webfiddle.net Open in urlscan Pro
2606:4700:3030::681f:5425 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Submission: On March 06 via api (March 6th 2020, 8:32:23 am UTC) from CA

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3030::681f:5425, located in United States and belongs to CLOUDFLARENET, US. The main domain is webfiddle.net.

This is the only time webfiddle.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3030::681f:5425	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:303... 2606:4700:3033::6812:2ee3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.10.191.100 52.10.191.100	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:303... 2606:4700:3033::681f:430e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	6

15 2606:4700:3030::681f:5425 (United States)

ASN13335 (CLOUDFLARENET, US)

webfiddle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6812:2ee3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thecatapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.thecatapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.10.191.100 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-191-100.us-west-2.compute.amazonaws.com

api.thecatapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::681f:430e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.addictingwordgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	webfiddle.net webfiddle.net	41 KB
3	thecatapi.com 2 redirects thecatapi.com api.thecatapi.com cdn2.thecatapi.com	291 KB
2	addictingwordgames.com 1 redirects www.addictingwordgames.com	312 B
2	google-analytics.com www.google-analytics.com	18 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
0	coin-hive.com Failed coin-hive.com Failed
21	6

	Domain	Requested by
15	webfiddle.net	webfiddle.net
2	www.addictingwordgames.com	1 redirects webfiddle.net
2	www.google-analytics.com	webfiddle.net
1	stats.g.doubleclick.net	webfiddle.net
1	cdn2.thecatapi.com	webfiddle.net
1	api.thecatapi.com	1 redirects
1	thecatapi.com	1 redirects
0	coin-hive.com Failed	webfiddle.net
21	8

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-28` - `2020-10-09`	10 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Frame ID: 05831C68A7FD8744B0D3F91677A1B675
Requests: 20 HTTP requests in this frame

Frame: https://www.addictingwordgames.com/
Frame ID: E2A8F05FD77D640C30D9D41353490469
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

21
Requests

24 %
HTTPS

83 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

348 kB
Transfer

418 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://thecatapi.com/api/images/get?format=src&type=gif HTTP 301
https://api.thecatapi.com/api/images/get?format=src&type=gif HTTP 302
https://cdn2.thecatapi.com/images/19n.gif

Request Chain 8

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 11

http://www.google-analytics.com/collect?v=1&_v=j81&a=989404537&t=pageview&_s=1&dl=http%3A%2F%2Fwebfiddle.net%2Fcats-d8c4vu%2Fwww.ebay.com%2Fmyb%2FSummary&ul=en-us&de=UTF-8&dt=Security%20Measure&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=2067901903&gjid=1966286696&cid=562506025.1583483523&tid=UA-57646272-1&_gid=669181739.1583483523&z=2109004129 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j81&a=989404537&t=pageview&_s=1&dl=http%3A%2F%2Fwebfiddle.net%2Fcats-d8c4vu%2Fwww.ebay.com%2Fmyb%2FSummary&ul=en-us&de=UTF-8&dt=Security%20Measure&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=2067901903&gjid=1966286696&cid=562506025.1583483523&tid=UA-57646272-1&_gid=669181739.1583483523&z=2109004129

Request Chain 13

http://www.addictingwordgames.com/ HTTP 301
https://www.addictingwordgames.com/

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set Summary Show response
webfiddle.net/cats-d8c4vu/www.ebay.com/myb/ 20 KB
8 KB 341ms
289ms Document
text/html 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary

Protocol

HTTP/1.1

Server

2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59fcf835e7ff122c59a0294f5108cca68a2b8c878a3d56d18b8c19c3cc1fb789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age= 31536000
X-Content-Type-Options	nosniff

