695i/ 101 KB
30 KB 379ms
328ms Script
application/javascript 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e695i/SYS-ZAM_vjo_e695i12382599_1_en_GB.js
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html
Protocol: HTTP/1.1
Server: 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-51.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 58ef83155aa48d61a90dd175d4a6510e664d46fbc83aace6d22d136f9717c9cb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
Content-Encoding: gzip
X-Cache-Lookup: MISS from pics-cache-4:80
Last-Modified: Wed, 01 Dec 2010 23:32:42 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "192b4-49661b8bcc135-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30626

GET
H/1.1 200
OK GH-ZAM_RedesignEbayNoneFull_e695i12382599_1_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e695i/ 60 KB
16 KB 91ms
40ms Script
application/javascript 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e695i/GH-ZAM_RedesignEbayNoneFull_e695i12382599_1_en_GB.js
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html
Protocol: HTTP/1.1
Server: 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-51.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c1c6797489b688fee26193cee1122b7716596d206eb53d50fe42f8aca0d60de8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from pics-cache-0:80
Last-Modified: Wed, 01 Dec 2010 23:32:20 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "f06f-49661b76d7d0d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16109

GET
H/1.1 200
OK logoEbay_x45.gif
p.ebaystatic.com/aw/pics/uk/logos/ 2 KB
3 KB 65ms
28ms Image
image/gif 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/uk/logos/logoEbay_x45.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

60531d6ef692e14da848197b5a42c89be4c86d4a2274f0b183db7998e6b3e99b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: HIT from pics-cache-4:80
Last-Modified: Tue, 30 May 2017 22:24:10 GMT
Server: Apache
Akamai-GRN: 0.3c99645f.1644455625.f4bff3d
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 2545
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H/1.1 200
OK imgHolidayHeader_12122010_158x59.jpg
pics.ebaystatic.com/aw/pics/uk/holiday/holiday2010/ 5 KB
5 KB 107ms
32ms Image
image/jpeg 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/uk/holiday/holiday2010/imgHolidayHeader_12122010_158x59.jpg

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a3e3ad65ba206ab3d0e48cb298d6146c3e668c7eeb5bb359fe9ba54557f1f3de

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: MISS from pics-cache-1:80
Last-Modified: Tue, 30 May 2017 22:24:08 GMT
Server: Apache
Akamai-GRN: , 0.986656b8.1644455625.774e3deb
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 4754
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H/1.1 200
OK iconLtArrow_20x20.gif
p.ebaystatic.com/aw/pics/icon/ 260 B
891 B 77ms
40ms Image
image/gif 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/icon/iconLtArrow_20x20.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

83fc7606a282fc9519b1a10fb0e79c2173b36b0edba855083e5a2c8e973d15e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 275
Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: HIT from pics-cache-1:80
Akamai-GRN: , , , 0.7d99645f.1644455625.5c44b0c
X-EdgeConnect-MidMile-RTT: 0
Connection: keep-alive
Content-Length: 260
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 May 2017 20:59:38 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H2

200

!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG
i.ebayimg.com/06/
Redirect Chain

http://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG
https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG

1 KB
2 KB

267ms
192ms

Image
image/jpeg

2a02:26f0:fb:5a3::24d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

Server

2a02:26f0:fb:5a3::24d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ebay-proxy-server /

Resource Hash

a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:13:45 GMT
last-modified: Thu, 10 Feb 2022 01:13:45 GMT
server: ebay-proxy-server
x-ebay-pop-id: UFES2-FRA-zoe-anycast
akamai-grn: 0.5d99645f.1644455625.4802eb3e
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0,no-store,no-cache
x-envoy-upstream-service-time: 157
rlogid: t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*%60vrd7%28rbpv6775-17ee1318391-0x12f
x-ebay-c-version: 1.0.0
content-length: 1359
x-cdn: AKAMAI
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found

Redirect headers

Location: https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG
Date: Thu, 10 Feb 2022 01:13:45 GMT
Server: AkamaiGHost
Connection: keep-alive
Akamai-GRN: 0.7f99645f.1644455625.53eee29
Content-Length: 0
x-CDN: AKAMAI

GET
H/1.1 200
OK s.gif
q.ebaystatic.com/aw/pics/ 49 B
597 B 84ms
35ms Image
image/gif 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/s.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: HIT from pics-cache-3:80
Last-Modified: Tue, 30 May 2017 21:03:22 GMT
Server: Apache
Akamai-GRN: , , 0.9b6656b8.1644455625.1b55d302
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H/1.1 200
OK logoPayPal_51x14.gif
q.ebaystatic.com/aw/pics/logos/ 1 KB
2 KB 38ms
38ms Image
image/gif 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/logos/logoPayPal_51x14.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9fcadad99f6f0a6c806a07e40b2ab1d62af9ca6b6c676986a8c10ada35e545a8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: HIT from pics-cache-4:80
Last-Modified: Tue, 30 May 2017 20:59:56 GMT
Server: Apache
Akamai-GRN: , , , 0.9b6656b8.1644455625.1b55d304
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1505
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H/1.1 200
OK iconGreenStar_25x25.gif
p.ebaystatic.com/aw/pics/icon/ 174 B
828 B 25ms
25ms Image
image/gif 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/icon/iconGreenStar_25x25.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fcd6f0b200fefaea4895b12af378cc2fad1a7504544fea07559d729e8f5f5c3e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: HIT from slcpicscache-1939225:80
Last-Modified: Tue, 30 May 2017 20:59:38 GMT
Server: Apache
Akamai-GRN: , , , , , , , , , 0.7d99645f.1644455625.5c44b2c
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 174
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H/1.1 200
OK aboutme-small.gif
q.ebaystatic.com/aw/pics/uk/ 245 B
794 B 56ms
28ms Image
image/gif 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/uk/aboutme-small.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b0d54a527992b115bf825a7e49e26a1e016b6886c14e5d918fcd3d0836484d53

