urlscan.io logo urlscan.io
SecurityTrails logo

thebaysale.com Open in urlscan Pro
172.67.200.181  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thebaysale.com/page/custom/shipping
Effective URL: https://thebaysale.com/page/custom/shipping
Submission: On July 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 38 HTTP transactions. The main IP is 172.67.200.181, located in United States and belongs to CLOUDFLARENET, US. The main domain is thebaysale.com.
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.
This is the only time thebaysale.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 172.67.200.181 13335 (CLOUDFLAR...)
17 172.67.190.225 13335 (CLOUDFLAR...)
1 192.229.221.25 15133 (EDGECAST)
2 43.152.26.151 139341 (ACE-AS-AP...)
2 2620:127:f00f... 13335 (CLOUDFLAR...)
1 23.227.38.74 13335 (CLOUDFLAR...)
1 2a03:2880:f08... 32934 (FACEBOOK)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2404:2280:1cc... 24429 (TAOBAO Zh...)
1 151.101.65.21 54113 (FASTLY)
1 151.101.1.35 54113 (FASTLY)
38 11
7    172.67.200.181 (United States)

ASN13335 (CLOUDFLARENET, US)
thebaysale.com
17    172.67.190.225 (United States)

ASN13335 (CLOUDFLARENET, US)
static.halomolly.com
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    43.152.26.151 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
cdn.halomolly.com
2    2620:127:f00f:e:: (Canada)

ASN13335 (CLOUDFLARENET, US)
www.picnictime.com
1    23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com
www.picnictime.com
1    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2404:2280:1cc:0:715::3fb (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
at.alicdn.com
1    151.101.65.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    151.101.1.35 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
19 halomolly.com
static.halomolly.com
cdn.halomolly.com
987 KB
7 thebaysale.com
thebaysale.com
18 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
14 KB
3 picnictime.com
www.picnictime.com
132 KB
2 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3110
t.paypal.com — Cisco Umbrella Rank: 3894
7 KB
1 alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 14978
44 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
59 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2807
187 KB
38 8
Domain Requested by
17 static.halomolly.com thebaysale.com
7 thebaysale.com thebaysale.com
static.halomolly.com
4 bat.bing.com thebaysale.com
bat.bing.com
3 www.picnictime.com thebaysale.com
2 cdn.halomolly.com thebaysale.com
1 t.paypal.com thebaysale.com
1 www.paypal.com www.paypalobjects.com
1 at.alicdn.com static.halomolly.com
1 connect.facebook.net thebaysale.com
1 www.paypalobjects.com thebaysale.com
38 10

This site contains no links.

Subject Issuer Validity Valid
thebaysale.com
WE1		 2024-06-19 -
2024-09-17		 3 months crt.sh
halomolly.com
WE1		 2024-06-06 -
2024-09-04		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-13 -
2025-06-12		 a year crt.sh
cdn.halomolly.com
Encryption Everywhere DV TLS CA - G2		 2024-05-16 -
2024-08-13		 3 months crt.sh
www.picnictime.com
R10		 2024-06-15 -
2024-09-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-14 -
2024-07-13		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2024-06-19 -
2025-07-21		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://thebaysale.com/page/custom/shipping
Frame ID: 3F2A81BE5DEA5B63A0362DCC4FE1AF66
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://thebaysale.com/page/custom/shipping HTTP 307
    https://thebaysale.com/page/custom/shipping Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

36 %
IPv6

8
Domains

10
Subdomains

11
IPs

4
Countries

1449 kB
Transfer

3573 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thebaysale.com/page/custom/shipping HTTP 307
    https://thebaysale.com/page/custom/shipping Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request shipping
thebaysale.com/page/custom/
Redirect Chain
  • http://thebaysale.com/page/custom/shipping
  • https://thebaysale.com/page/custom/shipping
53 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f5e9794b7ef9b3c815b2e91d5d995bc731a7a4eb1db1786ee01df0a80bcba02

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,from-origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89eb05c16af54d9c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 23:09:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWiLg5XRn8TdUvqR%2BqUhBf%2Bmd8JWLXHvf8UN%2FccuoNfHM94hKDONL9Zgg38eg84YoaxazQohkntJLrSOBCGlIJA8JFZzHK%2BYYTT7Dck%2BHX8qg05ZV2RCVPHFegUzcP21YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://thebaysale.com/page/custom/shipping
Non-Authoritative-Reason
HttpsUpgrades
styles.min.css
static.halomolly.com/liquid/buyer/public/css/ 		309 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/css/styles.min.css?t=20240628180420
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ba7f16497ef64c71ec2a20f476bd1ad5f86a8d1572f7ed42201009cad47981