Request headers

Host: webfiddle.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d8ff397e4cc610035fd58b5b34f205cd21583483521; expires=Sun, 05-Apr-20 08:32:01 GMT; path=/; domain=.webfiddle.net; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000, max-age= 31536000
x-content-type-options: nosniff
surrogate-control: no-store, bypass-cache
vary: Accept-Encoding, Accept-Encoding
rlogid: t6pbhnmpo%3D9whhpbhnmpo*mkr%60s(rbpv6710-170addf7407-0x1803
edge-control: no-store, bypass-cache
x-distil-cs: MISS
cache-control: max-age=2592000
X-Cloud-Trace-Context: b66f1b2c13785db429e42e5816eaa8a1;o=1
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 56fab94b8e78bf41-AMS
Content-Encoding: gzip

GET
H/1.1 200
OK 34wtddjp0q1v1dtu2elv5jwg4yf.css
webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/v/ 4 KB
2 KB 190ms
189ms Stylesheet
text/css 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/v/34wtddjp0q1v1dtu2elv5jwg4yf.css?proc=DU:N
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f57d9f391ad7f19e8534ba30f135746b71bcd2c81b09ef73fd1f8af29a1adee6

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:02 GMT
via: 1.1 slcincludecache-1959351 (squid)
x-cache-lookup: HIT from slcincludecache-1959351:80
x-cache: HIT
CF-Cache-Status: MISS
Connection: keep-alive
x-ebay-c-version: 1.0.0
Content-Encoding: gzip
Content-Length: 1733
last-modified: Wed, 08 May 2019 00:47:47 GMT
Server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
Content-Type: text/css;charset=UTF-8
access-control-allow-origin: *
X-Cloud-Trace-Context: c4377ad95256225af02ee9748f6f5118
cache-control: max-age=2592000
rlogid: t6q%60utuf%3C%3Dqkiufvuq%60%28755454%3A-16cda45b458-0xc2
x-ebay-request-id: 16cda45b-4580-a489-8562-c7a7ffafba2f![
Accept-Ranges: bytes
CF-RAY: 56fab94d892fbf41-AMS
access-control-allow-headers: *

GET
H/1.1 200
OK nkfytkqtoxtljvzb.js Show response
webfiddle.net/cats-d8c4vu/www.ebay.com/ 40 KB
12 KB 224ms
207ms Script
application/x-javascript 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://webfiddle.net/cats-d8c4vu/www.ebay.com/nkfytkqtoxtljvzb.js

Requested by

Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary

Protocol

HTTP/1.1

Server

2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c7bc3be291059a9a8f39a183c4fe1f91e390e6d7b319302ba5b30dcb9a7c686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:02 GMT
Content-Encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Server: cloudflare
surrogate-control: no-store, bypass-cache
strict-transport-security: max-age=31536000
Content-Type: application/x-javascript
X-Cloud-Trace-Context: 721285b85c4808ded0c1f5b475ea5929
cache-control: max-age=2592000
x-envoy-upstream-service-time: 49
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 56fab94d9e11d919-AMS
Content-Length: 11919

GET
H/1.1 200
OK fxxj3ttftm5ltcqnto1o4baovyl.png
webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/v/ 5 KB
5 KB 250ms
234ms Image
image/png 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/v/fxxj3ttftm5ltcqnto1o4baovyl.png
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:02 GMT
x-cache-lookup: HIT from lvsincludecache-2522848:80
rlogid: t6q%60utuf%3C%3Dosuufvuq%60%282%3F1466-16d6b8216b8-0xb8
CF-Cache-Status: MISS
Connection: keep-alive
x-ebay-c-version: 1.0.0
Content-Length: 4820
last-modified: Wed, 29 Oct 2014 18:09:24 GMT
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET
Content-Type: image/png
access-control-allow-origin: *
X-Cloud-Trace-Context: 8dc1350311c444added01f426db9f7d6
cache-control: max-age=2592000
warning: 113 lvsincludecache-2522848 (squid) This cache hit is still fresh and more than 1 day old
x-ebay-request-id: 16d6b821-6b80-ac79-7b06-52cbff0a0bec![
Accept-Ranges: bytes
CF-RAY: 56fab94d9c54d8f5-AMS
access-control-allow-headers: *