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: HIT from pics-cache-0:80
Last-Modified: Thu, 01 Jun 2017 22:36:45 GMT
Server: Apache
Akamai-GRN: , , 0.9b6656b8.1644455625.1b55d3a6
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 245
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H/1.1 200
OK iconTrsLarge.gif
p.ebaystatic.com/aw/pics/icons/ 2 KB
3 KB 29ms
28ms Image
image/gif 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/icons/iconTrsLarge.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1fb8d9aa5a9d0c6cf9276033c09ac0b936aabb300844193ffd5b26cb306f1f45

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: HIT from pics-cache-2:80
Last-Modified: Tue, 30 May 2017 20:59:39 GMT
Server: Apache
Akamai-GRN: 0.3c99645f.1644455625.f4bff3e
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 2309
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H/1.1 200
OK iconStoresNW_20x20.gif
q.ebaystatic.com/aw/pics/icon/ 376 B
933 B 56ms
28ms Image
image/gif 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/icon/iconStoresNW_20x20.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

603b931edd73d19d59444c80eb78766cbf7b71750cdee0fafb68bb20a1e5498a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: HIT from slcpicscache-1939225:80
Last-Modified: Tue, 30 May 2017 20:59:39 GMT
Server: Apache
Akamai-GRN: , , 0.986656b8.1644455625.774e3e80
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 376
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H/1.1 200
OK imgLockup.gif
pics.ebaystatic.com/aw/pics/uk/paypal/ 7 KB
8 KB 30ms
29ms Image
image/gif 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/uk/paypal/imgLockup.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1b82daca724d50260e0153fc653ab86d3d8acaa43f3b54ccd602cc3d3382c92d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: HIT from pics-cache-4:80
Last-Modified: Tue, 30 May 2017 22:24:14 GMT
Server: Apache
Akamai-GRN: , , , 0.986656b8.1644455625.774e3df2
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 7577
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H/1.1 200
OK imgGuarantee_footer.gif
q.ebaystatic.com/aw/pics/uk/buy/trust/ 979 B
1 KB 80ms
46ms Image
image/gif 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/uk/buy/trust/imgGuarantee_footer.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

323f01c9e76a2b81fe79897d13d873fa9bd34617f4767503ad864497fadfe07c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
X-Cache-Lookup: HIT from pics-cache-3:80
Last-Modified: Tue, 30 May 2017 22:23:57 GMT
Server: Apache
Akamai-GRN: , 0.9b6656b8.1644455625.1b55d3c4
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 979
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:45 GMT

GET
H/1.1 200
OK SYS-ZAM_Omniture_e695i12382599_5_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e695i/ 17 KB
10 KB 326ms
325ms Script
application/javascript 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e695i/SYS-ZAM_Omniture_e695i12382599_5_en_GB.js
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html
Protocol: HTTP/1.1
Server: 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-51.deploy.static.akamaitechnologies.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1c6d0953d8cfb06f764fcbea215531f6ceb474f839a2587a030506eb597714e3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from pics-cache-4:80
Last-Modified: Wed, 01 Dec 2010 23:32:41 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "42a2-49661b8b34b81-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9889

GET
H/1.1 200
OK BuyingApp_Common_e695i12382599_6b_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e695i/ 154 KB
45 KB 307ms
307ms Script
application/javascript 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e695i/BuyingApp_Common_e695i12382599_6b_en_GB.js
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html
Protocol: HTTP/1.1
Server: 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-51.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: bfaf69a309b68f1bfb2f80cbfdac27dd0ad6feb9edf62bc5b449a897afb141b0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from pics-cache-3:80
Last-Modified: Wed, 01 Dec 2010 23:31:37 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "266fe-49661b4e47060-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45443

GET
H/1.1 200
OK BuyingApp_ViewItemShipping_e695i12382599_6_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e695i/ 16 KB
5 KB 77ms
49ms Script
application/javascript 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12382599_6_en_GB.js
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html
Protocol: HTTP/1.1
Server: 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-51.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 28c61370900750efdb3fca11f1520bf70b42d544307fa21370012a9335f21ed2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:45 GMT
Content-Encoding: gzip
X-Cache-Lookup: MISS from pics-cache-2:80
Last-Modified: Wed, 01 Dec 2010 23:31:47 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3ec0-49661b57617d4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4866

GET
H/1.1 200
OK sprHdr.png
pics.ebaystatic.com/aw/pics/globalHeader/ 327 B
862 B 29ms
29ms Image
image/png 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/globalHeader/sprHdr.png