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 26 Feb 2024 06:10:20 GMT
server
cloudflare
etag
W/"65dc2b4c-4d52d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YSJckviyoTI0Tu2acnwtqHOyRZEVu%2F7NebeLh4sryV3jIXHiCoJ5Gn8qDk3hznCiZfPeoHSHtbR961xo0%2FUGCR4mvP8I4E5trcHeXpXoyTWgxsj%2FZkooKE4Sbr3ffahv8kYW2z%2F9A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c4b8da9031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
mercury.comm.min.css
static.halomolly.com/liquid/buyer/public/css/ 		130 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/css/mercury.comm.min.css?t=20240628180420
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57154ef6137a3c8efc86da3737fd3db12f4480a1a4289c1227acb871eb75a404

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:24 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2784
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:37:21 GMT
server
cloudflare
etag
W/"65ae3751-2073a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBb%2BovfA0tvxAoqlgCAZDg0elrQJiicuRRy00DnbKend5RJ%2FBLkDagYrCikrvGsOi2sPGHkdPi0I0EkL8n%2FOvCDyZ2KjM2SbrBLQFnPsKc%2Fy%2BEJpPbk6N1zAT2mJkBxZXn0C9x44uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c4b8d29031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
init.js
static.halomolly.com/liquid/buyer/public/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/js/init.js
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b937c77a3a9fda104fa3a1cd772c90bbe7a897251f22986d28f14ffcbf80fade

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:40:18 GMT
server
cloudflare
etag
W/"65ae3802-49f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6jr5wnH6V%2BUcb2XgLRahDZNWzHLCLYzh1sb6nXZxR%2Fkxs8ttMfpS%2B45ZQopZBAO2%2FrtPqVhwmmjQwc6tEu8oBMfUgbG%2BwiUL7tCUT1aFuRPPaNcPMzqdcZBwkFHm7Oqi4jvYpzro%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c4b8d49031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
jquery.js
static.halomolly.com/liquid/buyer/public/js/plug/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/js/plug/jquery.js
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c42a7f762dff0348a739456ab0f0fc990921471759a548edb183b146942c9b5f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:40:23 GMT
server
cloudflare
etag
W/"65ae3807-16ca0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FqitZiiJxtW%2BeeMsgpdrUraGcyVGrMsGLqqdtlOwV%2FABBTuyGOTFuvG56bPMSgIv6Ee2rDpXj9BYKm8KZtDifjQRnl8A%2B7nyzyln2cy6%2Bw3p5%2BU%2F%2FFWhzVsPdbm2oMXDIi%2BpE0j6yA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c4b8d19031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
checkout.min.js
www.paypalobjects.com/api/ 		863 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA7) /
Resource Hash
39334fbe934e968bfef9157f7225d35f04e7df4187fa41da53a401b5f133dcac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
d5b302ced38f5
dc
ccg11-origin-www-1.paypal.com
content-length
191298
last-modified
Mon, 08 Apr 2024 16:30:23 GMT
server
ECAcc (frc/4CA7)
traceparent
00-0000000000000000000d5b302ced38f5-8075874755c8633d-01
etag
"66141b9f-d7a17+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 06 Jul 2024 23:09:25 GMT
Swiper.js
static.halomolly.com/liquid/buyer/public/js/plug/ 		121 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/js/plug/Swiper.js
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ef172aa4800b8232e983684503c2367e292ae8613839eb13517a6cae89620d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:40:25 GMT
server
cloudflare
etag
W/"65ae3809-1e56e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lkVfGZ7TvGlnCir7VSDMvBNHaRL%2FDnWfgp2%2FP8IHhqCA8dtje41xyk9q0fyRe%2BGOGeUbFZ7x2sXP%2BkUAJEZAlIHbcXeANSGvqFT8wFb3xBirZHgYkudIju7kBTsPvQzv33Yp3PSffg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c4b8d89031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
fingerprint2.min.js
static.halomolly.com/liquid/buyer/public/js/plug/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/js/plug/fingerprint2.min.js
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bbf62ad203c1261b1f628721481e4d387b4d3bece69aa9328e7e49a98b39375

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:40:22 GMT
server
cloudflare
etag
W/"65ae3806-71bc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gzcpY8gtvfupwrHx%2BbaEG40DB7%2Bp%2BpMstDYRt7ZRqoYdpZgHTZiKVvkoDenhw1K1uGPqeO4%2BR6P0XE2Wo2xVTPnXErGQWtpPwTnKmCPG5ixcFnEKjuvtmDEZ091GWY0AnO%2BrEdZBHw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c4b8d79031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
vendor.min.js
static.halomolly.com/liquid/buyer/public/js/plug/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/js/plug/vendor.min.js?t=20240628180420
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4969b843a43ccf269f98c052db8347b17795a6e0f97658b5c36e2cf4d3324b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:40:25 GMT
server
cloudflare
etag
W/"65ae3809-c86b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nrmR9wXGVy1a6QzxvLGcwxWYApQkHtdPWMq3WEg4CoUP4XVNKZgiwGFDQYjBQBW0ysGCpKpkHARdKGF5OeP4e8UsTO7uCHnO8pPVRTdrw8Tmw6NIpWHqrJFISnt47zJ6b4fD9%2FV%2Ffg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c4b8cf9031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2e9f0a61b7e344fd2c459b02e67f52dc.png
cdn.halomolly.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.halomolly.com/2e9f0a61b7e344fd2c459b02e67f52dc.png
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.151 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
dc500c9b60d77cfa62af23dd7875da401c1c0d009b80a28c3c714e0cdd6dfc06