GET
H/1.1 200
OK distil_r_captcha.util.js Show response
webfiddle.net/cats-d8c4vu/www.ebay.com/ 2 KB
1 KB 253ms
245ms Script
application/x-javascript 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://webfiddle.net/cats-d8c4vu/www.ebay.com/distil_r_captcha.util.js

Requested by

Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary

Protocol

HTTP/1.1

Server

2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d88d9f89d6e1f4773c9fcefdf74b4a325825df2ad668f8a9c9a30b0edddce26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:02 GMT
Content-Encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Server: cloudflare
surrogate-control: no-store, bypass-cache
strict-transport-security: max-age=31536000
Content-Type: application/x-javascript
X-Cloud-Trace-Context: 93ae8c2969cca5a4737775d3d15a7cb4
cache-control: max-age=2592000
x-envoy-upstream-service-time: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 56fab94d8eb47329-AMS
Content-Length: 991

GET
H/1.1 200
OK gt.js Show response
webfiddle.net/cats-d8c4vu/static.geetest.com/static/tools/ 9 KB
4 KB 219ms
211ms Script
text/javascript 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://webfiddle.net/cats-d8c4vu/static.geetest.com/static/tools/gt.js
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da99a9fcec62584a8a85aaea4d27997d16ab4dea57b80d04a84428d4ec9d5f25

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:02 GMT
via: 1.1 ac6dab31eab7bf01ac5c815599928256.cloudfront.net (CloudFront)
x-oss-request-id: 5D8B372294A4523433669D55
content-md5: t++D9p4YvZwsYxpBKGp7Cw==
x-amz-cf-pop: ORD51-C3
x-cache: Hit from cloudfront
CF-Cache-Status: MISS
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2908
x-oss-object-type: Normal
last-modified: Wed, 24 Jul 2019 09:39:55 GMT
Server: cloudflare
vary: Accept-Encoding
Content-Type: text/javascript
X-Cloud-Trace-Context: 05397958b627f1023a754deb652e2b2f
cache-control: max-age=2592000
x-oss-storage-class: Standard
Accept-Ranges: bytes
CF-RAY: 56fab94d8fca9cc9-AMS
x-oss-hash-crc64ecma: 6752125362639036395
x-amz-cf-id: OmX9_1ocZSqzmd9DXg9OqtZ4mudPrmJIRLJ2YegVM2rcXzNPLQiwJQ==
x-oss-server-time: 0

GET
H/1.1 200
OK distil-ayLhwI07.js Show response
webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/c/ 3 KB
2 KB 315ms
304ms Script
application/x-javascript 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/c/distil-ayLhwI07.js
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f456b71c1bcef39def08ec317b08f595c34d591380ea57670d205956ebeb4ce6

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:02 GMT
Content-Encoding: gzip
x-cache-lookup: HIT from lvsaz01includecache-971932:80
rlogid: t6q%60utuf%3C%3Dosuufvuq%60%285%3F%3B5%3F13-1709c8d55db-0xe1
CF-Cache-Status: MISS
Connection: keep-alive
x-ebay-c-version: 1.0.0
Content-Length: 1402
last-modified: Fri, 12 Apr 2019 03:12:38 GMT
Server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
Content-Type: application/x-javascript
access-control-allow-origin: *
X-Cloud-Trace-Context: d37608515315ad82135b94e58d8320fb
cache-control: max-age=2592000
warning: 113 lvsaz01includecache-971932 (squid) This cache hit is still fresh and more than 1 day old
x-ebay-request-id: 1709c8d5-5db0-aaa2-abd3-c02bffc134e5![
Accept-Ranges: bytes
CF-RAY: 56fab94d9da22b5c-AMS
access-control-allow-headers: *

GET coinhive.min.js
coin-hive.com/lib/ 0
0

GET
H2

200

19n.gif
cdn2.thecatapi.com/images/
Redirect Chain

http://thecatapi.com/api/images/get?format=src&type=gif
https://api.thecatapi.com/api/images/get?format=src&type=gif
https://cdn2.thecatapi.com/images/19n.gif