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/GH-ZAM_RedesignEbayNoneFull_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c0d1f6a77aeecef2a2aa60f8e85208319c62e3173e945ee0c10fa1ec89dfa1a0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from pics-cache-4:80
Last-Modified: Tue, 30 May 2017 20:59:28 GMT
Server: Apache
Akamai-GRN: , 0.986656b8.1644455626.774e3e62
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 327
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK sprHdr4.png
q.ebaystatic.com/aw/pics/homepage/ 2 KB
2 KB 43ms
43ms Image
image/png 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/homepage/sprHdr4.png

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/GH-ZAM_RedesignEbayNoneFull_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

94f44ddf0f72a27ae3942d8fa931f77ee6e37cb3c70ceba999afaf0fe2220280

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from pics-cache-2:80
Last-Modified: Tue, 30 May 2017 20:59:37 GMT
Server: Apache
Akamai-GRN: , , , , , , , , 0.9b6656b8.1644455626.1b55d3d8
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1858
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK imgDaysCountdown.gif
pics.ebaystatic.com/aw/pics/uk/holiday/holiday2010/ 125 B
660 B 59ms
32ms Image
image/gif 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/uk/holiday/holiday2010/imgDaysCountdown.gif

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bf4d0e260729bd7513434c58566a5b0615d2bccb21afac31cfe3db84e9d28eb2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from pics-cache-1:80
Last-Modified: Tue, 30 May 2017 22:24:08 GMT
Server: Apache
Akamai-GRN: , 0.986656b8.1644455626.774e435d
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 125
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK rtm Show response
srx.uk.ebayrtm.com/ 789 B
1 KB 614ms
374ms Script
application/x-javascript 23.59.171.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://srx.uk.ebayrtm.com/rtm?RtmCmd&a=json&p=699:973:974:825:827:829:283:280:433:876:912&ph=0:0:0:0:0:0:0:0:0:0:0&ev=0:0:0:0:0:0:0:1:0:0:0&g=db2d402912c0a02652e5b285fd90bd11&uf=0&c=1H4sIAAAAAAAAAIVVWW%2FjNhB%2BX2D%2FA4EC7bagUw4viQH44PU6jYG1HdhOggIBAkVmbCGy5NWRxIv8%2BA4p2U0eij7YnHu%2BOSj%2BsmwL8s2lBDhh8bmAcwZkulwRzoB9%2FrTnJrLgTwY28IxZ%2FAlyMRmuyPB6NV8thpPvZHg1HF2OyXS%2Bmi8u59MxGQ2nV%2BMFuRnOkFwM8QzRlNUslhFo6VkBdlc2ZVWf1dtyf%2BYeksNZWp61T6gEEVvgYJgMTGRNzDwCMMYjUEoCi3nEg7YDB5p3p5Enaw0BPxiwizJZk1XySunfLqlI%2BUgusqpuyMJtsrqpkiYrC0qnSdE%2BJmnTVq4it0lVJUVzIF8WbpdkRVZsyLQsmm39Ox3QizbPydJVz1nqyCXGKKsDpUuX5676rf4f59Vh7%2FxRNklOvrti02wx%2BXxFRq5qsscsTRqvn7W7BxfAfnXrqix39QfhVeWes7KtyfylcFVN6aRYu73Dv6IhN26bpbkjk6Leu7Qr7xbDVmSU7JM0axDt8DV3PuSN%2BtAH8q1M2x0GoVily0mP9luVPTuyzNaeWbYPTSce%2F2izfWe9zJ3b%2B0pPKQb0Eifs9uWLq475G7fbO8yETfZ9rLL1xv1JLirnfqLRAIfw5BXTcu1y7EqWu2TjyBdPYPPobbbGbg3oqMzL1tsvc4RE5m3jS%2FmrKuv6VPytyzZbBDYuNlnhsf90iDJ5dDiYCxcgYNuOfcwPfRtc5dZk%2Fow9dQnqVzjJepfVtW%2FiABdKxJGdzW5XydfNH58%2Fpdkal%2FWuZYwBsO5UH1m%2F7%2BgDEVM6EiwWMaegmOKxVqCU9kvKTbesKrJaqTPJjApieQoetKLb8lhYKaQnBcRWYrBOzLsgqA2q7gIDtyKwOpwA7zMIkHZ0OZmNl%2BP74fVoNZnPglT0PhiRGy5BiFiykIWDsuyso4T12BKBfBBEKuCTrMcZxXaU4G7i8uMNSQ84lZr8ehxQ3RU2SvxGoBGaJs%2FYbLQI9tty99HmP5Q%2Bk5RdrYgAJO96KqErgsWhHyBZz0d22ZTpE1lus0ccd5ChXwzi7lwxo6P7AVJcRMADBYxLpHCeqFb6SHLOo47U%2FaG57ElgOLueVN0phFLvyKOriqE3FJq9NzA9aXBvTlINHSk5i%2BJe2mslw0kdgwI%2FYpL6aOjJU9DeB04OgnUk11oftdExsoBeqxQcIWBXRB%2BZKwOnJJHW%2Fxr0kXBV7nHVjP9mx%2F0UhJ3j5%2BouzE2Hf4FPzBVe95vMvUzwQzFzr41fKxtzHV6gzhVL7zeQnYbNtbF4rxiVQFVEtaKC8ZhqQzUKDOVGSKoEVZxyvD7hCdL2unbr8DjhwxIbo9gbcC4El2%2BAXRAa3jjOQUfyjeOcOJNvQitpZJcxsjyg6Z4eLqQdGBM02nJU%2FQOrKR0rYgcAAA%3D%3D&ord=1292167861792&e=USC:1&z=0&bw=1600&cg=1644455626346&enc=UTF-8&v=4&cb=vjo.dsf.assembly.VjClientAssembler._callback0&_vrdm=1644455626346
Requested by: Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4js/en_GB/e695i/SYS-ZAM_vjo_e695i12382599_1_en_GB.js
Protocol: HTTP/1.1
Server: 23.59.171.9 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-59-171-9.deploy.static.akamaitechnologies.com
Software: ebay-proxy-server /
Resource Hash: 6fc7940b00673e7ad2f1fa084f1138a1f45ffc182553fece242c383c3f5503b3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
Server: ebay-proxy-server
x-ebay-pop-id: SLBRNOAZ03
Content-Type: application/x-javascript;charset=UTF-8
x-envoy-upstream-service-time: 25
rlogid: t6ndbulkgb%7Bq%3C%3Dosujbathmdc%7Fw%283cmt1*w%60ut3530-17ee1318868-0x233a
Connection: keep-alive
down-rlogids: MadronaExt-To-RTM=empty;MadronaExt-To-Madrona=t6mwrj9%3Fjqpktsn%281%7Fkol*w%60ut355%3F-17ee131886b-0x1df;
Content-Length: 789