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 21:07:07 GMT
x-cos-hash-crc64ecma
2275354753918868224
Last-Modified
Fri, 10 May 2024 08:12:46 GMT
Server
tencent-cos
X-Cache-Lookup
Cache Hit
Etag
"94936c530578515cdd1ca1d5196612d9"
Content-Type
image/png
x-cos-request-id
NjY3ZGQ0N2JfZmFlYzVlMGJfOGY1M180ZDAzMWI1
Access-Control-Allow-Origin
*
X-NWS-LOG-UUID
4723503355698655455
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4124
shipping_1_992x.jpg
www.picnictime.com/cdn/shop/files/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picnictime.com/cdn/shop/files/shipping_1_992x.jpg?v=1655920059
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44440802a1cf222214aa45a747066c957b447b111d6648fb5e25d16ff5ec9f71
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:24 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
178527
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=258.045, imageryFetch;dur=65.611, imageryProcess;dur=190.241;desc="image", cfRequestDuration;dur=13.999939, ipv6
source-length
29449
content-length
42854
x-xss-protection
1; mode=block
x-sorting-hat-shopid
56194301975
x-request-id
c3571caf-9314-4205-ad60-8798c82494b7-1720042437
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 03 Jul 2024 21:33:57 GMT
server
cloudflare
x-shopid
56194301975
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y99vpvQ9aSX4jHyN2G6ivQK0GZYdC6pdS9Uv7nBICjdo8SC6qTvACzxB%2BfoXwMQDcba2Zuy%2Bqi9CHJGSvM%2BElSQtvIvwEKOGHw2Vn0q9deX%2FAtkRyG8bJx%2B8qauWOKgEtadz%2FvOas%2BRgFF2%2F9Xg%2FFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89eb05c51c76906c-FRA
x-sorting-hat-podid
22
shipping_2_992x.png
www.picnictime.com/cdn/shop/files/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picnictime.com/cdn/shop/files/shipping_2_992x.png?v=1655920250
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9590fc43dc4448b02f2c0aad3782d5fe77f53c40d29914eeccab4a565507bfed
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:24 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=308.936, imageryFetch;dur=94.724, imageryProcess;dur=213.393;desc="image", cfRequestDuration;dur=158.999920, ipv6
source-length
19600
content-length
37738
x-xss-protection
1; mode=block
x-sorting-hat-shopid
56194301975
x-request-id
9bb07041-dcf0-4601-bad5-21ce0539e799-1718632328
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 13:52:09 GMT
server
cloudflare
x-shopid
56194301975
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXje8eC5l5mZ8yRqpkKteFhG8pQexlnt0DFbcdb2sD%2B4MnbJSd%2FNoGE%2BVdMGM1WqO1MjLSNLgtXEIeSCER87ZlkLGDpoNBsAXAqfnHdqEuwVloLlTMHpXX6sQFGZ3q4xcfeAk20hIBCvO6AKyZXOMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89eb05c57cb1906c-FRA
x-sorting-hat-podid
22
shipping_3_992x.jpg
www.picnictime.com/cdn/shop/files/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picnictime.com/cdn/shop/files/shipping_3_992x.jpg?v=1655920415
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
62b601c90d8b604bd7c3fdf56e8818af79189db3fe3978151bbb1d5b16a34860
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:24 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=257.979, imageryFetch;dur=96.681, imageryProcess;dur=160.091;desc="image", cfRequestDuration;dur=33.999920
source-length
36067
content-length
51960
x-xss-protection
1; mode=block
x-sorting-hat-shopid
56194301975
x-request-id
ef3637ca-c42f-4a07-a75c-70a1a6c06980-1720031318
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 03 Jul 2024 18:28:38 GMT
server
cloudflare
x-shopid
56194301975
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zc6sloIsJQfxvZGfBnkVZSjPeDvtyeZ6BoKPWUkO0RDnBaLUJLg%2FIkvhtePJHIgi33xgYFY%2FOlL9jtTc5hZeHlei0fWJ1mn2ob%2Fw3K1A24lLGlltxJzK4q06riPGL9gbZakH7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89eb05c6c83b368a-FRA
x-sorting-hat-podid
22
paypal.svg
static.halomolly.com/liquid/buyer/public/img/payment/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.halomolly.com/liquid/buyer/public/img/payment/paypal.svg
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbbe5813f53cf337acc360952a5bc1c623f42abc4160fd0304eb230cad45a55b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3424
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:39:51 GMT
server
cloudflare
etag
W/"65ae37e7-2151"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOBmH40cbsKJI1FFmBn1O%2BEv1nFzBkvpK9SkVCg7AEAq63esRj62wYCKYip%2B9%2Fv7veafzBkYXjQ7G96O1dhyfMcj%2B1qEuNVULuAxkuxAxjtOqWH8KUAbK2K4MDNEFbbRMbqjX18xRA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c83b279031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
visa1.svg
static.halomolly.com/liquid/buyer/public/img/payment/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.halomolly.com/liquid/buyer/public/img/payment/visa1.svg
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a91ec4e3e40185e8c894b5c158532373333331219b55f31b232895becd8e55ee