289 KB
290 KB

769ms
711ms

Image
image/gif

2606:4700:3033::6812:2ee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.thecatapi.com/images/19n.gif
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:2ee3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4a2d8e61fb243bebe7a40a6b9bf25ad9abc49a9ad6db268690273f775f3cfa0

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 08:32:04 GMT
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: HIO50-C1
x-amz-meta-image_id: 19n
x-cache: Hit from cloudfront
status: 200
content-length: 295603
last-modified: Sun, 16 Sep 2018 08:10:40 GMT
server: cloudflare
etag: "4d8e63160f9ebed6fd6331ee0fbad805"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56fab9563b92bd96-AMS
x-amz-cf-id: YHXV_jwqjcjKul_QAZVR5UnFX_pixgsFbXxuwNsWGnTVca_iniP4WA==

Redirect headers

date: Fri, 06 Mar 2020 08:32:03 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
x-dns-prefetch-control: off
status: 302
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 113
x-xss-protection: 1; mode=block
x-response-time: 5ms
last-modified: Fri Mar 06 2020 08:32:03 GMT+0000 (Coordinated Universal Time)
server: nginx/1.16.1
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: text/html; charset=utf-8
location: https://cdn2.thecatapi.com/images/19n.gif
cache-control: post-check=0, pre-check=0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

44 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2392
date: Fri, 06 Mar 2020 07:52:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 06 Mar 2020 09:52:10 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK svg+xml;base64,PHN2ZyB3aWR0aD0iMTIxIiBoZWlnaHQ9IjEyMSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczpzdmc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KCjxnPgoJPGNpcmNsZSByPSIxMC4zIiBjeT0iNDIiIG...
webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/v/data:image/ 0
500 B 301ms
300ms Image
application/json 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/v/data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTIxIiBoZWlnaHQ9IjEyMSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczpzdmc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KCjxnPgoJPGNpcmNsZSByPSIxMC4zIiBjeT0iNDIiIGN4PSI2MCIgZmlsbD0iIzg2ODY4NiIvPgoKCTxwYXRoCiAgIGQ9Ik0gMTE4LjcsNzQuOCBDIDExMywxMDEuNSA4NywxMjAuNSA2MCwxMjAuNSBjIC03LjYsMCAtOS44LC00LjEgLTkuOCwtOSAwLC0zIDAsLTcgMCwtMTIgLTAsLTEyIDAsLTI2IDAsLTMxIDAsLTcuMyA0LjUsLTEwLjYgOS45LC0xMC42IDYsMCA5LjcsMy40IDkuNiwxMC42IEMgNzAsNzUuNSA3MCw4OC41IDcwLDEwMCA3Niw5OC41IDgyLDk1LjUgODYsOTEuNCA5NSw4NC41IDEwMSw3Mi41IDEwMC44LDYwIDEwMC43LDUyLjUgOTksNDQuNSA5NC40LDM4LjQgODQsMjQuNSA3NiwyMC41IDYwLDIwIDQ4LDE5LjUgMzYuNCwyNS40IDI5LDM0LjQgMjAsNDYuNSAxOC41LDU3LjYgMjEsNjkuNSBjIDIuMiwxMCA4LDE4IDE2LDI0IDcsNSA2LDEwIDMsMTQgQyAzNCwxMTYuNSAyNiwxMTAuNSAyMSwxMDYgMTAsOTcgMyw4NCAxLDcwIGwgMCwtMCBDIC0yLDQ3IDUsMjkgMjEsMTUgMjUsMTEgMzAsOCAzNSw1LjUgNDMsMiA1MSwwIDYwLDAgODMsMC41IDk3LDEwLjUgMTA3LjYsMjMgMTIwLDM5LjUgMTIzLDU2LjUgMTE4LjcsNzUgWiIgZmlsbD0iIzg2ODY4NiIgLz4KPC9nPgo8L3N2Zz4=
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/v/34wtddjp0q1v1dtu2elv5jwg4yf.css?proc=DU:N
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:02 GMT
x-cache-lookup: MISS from slcincludecache-3642993:80
Server: cloudflare
Content-Type: application/json
CF-Cache-Status: DYNAMIC
X-Cloud-Trace-Context: 25d7c738c3b9f426e95bfeaee0dcda8a
cache-control: max-age=2592000
rlogid: t6q%60utuf%3C%3Dpieufvuq%60%2856467%3F2-170ade00999-0xce
x-ebay-request-id: 170ade00-9990-abc3-1824-83b2fc389dc6![
Connection: keep-alive
x-ebay-c-version: 1.0.0
CF-RAY: 56fab94f9ea92b5c-AMS
Content-Length: 0