GET
H/1.1 200
OK description-safe.html Show response
www.gremlins-in-it.com/ebayfraud/ Frame B4AE 8 KB
4 KB 1035ms
186ms Document
text/html 173.254.28.65
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gremlins-in-it.com/ebayfraud/description-safe.html
Requested by: Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html
Protocol: HTTP/1.1
Server: 173.254.28.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: just65.justhost.com
Software: Apache /
Resource Hash: 4d2f1899bee80c6a1aea1de74ddd22f0060654c5b7f8ea58292601b097ed57a2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/

Response headers

Date: Thu, 10 Feb 2022 01:13:47 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 12 Dec 2010 20:20:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3302
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H/1.1 200
OK sprIconsStatusMsg.png
p.ebaystatic.com/aw/pics/cmp/ds2/icons/ 2 KB
2 KB 44ms
44ms Image
image/png 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/ds2/icons/sprIconsStatusMsg.png

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

aa99d757c6ff19d30831f3887a4c9c3634835f9d9c0c8aa15727efd1b7cb501f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 288
Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: MISS from pics-cache-0:80
Akamai-GRN: , 0.3c99645f.1644455626.f4bff70
X-EdgeConnect-MidMile-RTT: 0
Connection: keep-alive
Content-Length: 1565
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK spriteToolbarIcons.gif
p.ebaystatic.com/aw/pics/cmp/icn/ 323 B
899 B 28ms
27ms Image
image/gif 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/icn/spriteToolbarIcons.gif

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2d284dd3709246e29de436f67fd85332c4265b74898ad2d2f124f57ab4721647

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from pics-cache-4:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Akamai-GRN: , , , , 0.7d99645f.1644455626.5c44be3
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 323
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK sprButtons.png
p.ebaystatic.com/aw/pics/cmp/ds2/ 11 KB
11 KB 78ms
54ms Image
image/png 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/ds2/sprButtons.png

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: MISS from pics-cache-3:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Akamai-GRN: , 0.7d99645f.1644455626.5c451e6
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 10896
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK sprAddToListImg.png
pics.ebaystatic.com/aw/pics/myebay/images/ 578 B
1 KB 35ms
35ms Image
image/png 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/myebay/images/sprAddToListImg.png

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cfe7279b9494be7db4f12feb543c915c164ed481249698065829948f693b475b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from pics-cache-0:80
Last-Modified: Tue, 30 May 2017 21:01:23 GMT
Server: Apache
Akamai-GRN: , , , , 0.986656b8.1644455626.774e43a7
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 578
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK sproverlaycrnspntslt.png
q.ebaystatic.com/aw/pics/cmp/ui/ 1 KB
2 KB 29ms
29ms Image
image/png 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/cmp/ui/sproverlaycrnspntslt.png

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e42b70b880ffaf18e9e69b2cf200b10a1a0462a504d41cf219508c2b488775f3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: MISS from pics-cache-3:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Akamai-GRN: , , , 0.986656b8.1644455626.774e3e81
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1406
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK sproverlaycrnspntsrt.png
p.ebaystatic.com/aw/pics/cmp/ui/ 3 KB
4 KB 50ms
25ms Image
image/png 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/ui/sproverlaycrnspntsrt.png

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8d2b883d8960ac4433027475a3693406d40a977d575bb369f78bf6c8e1f198b0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from slcpicscache-1939225:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Akamai-GRN: , , , , 0.7d99645f.1644455626.5c451e8
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3155
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK sprIconClose.gif
p.ebaystatic.com/aw/pics/cmp/icn/ 386 B
996 B 49ms
25ms Image
image/gif 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/icn/sprIconClose.gif