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3424
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:39:55 GMT
server
cloudflare
etag
W/"65ae37eb-e1e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=auXrNo3KI6K9ybeNndV6HliCRzy3WuHJTIGzjClgp%2FNfkzhgqn1Ho7VsQbt%2Bc4i83KU8RPEtLsE%2BHF6yeegRJsg8ZbncQwIx6jQ5mKeiAOvOgAoZllKIufASddSYkyAsSye4Gk7FZA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c83b2c9031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
maestro.svg
static.halomolly.com/liquid/buyer/public/img/payment/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.halomolly.com/liquid/buyer/public/img/payment/maestro.svg
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dacdee596e1bb252d671f8f0afb51c46981e37240c9d4b2377bb66129d4beec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:39:47 GMT
server
cloudflare
etag
W/"65ae37e3-20a8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2FJu5svR2sRJKrY7FMHgzAU8vl%2BEN6MR477llqKt0qUy8KByEXeB8kPwonQNX6iZW3JIfb5RfRTfhAcJjhj0%2FZdKtWVZq%2FDyyclcYAlKxqj8bmUwK3Okp6sYZwjcPqmlj6ls6dpadw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c83b2e9031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
JCB.svg
static.halomolly.com/liquid/buyer/public/img/payment/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.halomolly.com/liquid/buyer/public/img/payment/JCB.svg
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da46d31b6dbaa16a28a20af8be51bda99241c9348ba89f285d7c107afac0924a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:39:46 GMT
server
cloudflare
etag
W/"65ae37e2-1878"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXICNfqPdfuYsZ6AnOO4WB5WMtvcgFTLFO%2FjDRSCDPLSXv%2BLxdsI5kZTJV5SeybJsd%2BK%2FyUxeXWNY9TfiovGEkP5J6FK%2Fk62wwMHQbnDgdHftouQI9QtVd%2BJZ2w2blT%2BFu1izold7g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c83b309031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
AmericanExpress2.svg
static.halomolly.com/liquid/buyer/public/img/payment/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.halomolly.com/liquid/buyer/public/img/payment/AmericanExpress2.svg
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e97321f3ecfde922af0c6ef244a6b94fbace5fbd416ac58674b68d060ac67a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:39:40 GMT
server
cloudflare
etag
W/"65ae37dc-9b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJg%2FjHpQ0cnk54pmyvjOS9q7zT45WqpmCbyDiPvsjSyuHu9Gli8v9iv%2ByNAanSIQ%2FRweeU%2BqzEEhcvhcyUn120BkkixHfIkWmqqCuLSa8Em6IUDkUOTlk6WHJpNWQB0W67Opyu4GHg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c83b339031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
email-decode.min.js
thebaysale.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thebaysale.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/page/custom/shipping
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jul 2024 09:57:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66867220-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnoGjsaE2xgKg5ly2w8Y0vpfsmqRbFV0ABfc%2FlsryQ7eGKCPuteDjQzEAQ%2Fr2b%2B4bWKwS0x0csSjDAbkzCTh3gwH%2Bt43w4ElGfopiY2gnymFJtT1WcME9ep6YBv0GXOPgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
89eb05c8292e4d9c-FRA
expires
Sun, 07 Jul 2024 23:09:25 GMT
event.js
static.halomolly.com/liquid/buyer/public/js/lib/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/js/lib/event.js?t=20240628180420
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebaf6bc6b964e67863f620027ebc6b97992d3b2894c4d198c0e7789a3a79d08

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 09:40:19 GMT
server
cloudflare
etag
W/"65ae3803-1815"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mqlxc5XNw0WcD8ejU%2BQGmkLEgvfG8haOWgBzNt9qSS1QARG6WAOzoi8ihJxXtbDwJqAWn97S%2FwA67%2FKSrF6Lmom%2FnpCQ5F8yOC7lpi3Jiy1GlstYq1T0tiqW6623g0nt4vFDMdphgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c83b229031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
index.js
static.halomolly.com/liquid/buyer/public/js/lib/ 		767 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/js/lib/index.js?t=20240628180420
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f884fe6e0fceb1613158ca745a380504f155fd5078f3231bf42d4dca14d8412