GET
H/1.1 200
OK f5uxsy10bmz05dtrtrqybl5qquv.png
webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/v/ 994 B
2 KB 314ms
313ms Image
image/png 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/v/f5uxsy10bmz05dtrtrqybl5qquv.png
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e0f4cd0590e2cf36c094d4226d70ccf2bc12107c46f3aeb8b3b5801396b44b0

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/ir.ebaystatic.com/rs/v/34wtddjp0q1v1dtu2elv5jwg4yf.css?proc=DU:N
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:02 GMT
x-cache-lookup: HIT from lvsaz01includecache-971932:80
rlogid: t6q%60utuf%3C%3Dosuufvuq%60%285610%3F4%3B-1708a6721f5-0xb6
CF-Cache-Status: MISS
Connection: keep-alive
x-ebay-c-version: 1.0.0
Content-Length: 994
last-modified: Fri, 12 Feb 2016 00:01:35 GMT
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET
Content-Type: image/png
access-control-allow-origin: *
X-Cloud-Trace-Context: 121741ea5fff67abc2bf49824a67ea31
cache-control: max-age=2592000
warning: 113 lvsaz01includecache-971932 (squid) This cache hit is still fresh and more than 1 day old
x-ebay-request-id: 1708a672-1f50-aa13-c415-5af7fc2f520c![
Accept-Ranges: bytes
CF-RAY: 56fab94f98817329-AMS
access-control-allow-headers: *

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j81&a=989404537&t=pageview&_s=1&dl=http%3A%2F%2Fwebfiddle.net%2Fcats-d8c4vu%2Fwww.ebay.com%2Fmyb%2FSummary&ul=en-us&de=UTF-8&dt=Security%20Measure&sd=...
https://www.google-analytics.com/collect?v=1&_v=j81&a=989404537&t=pageview&_s=1&dl=http%3A%2F%2Fwebfiddle.net%2Fcats-d8c4vu%2Fwww.ebay.com%2Fmyb%2FSummary&ul=en-us&de=UTF-8&dt=Security%20Measure&sd...

35 B
99 B

5ms
5ms

Image
image/gif

2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=989404537&t=pageview&_s=1&dl=http%3A%2F%2Fwebfiddle.net%2Fcats-d8c4vu%2Fwww.ebay.com%2Fmyb%2FSummary&ul=en-us&de=UTF-8&dt=Security%20Measure&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=2067901903&gjid=1966286696&cid=562506025.1583483523&tid=UA-57646272-1&_gid=669181739.1583483523&z=2109004129

Requested by

Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3132318
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j81&a=989404537&t=pageview&_s=1&dl=http%3A%2F%2Fwebfiddle.net%2Fcats-d8c4vu%2Fwww.ebay.com%2Fmyb%2FSummary&ul=en-us&de=UTF-8&dt=Security%20Measure&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=2067901903&gjid=1966286696&cid=562506025.1583483523&tid=UA-57646272-1&_gid=669181739.1583483523&z=2109004129
Non-Authoritative-Reason: HSTS

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 15ms
15ms Image
image/gif 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-57646272-1&cid=562506025.1583483523&jid=2067901903&gjid=1966286696&_gid=669181739.1583483523&_u=IGBAgEAB~&z=493015334