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

96417edb913ce16a159724fca2eaa4fed53eca92691c97b49220d19f44756436

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from rnopicscache-16126:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Akamai-GRN: , , , , , , 0.7d99645f.1644455626.5c451e9
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 386
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK eTRS_GradBtm.gif
p.ebaystatic.com/aw/pics/myebay/images/ 98 B
701 B 50ms
27ms Image
image/gif 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/myebay/images/eTRS_GradBtm.gif

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8fa94faacc7bc314c2afb1c2ebc551cf4706759d929be527c512d788036bb5b2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 441
Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: MISS from pics-cache-2:80
Akamai-GRN: , 0.7d99645f.1644455626.5c451bb
X-EdgeConnect-MidMile-RTT: 0
Connection: keep-alive
Content-Length: 98
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 May 2017 21:01:23 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK eTRS_GradTop.gif
q.ebaystatic.com/aw/pics/myebay/images/ 98 B
701 B 29ms
29ms Image
image/gif 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/myebay/images/eTRS_GradTop.gif

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

342761cf26f256b70913b6e614181476802c2637c63e564fee5928574dcf8f5d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 887
Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from pics-cache-1:80
Akamai-GRN: , 0.9b6656b8.1644455626.1b55d3a9
X-EdgeConnect-MidMile-RTT: 0
Connection: keep-alive
Content-Length: 98
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 May 2017 21:01:23 GMT
Server: Apache
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK iconGreenTick_10x10.gif
q.ebaystatic.com/aw/pics/icons/ 178 B
713 B 44ms
44ms Image
image/gif 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/icons/iconGreenTick_10x10.gif

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

37a7b3aaa9859ee31019a8b5f6b885b2083d8f8e6845508fd5e12d333089bf50

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from pics-cache-3:80
Last-Modified: Tue, 30 May 2017 20:59:39 GMT
Server: Apache
Akamai-GRN: , 0.9b6656b8.1644455626.1b55d816
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 178
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK sprTabs.png
q.ebaystatic.com/aw/pics/cmp/ds2/ui/ 290 B
909 B 52ms
52ms Image
image/png 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://q.ebaystatic.com/aw/pics/cmp/ds2/ui/sprTabs.png

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

16d0d7c037588627ad29366de1bbea2114bcee00024fec53a2d88d98f35b999b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from pics-cache-4:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Akamai-GRN: , , , , , , , 0.9b6656b8.1644455626.1b55d38f
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 290
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK sprTallCore.gif
pics.ebaystatic.com/aw/pics/nextGenVit/ 2 KB
2 KB 28ms
28ms Image
image/gif 104.75.89.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pics.ebaystatic.com/aw/pics/nextGenVit/sprTallCore.gif

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-144.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5d4d9a3030feca5b92c13719bc85a843042560a3c522477f54735c4269b48ea3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: MISS from pics-cache-1:80
Last-Modified: Tue, 30 May 2017 21:01:28 GMT
Server: Apache
Akamai-GRN: , , , 0.986656b8.1644455626.774e438b
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1754
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H/1.1 200
OK sprPanelGrads.gif
p.ebaystatic.com/aw/pics/cmp/ui/ 1 KB
2 KB 25ms
25ms Image
image/gif 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://p.ebaystatic.com/aw/pics/cmp/ui/sprPanelGrads.gif

Requested by

Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css

Protocol

HTTP/1.1

Server

2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-142-217.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

62380f6749b6867f93ffe6eff4f3dd0b584dc2b666ca2077c82291bc046f9887

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: HIT from lvspicscache-2505095:80
Last-Modified: Tue, 30 May 2017 20:58:47 GMT
Server: Apache
Akamai-GRN: , , 0.3c99645f.1644455626.f4c0080
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1180
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET eBayISAPI.dll
adjustdiscount.ebay.com/ws/ 0
0

GET
H2

200

!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG
i.ebayimg.com/06/
Redirect Chain

http://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG
https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG

1 KB
2 KB

188ms
188ms

Image
image/jpeg

2a02:26f0:fb:5a3::24d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

Server

2a02:26f0:fb:5a3::24d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ebay-proxy-server /

Resource Hash

a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:13:46 GMT
last-modified: Thu, 10 Feb 2022 01:13:46 GMT
server: ebay-proxy-server
x-ebay-pop-id: UFES2-FRA-zoe-anycast
akamai-grn: 0.5d99645f.1644455626.4802f090
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0,no-store,no-cache
x-envoy-upstream-service-time: 149
rlogid: t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*mu%7E2r%28rbpv6612-17ee1318743-0x14c
x-ebay-c-version: 1.0.0
content-length: 1359
x-cdn: AKAMAI
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found

Redirect headers

Location: https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found imgLoading_30x30.gif
p.ebaystatic.com/aw/pics/globalAssets/ 14 B
14 B 299ms
299ms Image
text/html 2.21.142.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p.ebaystatic.com/aw/pics/globalAssets/imgLoading_30x30.gif
Requested by: Host: include.ebaystatic.com
URL: http://include.ebaystatic.com/v4css/en_GB/e695i/BuyingApp_ViewItemShipping_e695i12360762_en_GB.css
Protocol: HTTP/1.1
Server: 2.21.142.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cb2f00d1e554baf96001ddb5e22ee63a8053fd3f8b6cad8acd74504af0dadb52