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 29 May 2024 10:03:33 GMT
server
cloudflare
etag
W/"6656fd75-bfc17"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2BbAOR9rGh3qDysYpm%2BRzTi16sChwbTMTdBV5Rtr5%2BpXqtSPFHk01TOoWwVVxwkc%2Fvqyrbpc9BZ1BZXv%2Bhj2uDgtUJHxoVJ85P3y2Slt0dR%2F0oq7X2jSRYu4hVLlbLiwnPQtOgBWOw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
max-age=14400
cf-ray
89eb05c83b249031-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 05 Jul 2024 23:09:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
X6O0vu+LymDxguiwi2buFeT3x/rhhGqtIa3XhcFukkF+c7YzvILgtL4ggdhQ2D4S+XpZD8HrU5cMCpU2yo00JQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 05 Jul 2024 23:09:25 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8E066105E191467295EFD4A54D66F9E5 Ref B: FRA31EDGE0813 Ref C: 2024-07-05T23:09:25Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
Montserrat-Regular.ttf
static.halomolly.com/liquid/buyer/public/css/font/ 		357 KB
358 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/css/font/Montserrat-Regular.ttf?v=www.radiantelysium.com
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76753ec1419fdfb0e9d72d32a34aefbe4be4d83ae4c51d9932ef4f87f60e4a8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Origin
https://thebaysale.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
365480
last-modified
Mon, 22 Jan 2024 09:36:57 GMT
server
cloudflare
etag
"65ae3739-593a8"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CjMNEG7A29kKZItQO7NGVtG%2Fmij7mAUPWfs9g75NC9Ifp8fGN5MRy4jz7qKLN17MAxa8ecFHnSRvuyL84C6dQL2b8n52fib%2BQKOqhiMa5lQtzu5qwKbADiZxHOlfpB7ldbB1A4bZ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89eb05c8cbffbbdf-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Poppins-Medium.ttf
static.halomolly.com/liquid/buyer/public/css/font/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/css/font/Poppins-Medium.ttf?v=www.radiantelysium.com
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e554db189b5d944ef0e6f98ee0e4e8c75f69e95315dc9f4ae0c616a8756a2ba4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Origin
https://thebaysale.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
156480
last-modified
Mon, 22 Jan 2024 09:37:03 GMT
server
cloudflare
etag
"65ae373f-26340"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mljYXb9aNFMyjSySI63M%2F%2B8%2F%2BV3uFDBaaW6Accn4q30sRnI0xSxmvmFuAJ3hgO0JHhIhB%2FGEpI%2Bfbt8fLrQGuSZM9aenCYKkzF21aBJgPOWHZuqyBm8RMLKfuX%2Bt0O3EXhe82ATbbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89eb05c8cbfdbbdf-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
font_871426_ruo8njot5m.woff2
at.alicdn.com/t/c/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/c/font_871426_ruo8njot5m.woff2?t=1672307255203
Requested by
Host: static.halomolly.com
URL: https://static.halomolly.com/liquid/buyer/public/css/styles.min.css?t=20240628180420
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:715::3fb , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a1ed1bc80a5497d802537ac21e1c71a8afa4d2b0de3e38d0f93bc4257cfbe3ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.halomolly.com/
Origin
https://thebaysale.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 21:27:03 GMT
via
cache11.l2de2[402,401,200-0,M], cache25.l2de2[402,0], ens-cache1.de5[0,0,200-0,H], ens-cache15.de5[0,0]
x-oss-request-id
668713A7E54CE137377FD102
content-md5
1w1f9h976w4IGDi5jo7TFw==
age
92542
x-swift-cachetime
31104000
x-cache
HIT TCP_HIT dirn:12:814252122
x-swift-savetime
Thu, 04 Jul 2024 21:27:03 GMT
content-length
44376
x-oss-object-type
Normal
last-modified
Thu, 29 Dec 2022 09:47:35 GMT
server
Tengine
etag
"D70D5FF61F7BEB0E081838B98E8ED317"
vary
Origin
ali-swift-global-savetime
1720128423
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
7307610721410630316
eagleid
a3b55ca317202209653011003e
x-oss-server-time
1
Poppins-Regular.ttf
static.halomolly.com/liquid/buyer/public/css/font/ 		154 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.halomolly.com/liquid/buyer/public/css/font/Poppins-Regular.ttf?v=www.radiantelysium.com
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Origin
https://thebaysale.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:25 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
158192
last-modified
Mon, 22 Jan 2024 09:37:04 GMT
server
cloudflare
etag
"65ae3740-269f0"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QqN7qC1Mr6ue94UuH6pGqgmb4a1v4xgEGHgb%2Fy0%2Fj9FpK8VToXXlI50bAVwOV9D7BaNEvcHa9fXSnh8xdxuwQdZWayPBSJbUCNx5bsPVvwk8rMinZwRBGnhmDvqumJr5rW167q6sbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89eb05c8cbfabbdf-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
343132327.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/343132327.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 05 Jul 2024 23:09:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 05CFBEC40AAB410A999D08B4E70810C3 Ref B: FRA31EDGE0813 Ref C: 2024-07-05T23:09:25Z
x-cache
CONFIG_NOCACHE
pptm.js
www.paypal.com/tagmanager/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=thebaysale.com&source=checkoutjs&t=xo&v=4.0.343
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82ef74ca1712f76d79b9fc0d08e6449b2beccddf05a343dcdbb0a153fad8b885
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ZVnkQybBItnNs2e19370dGqoGepzuaWNmqGy8ksn2tgpNjLM' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ZVnkQybBItnNs2e19370dGqoGepzuaWNmqGy8ksn2tgpNjLM' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 23:09:26 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
HIT, MISS
paypal-debug-id
f640386212ac8
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4333
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220030-FRA, cache-fra-etou8220030-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f640386212ac8-ae5e941d53f7cc37-01
x-timer
S1720220966.919582,VS0,VE234
etag
W/"2f77-fIq9qnCon8TdoZhLWsbuxT4um1A"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
logger
thebaysale.com/buyer/statistics/ 		363 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thebaysale.com/buyer/statistics/logger
Requested by
Host: static.halomolly.com
URL: https://static.halomolly.com/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc87c640e1430d3c50517acb5306b857dac5989eaca62f66bbc9ca6409d64ae