Requested by

Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 06 Mar 2020 08:32:02 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.addictingwordgames.com/ Frame E2A8
Redirect Chain

http://www.addictingwordgames.com/
https://www.addictingwordgames.com/

0
0

519ms
475ms

Document
text/html

2606:4700:3033::681f:430e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.addictingwordgames.com/
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:430e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.addictingwordgames.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary

Response headers

status: 200
date: Fri, 06 Mar 2020 08:32:05 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=db58882ac7c0471cc035324f8815b3bbb1583483525; expires=Sun, 05-Apr-20 08:32:05 GMT; path=/; domain=.addictingwordgames.com; HttpOnly; SameSite=Lax; Secure
cache-control: no-cache
x-cloud-trace-context: 49c374d83181e82a0debf4c523aca492;o=1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56fab9621d49720f-AMS
content-encoding: br

Redirect headers

Date: Fri, 06 Mar 2020 08:32:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 06 Mar 2020 09:32:05 GMT
Location: https://www.addictingwordgames.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 56fab96189a2bf37-AMS

POST
H/1.1 405
Method Not Allowed nkfytkqtoxtljvzb.js Show response
webfiddle.net/cats-d8c4vu/www.ebay.com/ 177 B
544 B 163ms
163ms XHR
text/html 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/nkfytkqtoxtljvzb.js?PID=6D4E4D1D-7094-375D-A439-0568A6A70836
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/nkfytkqtoxtljvzb.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64ed344468206ac95065bcf9decbdb1ef7589e2611ef6a34e78730ca862012a

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Origin: http://webfiddle.net
X-Distil-Ajax: yyabeafzbaaz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 06 Mar 2020 08:32:05 GMT
Allow: GET
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Cloud-Trace-Context: 34becb52cad893515adddbb925ca2a4f
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 56fab961d8527329-AMS

POST
H/1.1 405
Method Not Allowed distil_r_captcha_challenge Show response
webfiddle.net/cats-d8c4vu/www.ebay.com/ 177 B
544 B 157ms
156ms XHR
text/html 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/distil_r_captcha_challenge
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64ed344468206ac95065bcf9decbdb1ef7589e2611ef6a34e78730ca862012a

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Origin: http://webfiddle.net
X-Distil-Ajax: yyabeafzbaaz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:06 GMT
Allow: GET
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Cloud-Trace-Context: 74d163eda7d701723779701f485e1341
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 56fab9693e477329-AMS

POST
H/1.1 405
Method Not Allowed distil_r_captcha_challenge Show response
webfiddle.net/cats-d8c4vu/www.ebay.com/ 177 B
544 B 146ms
146ms XHR
text/html 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/distil_r_captcha_challenge
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64ed344468206ac95065bcf9decbdb1ef7589e2611ef6a34e78730ca862012a

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Origin: http://webfiddle.net
X-Distil-Ajax: yyabeafzbaaz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:07 GMT
Allow: GET
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Cloud-Trace-Context: 6bfda46a11c237070449184690e91951
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 56fab96d59847329-AMS

POST
H/1.1 405
Method Not Allowed distil_r_captcha_challenge Show response
webfiddle.net/cats-d8c4vu/www.ebay.com/ 177 B
544 B 147ms
147ms XHR
text/html 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/distil_r_captcha_challenge
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64ed344468206ac95065bcf9decbdb1ef7589e2611ef6a34e78730ca862012a

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Origin: http://webfiddle.net
X-Distil-Ajax: yyabeafzbaaz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:08 GMT
Allow: GET
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Cloud-Trace-Context: 7b25812d932a2717e708fd2fe61a6753
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 56fab9748f5a7329-AMS

POST
H/1.1 405
Method Not Allowed distil_r_captcha_challenge Show response
webfiddle.net/cats-d8c4vu/www.ebay.com/ 177 B
544 B 145ms
145ms XHR
text/html 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/distil_r_captcha_challenge
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64ed344468206ac95065bcf9decbdb1ef7589e2611ef6a34e78730ca862012a