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://include.ebaystatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 269
Date: Thu, 10 Feb 2022 01:13:46 GMT
X-Cache-Lookup: MISS from pics-cache-4:80
Server: Apache
Akamai-GRN: 0.7d99645f.1644455626.5c45224
X-EdgeConnect-MidMile-RTT: 0
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=iso-8859-1
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 14
Expires: Fri, 10 Feb 2023 01:13:46 GMT

GET
H2

200

!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG
i.ebayimg.com/06/
Redirect Chain

http://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG
https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG

1 KB
2 KB

304ms
304ms

Image
image/jpeg

2a02:26f0:fb:5a3::24d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG

Requested by

Host: ebayfraud.gremlins-in-it.com
URL: http://ebayfraud.gremlins-in-it.com/200554108272-safe.html

Protocol

Server

2a02:26f0:fb:5a3::24d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ebay-proxy-server /

Resource Hash

a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://ebayfraud.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:13:46 GMT
last-modified: Thu, 10 Feb 2022 01:13:46 GMT
server: ebay-proxy-server
x-ebay-pop-id: UFES2-FRA-zoe-anycast
akamai-grn: 0.5d99645f.1644455626.4802f1cb
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0,no-store,no-cache
x-envoy-upstream-service-time: 269
rlogid: t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*5iev5%28rbpv6770-17ee131887f-0x145
x-ebay-c-version: 1.0.0
content-length: 1359
x-cdn: AKAMAI
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found

Redirect headers

Location: https://i.ebayimg.com/06/!B+5wtGw!2k~$(KGrHqV,!hEEzepdl-KTBNBLVTMd9w~~0_1.JPG
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK SYS-ZAM_vjo_e695i12382599_1_en_GB.js Show response
include.ebaystatic.com/v4js/en_GB/e695i/ Frame B4AE 101 KB
30 KB 31ms
30ms Script
application/javascript 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://include.ebaystatic.com/v4js/en_GB/e695i/SYS-ZAM_vjo_e695i12382599_1_en_GB.js
Requested by: Host: www.gremlins-in-it.com
URL: http://www.gremlins-in-it.com/ebayfraud/description-safe.html
Protocol: HTTP/1.1
Server: 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-51.deploy.static.akamaitechnologies.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 58ef83155aa48d61a90dd175d4a6510e664d46fbc83aace6d22d136f9717c9cb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://www.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 01:13:47 GMT
Content-Encoding: gzip
X-Cache-Lookup: MISS from pics-cache-4:80
Last-Modified: Wed, 01 Dec 2010 23:32:42 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "192b4-49661b8bcc135-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30626

GET
H2

200

imghost1.gif
ti2.auctiva.com/web/ Frame B4AE
Redirect Chain

http://ti2.auctiva.com/web/imghost1.gif
https://ti2.auctiva.com/web/imghost1.gif

402 B
891 B

56ms
31ms

Image
image/gif

2606:4700::6812:b3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ti2.auctiva.com/web/imghost1.gif
Requested by: Host: www.gremlins-in-it.com
URL: http://www.gremlins-in-it.com/ebayfraud/description-safe.html
Protocol: H2
Server: 2606:4700::6812:b3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9679c33dcf5e0eb8911450cdb75f4da37bf3e1a6d98a161d36a4ea95ba6b8c0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://www.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:13:47 GMT
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 16:54:01 GMT
server: cloudflare
age: 3216
etag: "5ce42d29-192"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6db17a19d9815a19-MXP
content-length: 402
expires: Thu, 10 Feb 2022 05:13:47 GMT

Redirect headers

Date: Thu, 10 Feb 2022 01:13:47 GMT
CF-Cache-Status: MISS
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Location: https://ti2.auctiva.com/web/imghost1.gif
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6db17a176c55374b-MXP
Expires: Thu, 10 Feb 2022 05:13:47 GMT

GET
H2

200

auctivablue88x33.gif
ti2.auctiva.com/web/ Frame B4AE
Redirect Chain

http://ti2.auctiva.com/web/auctivablue88x33.gif
https://ti2.auctiva.com/web/auctivablue88x33.gif

459 B
762 B

60ms
34ms

Image
image/gif

2606:4700::6812:b3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ti2.auctiva.com/web/auctivablue88x33.gif
Requested by: Host: www.gremlins-in-it.com
URL: http://www.gremlins-in-it.com/ebayfraud/description-safe.html
Protocol: H2
Server: 2606:4700::6812:b3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5279b7b761cb5f6cd98a17e1169e10b7096005621b1bbffaa383e5eabe599d33

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://www.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:13:47 GMT
cf-cache-status: HIT
last-modified: Mon, 20 May 2019 22:43:32 GMT
server: cloudflare
age: 329
etag: "5ce32d94-1cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6db17a19d9825a19-MXP
content-length: 459
expires: Thu, 10 Feb 2022 05:13:47 GMT

Redirect headers

Date: Thu, 10 Feb 2022 01:13:47 GMT
CF-Cache-Status: EXPIRED
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Location: https://ti2.auctiva.com/web/auctivablue88x33.gif
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6db17a176fb4375c-MXP
Expires: Thu, 10 Feb 2022 05:13:47 GMT