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://thebaysale.com/page/custom/shipping
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://thebaysale.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7K7edD4N767Yi3XeOZiHdJ8q4LLodjTNoqC19ehxT6YWe4ft0IpipwNupHoIuzPlxG%2FEcRGOn7Zx9LTOvU0l54DTm37tIyOKuUqp2rECzgBNTaOqvcdE2Cn07s7DpRimg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
cf-ray
89eb05cc9d0b4d9c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,from-origin
alt-svc
h3=":443"; ma=86400
logger
thebaysale.com/buyer/statistics/ 		366 B
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thebaysale.com/buyer/statistics/logger
Requested by
Host: static.halomolly.com
URL: https://static.halomolly.com/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7833fe16015c0c2e428bd3610ad8235bd5079a9247cdd958d628fba6ea829d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://thebaysale.com/page/custom/shipping
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://thebaysale.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vm2XlofAH5zIZ183Bnj27YzWaNdodO5MMjfDyjsSygRUdVhkL1YMXqFvmJ7vXrxRaTWAAB%2FJnpQoyjJ4g8fKm42U2ZmduiQ9fnohVGnJiezfDjbnadQzKEnQnVq1evN2CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
cf-ray
89eb05ccad1b4d9c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,from-origin
alt-svc
h3=":443"; ma=86400
select-coupon
thebaysale.com/buyer/user/ 		64 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thebaysale.com/buyer/user/select-coupon
Requested by
Host: static.halomolly.com
URL: https://static.halomolly.com/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4703711ea16cb162ba38a8dbe7f7853c9ff2b6bfad91db2d0e98828d67387906

