temu.com/s/p5WSktqDxlAyUb
20.83.139.214301 Moved Permanently 166 B URL HTTP/1.1 temu.com/s/p5WSktqDxlAyUb
IP 20.83.139.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /s/p5WSktqDxlAyUb HTTP/1.1
Host: temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Nginx
Date: Fri, 31 Mar 2023 18:52:32 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://temu.com/s/p5WSktqDxlAyUb
x-yak-request-id: 1680288752550-e64525885455aebda1ce2d2b455365e6
strict-transport-security: max-age=2592000
Set-Cookie: api_uid=CmzCXWQnK/AWewCyF0SbAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=temu.com; path=/
cip: 91.90.42.154
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15071
Expires: Fri, 31 Mar 2023 23:03:43 GMT
Date: Fri, 31 Mar 2023 18:52:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10136
Expires: Fri, 31 Mar 2023 21:41:28 GMT
Date: Fri, 31 Mar 2023 18:52:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Alert, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 18:16:12 GMT
content-type: application/json
age: 2180
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 374c9e295a804e605c402f48ae7e2446
967394b36ecdff2dd32842f878887f061024c6b3
7652dfcb9e2d620ce1d033be8ecc53166d2881154c15decd60899415e5ac2706
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7652DFCB9E2D620CE1D033BE8ECC53166D2881154C15DECD60899415E5AC2706"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8787
Expires: Fri, 31 Mar 2023 21:18:59 GMT
Date: Fri, 31 Mar 2023 18:52:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hM8Lj4S8klvG46l/m2zx5o5IKIyckeKS3yMduhXw+mW7Or7JxHxoxx6SEQzkM1H9ObDRcjhPz6w=
x-amz-request-id: 38ZKZNZ9SKK0JR77
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 18:12:17 GMT
age: 2415
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 18:52:32 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash c7b568ddef168590b6730d1055f5b462
98c15c6022bd3b2ea10e333b7fa96a61c07c7532
52acdbf1d1dae6d7d8893643a34bd2c070476133d2be221f694666bc5251310c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 31 Mar 2023 18:52:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 31 Mar 2023 14:46:02 GMT
Expires: Sat, 01 Apr 2023 14:46:02 GMT
ETag: "98c15c6022bd3b2ea10e333b7fa96a61c07c7532"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14927
Expires: Fri, 31 Mar 2023 23:01:20 GMT
Date: Fri, 31 Mar 2023 18:52:33 GMT
Connection: keep-alive
temu.com/s/p5WSktqDxlAyUb
20.121.111.193302 Found 0 B URL HTTP/2 temu.com/s/p5WSktqDxlAyUb
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/p5WSktqDxlAyUb HTTP/1.1
Host: temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: Nginx
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: text/html;charset=UTF-8
content-length: 0
location: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg
x-yak-request-id: 1680288753205-d604582e905d262cd3514cec06dc99c6
strict-transport-security: max-age=2592000
set-cookie: region=211; Expires=Sun, 30-Apr-23 18:52:33 GMT; Path=/
language=en; Expires=Sun, 30-Apr-23 18:52:33 GMT; Path=/
currency=USD; Expires=Sun, 30-Apr-23 18:52:33 GMT; Path=/
api_uid=CmzikGQnK/ElLQCGF6HdAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=temu.com; path=/
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
x-frame-options: SAMEORIGIN
cip: 91.90.42.154
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Expires, Retry-After, Cache-Control, Alert, Backoff, Pragma, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 18:17:26 GMT
age: 2107
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IRKpJafOCG0SImLZpfzdog==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h9hEawGn9PeuTmZXS+fC0Wm6qdc=
Date: Fri, 31 Mar 2023 18:52:33 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