GET
H2

200

credLnk0.gif
ti2.auctiva.com/web/ Frame B4AE
Redirect Chain

http://ti2.auctiva.com/web/credLnk0.gif
https://ti2.auctiva.com/web/credLnk0.gif

557 B
829 B

76ms
39ms

Image
image/gif

2606:4700::6812:b3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ti2.auctiva.com/web/credLnk0.gif
Requested by: Host: www.gremlins-in-it.com
URL: http://www.gremlins-in-it.com/ebayfraud/description-safe.html
Protocol: H2
Server: 2606:4700::6812:b3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067f8fbb50f7f810da591c7f5c50af36421f2051407e2fd0233306cf91c9d26f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://www.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:13:47 GMT
cf-cache-status: HIT
last-modified: Mon, 20 May 2019 22:43:32 GMT
server: cloudflare
age: 3216
etag: "5ce32d94-22d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6db17a19d97e5a19-MXP
content-length: 557
expires: Thu, 10 Feb 2022 05:13:47 GMT

Redirect headers

Date: Thu, 10 Feb 2022 01:13:47 GMT
CF-Cache-Status: MISS
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Location: https://ti2.auctiva.com/web/credLnk0.gif
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6db17a176eff83a0-MXP
Expires: Thu, 10 Feb 2022 05:13:47 GMT

GET
H2

200

BYS_stampsmall.png
ti2.auctiva.com/images/ Frame B4AE
Redirect Chain

http://ti2.auctiva.com/images/BYS_stampsmall.png
https://ti2.auctiva.com/images/BYS_stampsmall.png

3 KB
3 KB

762ms
738ms

Image
image/png

2606:4700::6812:b3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ti2.auctiva.com/images/BYS_stampsmall.png
Requested by: Host: www.gremlins-in-it.com
URL: http://www.gremlins-in-it.com/ebayfraud/description-safe.html
Protocol: H2
Server: 2606:4700::6812:b3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd204140207000208d8b0b3c983d5cbb435e830fb665e60d1cb36889ffea674

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://www.gremlins-in-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:13:48 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 20 May 2019 22:43:31 GMT
server: cloudflare
etag: "5ce32d93-b3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6db17a19d9835a19-MXP
content-length: 2878
expires: Thu, 10 Feb 2022 05:13:48 GMT

Redirect headers

Date: Thu, 10 Feb 2022 01:13:47 GMT
CF-Cache-Status: MISS
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Location: https://ti2.auctiva.com/images/BYS_stampsmall.png
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6db17a176f0083a0-MXP
Expires: Thu, 10 Feb 2022 05:13:47 GMT

GET
H/1.1 200
OK Primary Request / Show response
ebayfraud.gremlins-in-it.com/ 1 KB
693 B 236ms
236ms Document
text/html 173.254.28.65
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ebayfraud.gremlins-in-it.com/
Requested by: Host: www.gremlins-in-it.com
URL: http://www.gremlins-in-it.com/ebayfraud/description-safe.html
Protocol: HTTP/1.1
Server: 173.254.28.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: just65.justhost.com
Software: Apache /
Resource Hash: 543bf1ddb68f48a0d71a5d13722175e1e05e45da32c487a7878477b9c1f263c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://www.gremlins-in-it.com/

Response headers

Date: Thu, 10 Feb 2022 01:13:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 454
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adjustdiscount.ebay.com
URL: http://adjustdiscount.ebay.com/ws/eBayISAPI.dll?AdjustDiscount&coupon=lnb-sh%2Cmh%2Crmhkldqf-ct%60qex%60ad