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://thebaysale.com/page/custom/shipping
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://thebaysale.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0Evn6jqI6MS1QusQNrX5iMA3Y4Q54AcKxbcjcUc1eg8Zc0EDK6scGWOcYipDd9yuGzTFDqzYkqcWFqI2xift6O5AFMtGZ0rc3iKmqpXm1wBcBmK97QZvpwWZNnZp0bc3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
cf-ray
89eb05cccd364d9c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,from-origin
alt-svc
h3=":443"; ma=86400
0
bat.bing.com/action/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=343132327&Ver=2&mid=f93c193d-06e7-4caf-9bc2-a8636e66e86b&sid=9f9430b03b2311efaa12cfe2661cfead&vid=9f944ee03b2311ef97c609a4d518a51a&vids=1&msclkid=N&pid=em%3Dd8d82a499d35eecab630a169fadfed387f7b1005c21f94e80f496c813e12a3b4%26ph%3Df11dc5034999f4d169947c65990f626f6d0a633af0b6ee1807fdc5756f39ce50&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fthebaysale.com%2Fpage%2Fcustom%2Fshipping&r=&lt=1890&evt=pageLoad&sv=1&rn=628589
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jul 2024 23:09:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C72B96006BDE440DAD710A73C6EC664E Ref B: FRA31EDGE0813 Ref C: 2024-07-05T23:09:25Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=343132327&Ver=2&mid=f93c193d-06e7-4caf-9bc2-a8636e66e86b&sid=9f9430b03b2311efaa12cfe2661cfead&vid=9f944ee03b2311ef97c609a4d518a51a&vids=1&msclkid=N&evt=pid&pid=em%3Dd8d82a499d35eecab630a169fadfed387f7b1005c21f94e80f496c813e12a3b4%26ph%3Df11dc5034999f4d169947c65990f626f6d0a633af0b6ee1807fdc5756f39ce50&rn=511329
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jul 2024 23:09:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AB809645072D490D940D5369E7143578 Ref B: FRA31EDGE0813 Ref C: 2024-07-05T23:09:25Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
ts
t.paypal.com/ 		42 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1720220966185&g=-120&completeurl=https%3A%2F%2Fthebaysale.com%2Fpage%2Fcustom%2Fshipping&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: thebaysale.com
URL: https://thebaysale.com/page/custom/shipping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Fri, 05 Jul 2024 23:09:26 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
85b9025883b07
server-timing
"traceparent;desc="00-000000000000000000085b9025883b07-11f87f57c3a3d8a1-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220057-FRA
pragma
no-cache
correlation-id
85b9025883b07
traceparent
00-000000000000000000085b9025883b07-fec54566a3441222-01
x-timer
S1720220966.323857,VS0,VE143
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jul 2024 23:09:26 GMT
cart
thebaysale.com/buyer/ 		910 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thebaysale.com/buyer/cart
Requested by
Host: static.halomolly.com
URL: https://static.halomolly.com/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a33cdd6c3a267e5ea1845445ff77747a7f6a78c6a5997e7b528555d41d9e15d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://thebaysale.com/page/custom/shipping
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://thebaysale.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QD2VcP49m9X550CuEjij9oZNp1R0KAplqLSItJ4y5hWUFx5t1yNLVmpINvG%2B5OHb%2FLQHmBXt4x1yzcCGzkIgRWJELsA4jsY63vfE7bE5Ph%2BwUsUs7ds0PGMqQAwmhvo%2Bew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
cf-ray
89eb05cf2f5a4d9c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,from-origin
alt-svc
h3=":443"; ma=86400
free-express
thebaysale.com/buyer/express/ 		71 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thebaysale.com/buyer/express/free-express
Requested by
Host: static.halomolly.com
URL: https://static.halomolly.com/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0b029ec1ff7ccd943edf3efdc4f14dda7ef13599ece87fd331e547b7545be31

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://thebaysale.com/page/custom/shipping
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:09:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://thebaysale.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkQGAaOIg%2FfCaRDW0Pxh41foY5MQCdq0rPTfHs8VfgTwDB9zxmHj9sgaIRtMpsHg%2B7vUSa%2B8TaTqYRv2SK3O1MZs5GSU%2BMP5Bm4JtkWVcT4LA5U62VQskSjZZv951j%2FOqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
cf-ray
89eb05d088804d9c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,from-origin
alt-svc
h3=":443"; ma=86400
a8c00dd9d806f64b448dd9b76d0ce1ad53032eb1.png
cdn.halomolly.com/uploader/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.halomolly.com/uploader/a8c00dd9d806f64b448dd9b76d0ce1ad53032eb1.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.151 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
d062f0a5a508d6e5eb23b9355e37d65cc43af16a471916bae00ba9653eab7daa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://thebaysale.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 10:12:35 GMT
x-cos-hash-crc64ecma
3568347945479400019
Last-Modified
Fri, 10 May 2024 08:13:22 GMT
Server
tencent-cos
X-Cache-Lookup
Cache Hit
Etag
"a08c3521d500fd6c067eb0107dfaf30e"
Content-Type
image/png
x-cos-request-id
NjY0NDhhOTNfMzZmMDVlMGJfMjZmNWFfMjM1Zjg=
Access-Control-Allow-Origin
*
X-NWS-LOG-UUID
11483806499723881162
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2223

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage number| dpr number| rem function| $ function| jQuery function| Swiper function| Fingerprint2 function| _createClass function| _classCallCheck function| _typeof object| NP_ENV object| $api object| $tracking object| $ossUpload boolean| isLazyLoad function| lazyLoad object| $asiabillPayment string| id function| setCookie function| getCookie string| clientId object| event_id_PageView function| fbq function| _fbq object| uetq function| replaceEmails boolean| bool object| jQuery1102047124606689863846 function| UET function| UET_init function| UET_push object| ueto_73b65c7b94 function| _defineProperty function| userLogin object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| paypal object| PAYPAL object| ppxo object| $plug object| $http function| stag function| sharetag function| conversionsApi object| $session object| paypalDDL