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Origin: http://webfiddle.net
X-Distil-Ajax: yyabeafzbaaz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:10 GMT
Allow: GET
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Cloud-Trace-Context: 8e64b59013f0f8fbfc1cdc81ba2d4abc
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 56fab981fa207329-AMS

POST
H/1.1 405
Method Not Allowed distil_r_captcha_challenge Show response
webfiddle.net/cats-d8c4vu/www.ebay.com/ 177 B
706 B 151ms
150ms XHR
text/html 2606:4700:3030::681f:5425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/distil_r_captcha_challenge
Requested by: Host: webfiddle.net
URL: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Protocol: HTTP/1.1
Server: 2606:4700:3030::681f:5425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64ed344468206ac95065bcf9decbdb1ef7589e2611ef6a34e78730ca862012a

Request headers

Referer: http://webfiddle.net/cats-d8c4vu/www.ebay.com/myb/Summary
Origin: http://webfiddle.net
X-Distil-Ajax: yyabeafzbaaz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 06 Mar 2020 08:32:14 GMT
Allow: GET
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Cloud-Trace-Context: 1f0f3813fca90512a2180f567548a30a;o=1
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 56fab99bef717329-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: coin-hive.com
URL: https://coin-hive.com/lib/coinhive.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addictingwordgames.com/	1970-01-19 07:52:49	Name: _gid Value: GA1.2.1043078842.1583483526
.addictingwordgames.com/	1970-01-20 01:22:35	Name: _ga Value: GA1.2.754739577.1583483526
.webfiddle.net/	1970-01-19 07:51:23	Name: _gat Value: 1
.webfiddle.net/	1970-01-20 01:22:35	Name: _ga Value: GA1.2.562506025.1583483523
.webfiddle.net/	1970-01-19 07:52:49	Name: _gid Value: GA1.2.669181739.1583483523
.addictingwordgames.com/	1970-01-19 07:51:23	Name: _gat Value: 1
.webfiddle.net/	1970-01-19 08:34:35	Name: __cfduid Value: d8ff397e4cc610035fd58b5b34f205cd21583483521

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000, max-age= 31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.thecatapi.com
cdn2.thecatapi.com
coin-hive.com
stats.g.doubleclick.net
thecatapi.com
webfiddle.net
www.addictingwordgames.com
www.google-analytics.com
coin-hive.com
2606:4700:3030::681f:5425
2606:4700:3033::6812:2ee3
2606:4700:3033::681f:430e
2a00:1450:4001:81a::200e
2a00:1450:400c:c00::9b
52.10.191.100
2c7bc3be291059a9a8f39a183c4fe1f91e390e6d7b319302ba5b30dcb9a7c686
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0
59fcf835e7ff122c59a0294f5108cca68a2b8c878a3d56d18b8c19c3cc1fb789
7e0f4cd0590e2cf36c094d4226d70ccf2bc12107c46f3aeb8b3b5801396b44b0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9d88d9f89d6e1f4773c9fcefdf74b4a325825df2ad668f8a9c9a30b0edddce26
d4a2d8e61fb243bebe7a40a6b9bf25ad9abc49a9ad6db268690273f775f3cfa0
da99a9fcec62584a8a85aaea4d27997d16ab4dea57b80d04a84428d4ec9d5f25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ed344468206ac95065bcf9decbdb1ef7589e2611ef6a34e78730ca862012a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f456b71c1bcef39def08ec317b08f595c34d591380ea57670d205956ebeb4ce6
f57d9f391ad7f19e8534ba30f135746b71bcd2c81b09ef73fd1f8af29a1adee6

webfiddle.net Open in urlscan Pro 2606:4700:3030::681f:5425 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

24 %HTTPS

83 %IPv6

6 Domains

8 Subdomains

6 IPs

3 Countries

348 kBTransfer

418 kBSize

7 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

29 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

webfiddle.net Open in urlscan Pro
2606:4700:3030::681f:5425 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

24 %
HTTPS

83 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

348 kB
Transfer

418 kB
Size

7
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!