104.18.28.69200 OK 19 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
IP 104.18.28.69:0
File type PNG image data, 470 x 328, 8-bit colormap, non-interlaced\012- data
Hash 5bcec11d2b497f3f16822b36489ec5b6
1823e11f2efaf6590e09e8f8178e09971f792f1b
41f753cb40c792a19a625a2434f7ded86b43376ce1813ef3bf056a7f52c6157c
GET /upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.kwcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: image/png
content-length: 18595
cache-control: max-age=31536000
last-modified: Fri, 09 Dec 2022 05:54:31 GMT
request-id: 80d484941c11447ed478757d3bffb391
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
age: 9713661
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca47d97cb50f-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fc0bc67cb73720019a64ebe2e6cc00a8
1caa960bc9bf478f88d9401ac9784d42641f513e
a8053d663c8bfb024620c710e40c226c0fc1c82620c511ffed5379ad4191acd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NSR6SG3
142.250.74.168200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NSR6SG3
IP 142.250.74.168:0
File type ASCII text, with very long lines (7937)
Hash 479281ecea2bee7f4e5d2b8df8ac1100
b194a3cd41365cc404c809682906b1399ede0ab3
2ad84ba7807a3fde39043f47784fd577e68a0eff7e853954507d9988ce647f7b
GET /gtm.js?id=GTM-NSR6SG3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Mar 2023 18:52:34 GMT
expires: Fri, 31 Mar 2023 18:52:34 GMT
cache-control: private, max-age=900
last-modified: Fri, 31 Mar 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5b6731341a66be32757ea461f5bd605a
f9a017cd1195d1eafb3839a899baf75f2e71958f
4bda8352f303d3fb71b8c4b2ecc9fbe75dcfc91dd2232260afb1e37ebbf139fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 209783de6947179bb32e0847243afa86
7b33cb46849a306fb062e738f7ae8ee579002b37
70f7d5b3729678b220771d90eba4035402e398ac2aa34bc2fd75ac2ec230c80f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 31 Mar 2023 18:52:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 30 Mar 2023 20:41:45 GMT
Expires: Fri, 31 Mar 2023 20:41:45 GMT
ETag: "7b33cb46849a306fb062e738f7ae8ee579002b37"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 209783de6947179bb32e0847243afa86
7b33cb46849a306fb062e738f7ae8ee579002b37
70f7d5b3729678b220771d90eba4035402e398ac2aa34bc2fd75ac2ec230c80f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 31 Mar 2023 18:52:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 30 Mar 2023 20:41:45 GMT
Expires: Fri, 31 Mar 2023 20:41:45 GMT
ETag: "7b33cb46849a306fb062e738f7ae8ee579002b37"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 209783de6947179bb32e0847243afa86
7b33cb46849a306fb062e738f7ae8ee579002b37
70f7d5b3729678b220771d90eba4035402e398ac2aa34bc2fd75ac2ec230c80f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 31 Mar 2023 18:52:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 30 Mar 2023 20:41:45 GMT
Expires: Fri, 31 Mar 2023 20:41:45 GMT
ETag: "7b33cb46849a306fb062e738f7ae8ee579002b37"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.temu.com/api/sec-csp/c/sec-gif
20.121.111.193200 OK 0 B URL HTTP/2 www.temu.com/api/sec-csp/c/sec-gif
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/sec-csp/c/sec-gif HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2247
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:34 GMT
content-length: 0
x-yak-request-id: 1680288754793-1e12e4b736f4a7540fb855097dd35955
access-control-allow-origin: https://www.temu.com
vary: Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680288754793|2
set-cookie: api_uid=Cm3Go2QnK/LBnQEpHxbSAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 6b9db56ed2f255d259aca9619d8ed02b
c05de4e2c3353bae604ce8bfcf9bd2ffb5a4ff84