9 Cookies

Domain/Path Name / Value
.thebaysale.com/ Name: ssid
Value: 1126
.thebaysale.com/ Name: utuni
Value: b5e0344a31d5f843ed5c23f9c59b62446a40bbd22944e389c4e4cd696dff5d7da%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A2610179593%3B%7D
.thebaysale.com/ Name: client_id
Value: 1720220965113240
thebaysale.com/ Name: ga_utm
Value: {}
.thebaysale.com/ Name: _uetsid
Value: 9f9430b03b2311efaa12cfe2661cfead
.thebaysale.com/ Name: _uetvid
Value: 9f944ee03b2311ef97c609a4d518a51a
.bing.com/ Name: MUID
Value: 0A8F068374596CF5143B123075F56D62
.paypal.com/ Name: ts
Value: vreXpYrS%3D1814828966%26vteXpYrS%3D1720222766%26vr%3D8528ddff1900a8a345221820ff14124b%26vt%3D8528ddff1900a8a345221820ff14124a
.paypal.com/ Name: ts_c
Value: vr%3D8528ddff1900a8a345221820ff14124b%26vt%3D8528ddff1900a8a345221820ff14124a

2 Console Messages

Source Level URL
Text
recommendation warning URL: https://thebaysale.com/page/custom/shipping
Message:
[DOM] Found 2 elements with non-unique id #search_box: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://thebaysale.com/page/custom/shipping
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
bat.bing.com
cdn.halomolly.com
connect.facebook.net
static.halomolly.com
t.paypal.com
thebaysale.com
www.paypal.com
www.paypalobjects.com
www.picnictime.com
151.101.1.35
151.101.65.21
172.67.190.225
172.67.200.181
192.229.221.25
23.227.38.74
2404:2280:1cc:0:715::3fb
2620:127:f00f:e::
2620:1ec:c11::237
2a03:2880:f083:100:face:b00c:0:3
43.152.26.151
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
39334fbe934e968bfef9157f7225d35f04e7df4187fa41da53a401b5f133dcac
3dacdee596e1bb252d671f8f0afb51c46981e37240c9d4b2377bb66129d4beec
44440802a1cf222214aa45a747066c957b447b111d6648fb5e25d16ff5ec9f71
4703711ea16cb162ba38a8dbe7f7853c9ff2b6bfad91db2d0e98828d67387906
57154ef6137a3c8efc86da3737fd3db12f4480a1a4289c1227acb871eb75a404
5bbf62ad203c1261b1f628721481e4d387b4d3bece69aa9328e7e49a98b39375
5c4969b843a43ccf269f98c052db8347b17795a6e0f97658b5c36e2cf4d3324b
61ba7f16497ef64c71ec2a20f476bd1ad5f86a8d1572f7ed42201009cad47981
62b601c90d8b604bd7c3fdf56e8818af79189db3fe3978151bbb1d5b16a34860
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f884fe6e0fceb1613158ca745a380504f155fd5078f3231bf42d4dca14d8412
78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527
7ebaf6bc6b964e67863f620027ebc6b97992d3b2894c4d198c0e7789a3a79d08
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82ef74ca1712f76d79b9fc0d08e6449b2beccddf05a343dcdbb0a153fad8b885
8a33cdd6c3a267e5ea1845445ff77747a7f6a78c6a5997e7b528555d41d9e15d
8f5e9794b7ef9b3c815b2e91d5d995bc731a7a4eb1db1786ee01df0a80bcba02
9590fc43dc4448b02f2c0aad3782d5fe77f53c40d29914eeccab4a565507bfed
a1ed1bc80a5497d802537ac21e1c71a8afa4d2b0de3e38d0f93bc4257cfbe3ed
a91ec4e3e40185e8c894b5c158532373333331219b55f31b232895becd8e55ee
b7833fe16015c0c2e428bd3610ad8235bd5079a9247cdd958d628fba6ea829d4
b937c77a3a9fda104fa3a1cd772c90bbe7a897251f22986d28f14ffcbf80fade
c42a7f762dff0348a739456ab0f0fc990921471759a548edb183b146942c9b5f
cbbe5813f53cf337acc360952a5bc1c623f42abc4160fd0304eb230cad45a55b
d062f0a5a508d6e5eb23b9355e37d65cc43af16a471916bae00ba9653eab7daa
d76753ec1419fdfb0e9d72d32a34aefbe4be4d83ae4c51d9932ef4f87f60e4a8
da46d31b6dbaa16a28a20af8be51bda99241c9348ba89f285d7c107afac0924a
dc500c9b60d77cfa62af23dd7875da401c1c0d009b80a28c3c714e0cdd6dfc06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e554db189b5d944ef0e6f98ee0e4e8c75f69e95315dc9f4ae0c616a8756a2ba4
f0b029ec1ff7ccd943edf3efdc4f14dda7ef13599ece87fd331e547b7545be31
f2ef172aa4800b8232e983684503c2367e292ae8613839eb13517a6cae89620d
f9e97321f3ecfde922af0c6ef244a6b94fbace5fbd416ac58674b68d060ac67a
fbc87c640e1430d3c50517acb5306b857dac5989eaca62f66bbc9ca6409d64ae