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.auctiva.com/	1970-01-20 00:47:37	Name: __cf_bm Value: UMupPzhOBflQC4QGzBK3NNzW1H5zdKPUuZjQDrICl0s-1644455628-0-Ad7hz7Z2Igxeaa5ug3MCpNYI919MP8VIeMZHWzYUf+iCCOJAGzBwIQGomt6sBsf7bWxp3mjUfLIR9L8WKZYV+T0=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://include.ebaystatic.com/v4js/en_GB/e695i/BuyingApp_Common_e695i12382599_6b_en_GB.js(Line 594) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://adjustdiscount.ebay.com/ws/eBayISAPI.dll?AdjustDiscount&coupon=lnb-sh%2Cmh%2Crmhkldqf-ct%60qex%60ad, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://include.ebaystatic.com/v4js/en_GB/e695i/BuyingApp_Common_e695i12382599_6b_en_GB.js(Line 594) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://adjustdiscount.ebay.com/ws/eBayISAPI.dll?AdjustDiscount&coupon=lnb-sh%2Cmh%2Crmhkldqf-ct%60qex%60ad, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://adjustdiscount.ebay.com/ws/eBayISAPI.dll?AdjustDiscount&coupon=lnb-sh%2Cmh%2Crmhkldqf-ct%60qex%60ad Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://p.ebaystatic.com/aw/pics/globalAssets/imgLoading_30x30.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adjustdiscount.ebay.com
ebayfraud.gremlins-in-it.com
i.ebayimg.com
include.ebaystatic.com
p.ebaystatic.com
pics.ebaystatic.com
q.ebaystatic.com
srx.uk.ebayrtm.com
ti2.auctiva.com
www.gremlins-in-it.com
adjustdiscount.ebay.com
104.75.89.144
104.75.89.51
173.254.28.65
2.21.142.217
23.59.171.9
2606:4700::6812:b3b
2a02:26f0:fb:5a3::24d4
067f8fbb50f7f810da591c7f5c50af36421f2051407e2fd0233306cf91c9d26f
07f41230a2b138ba2bdbc152cc5464f41104e4cebf5d438bcb29a14de4615086
12f7c45dd688626a0e98697d1a559b1621696e976e4ec3e836244162ec645509
16d0d7c037588627ad29366de1bbea2114bcee00024fec53a2d88d98f35b999b
1b82daca724d50260e0153fc653ab86d3d8acaa43f3b54ccd602cc3d3382c92d
1c6d0953d8cfb06f764fcbea215531f6ceb474f839a2587a030506eb597714e3
1fb8d9aa5a9d0c6cf9276033c09ac0b936aabb300844193ffd5b26cb306f1f45
28c61370900750efdb3fca11f1520bf70b42d544307fa21370012a9335f21ed2
2d284dd3709246e29de436f67fd85332c4265b74898ad2d2f124f57ab4721647
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
323f01c9e76a2b81fe79897d13d873fa9bd34617f4767503ad864497fadfe07c
342761cf26f256b70913b6e614181476802c2637c63e564fee5928574dcf8f5d
37a7b3aaa9859ee31019a8b5f6b885b2083d8f8e6845508fd5e12d333089bf50
4d2f1899bee80c6a1aea1de74ddd22f0060654c5b7f8ea58292601b097ed57a2
5279b7b761cb5f6cd98a17e1169e10b7096005621b1bbffaa383e5eabe599d33
543bf1ddb68f48a0d71a5d13722175e1e05e45da32c487a7878477b9c1f263c9
58ef83155aa48d61a90dd175d4a6510e664d46fbc83aace6d22d136f9717c9cb
5d4d9a3030feca5b92c13719bc85a843042560a3c522477f54735c4269b48ea3
603b931edd73d19d59444c80eb78766cbf7b71750cdee0fafb68bb20a1e5498a
60531d6ef692e14da848197b5a42c89be4c86d4a2274f0b183db7998e6b3e99b
62380f6749b6867f93ffe6eff4f3dd0b584dc2b666ca2077c82291bc046f9887
6fc7940b00673e7ad2f1fa084f1138a1f45ffc182553fece242c383c3f5503b3
83fc7606a282fc9519b1a10fb0e79c2173b36b0edba855083e5a2c8e973d15e2
8d2b883d8960ac4433027475a3693406d40a977d575bb369f78bf6c8e1f198b0
8fa94faacc7bc314c2afb1c2ebc551cf4706759d929be527c512d788036bb5b2
94f44ddf0f72a27ae3942d8fa931f77ee6e37cb3c70ceba999afaf0fe2220280
96417edb913ce16a159724fca2eaa4fed53eca92691c97b49220d19f44756436
9fcadad99f6f0a6c806a07e40b2ab1d62af9ca6b6c676986a8c10ada35e545a8
a3e3ad65ba206ab3d0e48cb298d6146c3e668c7eeb5bb359fe9ba54557f1f3de
a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a
a9f3c6e0cf13c366a319f0987d4365b5c2cef3ef164f9531bf069d622c38cd23
aa99d757c6ff19d30831f3887a4c9c3634835f9d9c0c8aa15727efd1b7cb501f
b0d54a527992b115bf825a7e49e26a1e016b6886c14e5d918fcd3d0836484d53
b9679c33dcf5e0eb8911450cdb75f4da37bf3e1a6d98a161d36a4ea95ba6b8c0
bf4d0e260729bd7513434c58566a5b0615d2bccb21afac31cfe3db84e9d28eb2
bfaf69a309b68f1bfb2f80cbfdac27dd0ad6feb9edf62bc5b449a897afb141b0
c0d1f6a77aeecef2a2aa60f8e85208319c62e3173e945ee0c10fa1ec89dfa1a0
c1c6797489b688fee26193cee1122b7716596d206eb53d50fe42f8aca0d60de8
cb2f00d1e554baf96001ddb5e22ee63a8053fd3f8b6cad8acd74504af0dadb52
cfe7279b9494be7db4f12feb543c915c164ed481249698065829948f693b475b
e42b70b880ffaf18e9e69b2cf200b10a1a0462a504d41cf219508c2b488775f3
eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae
fcd6f0b200fefaea4895b12af378cc2fad1a7504544fea07559d729e8f5f5c3e
fdd204140207000208d8b0b3c983d5cbb435e830fb665e60d1cb36889ffea674

ebayfraud.gremlins-in-it.com Open in urlscan Pro 173.254.28.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

48 Requests

0 %HTTPS

29 %IPv6

6 Domains

10 Subdomains

8 IPs

3 Countries

272 kBTransfer

725 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ebayfraud.gremlins-in-it.com Open in urlscan Pro
173.254.28.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

0 %
HTTPS

29 %
IPv6

6
Domains

10
Subdomains

8
IPs

3
Countries

272 kB
Transfer

725 kB
Size

1
Cookies

48 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!