"Normally" ? What refrain you from logging HTTP Body ? It's the same problem as logging HTTP query string.
You should consider everything you send over HTTPS public for the receiver in any way.
The passwords are not necessarily being captured in logfiles, that's a huge assumption. We don't know anything about how eBay stores and manages their web server logs.