344059e80abc593777df7fcb2a023ff0144b6fcbd05b268af2145fbb99a8cea7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 31 Mar 2023 18:52:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 30 Mar 2023 21:01:03 GMT
Expires: Fri, 31 Mar 2023 21:01:03 GMT
ETag: "c05de4e2c3353bae604ce8bfcf9bd2ffb5a4ff84"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8755
Expires: Fri, 31 Mar 2023 21:18:30 GMT
Date: Fri, 31 Mar 2023 18:52:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7ea999a491ab4009f8658e78af2bfb94
f0cbd3d48c9081acfdeb53adf55135dba5bbe08b
d159c0baaa0869f3e69e16ea482178e6184d68cb6f5ae8a6156955488fd415fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 78a93851c07bc72ae322b9ce9c30d14b
0e0c93f5f97a510f3471de81aa9a65657f06b15e
8e75431d6476416e81fd1af92e592a6159793131ad428d101af1499705464a65
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4001
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:52:35 GMT
Last-Modified: Fri, 31 Mar 2023 17:45:54 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:23 GMT
age: 75912
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4950e24a0440a020b30c6874c98f75bd
3b15a0974242f132b9b2c664a19a3c3e37472cab
36fca91cbb3cce32e2754454af341bb4dec9bf5f202858cca1ce1397baf8a411
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.kwcdn.com/m-assets/assets/js/biz_vendors_12a74584d20cbcbd631d.js
104.18.28.69200 OK 94 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/biz_vendors_12a74584d20cbcbd631d.js
IP 104.18.28.69:0
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Hash a683059081ed9938f1b6f1c463b10645
78c5851648418b89dcc363351ade9f98cc8a65bf
2626b94975cc756b95185d835a94b04ab90742adb62fffe294680c319dd7c969
GET /m-assets/assets/js/biz_vendors_12a74584d20cbcbd631d.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: 5wc/JmsgWQZDdC+R4jVpiA==
etag: W/"e7073f266b20590643742f91e2356988"
last-modified: Fri, 31 Mar 2023 09:44:07 GMT
x-content-type-options: nosniff
x-pos-request-id: 289bd5b2-e01e-0085-30b5-6305a7000000
cf-cache-status: HIT
age: 31387
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca46ef010afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/1671_684879ed3db538ab4cfb.js
104.18.28.69200 OK 54 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/1671_684879ed3db538ab4cfb.js
IP 104.18.28.69:0
File type Unicode text, UTF-8 text, with very long lines (65488), with no line terminators
Hash 530ca982b46c28f28d45235f466608f2
feb6552c86e8328d1ed97714605eca7f7abfd126
9fc5264b602de3bcdec336f0493aba3466195ece4b579782df0fe2e394521db0
GET /m-assets/assets/js/1671_684879ed3db538ab4cfb.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: ZeBh2j+KSxsX/iXkS6nHoA==
etag: W/"65e061da3f8a4b1b17fe25e44ba9c7a0"
last-modified: Fri, 31 Mar 2023 05:32:53 GMT
x-content-type-options: nosniff
x-pos-request-id: 4251dcc8-b01e-0074-4a92-638bf0000000
cf-cache-status: HIT
age: 46945
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca46ef030afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/dawn_common_popup_sku_16f2d53a08ea1a8e4e96.js
104.18.28.69200 OK 97 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/dawn_common_popup_sku_16f2d53a08ea1a8e4e96.js
IP 104.18.28.69:0
File type Unicode text, UTF-8 text, with very long lines (65502), with no line terminators
Hash efc0b0070f326f1510002b90baa22ddc
9019a726ba402a3b055bed081de3dff265b6e75a
385b9bc432f2f19224170324df129538722bddac0575e2cf544455c46db5dcda
GET /m-assets/assets/js/dawn_common_popup_sku_16f2d53a08ea1a8e4e96.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: UoGJuIdZ17Fg8MHNw9jwEg==
etag: W/"528189b88759d7b160f0c1cdc3d8f012"
last-modified: Fri, 31 Mar 2023 09:44:08 GMT
x-content-type-options: nosniff
x-pos-request-id: e6277423-501e-0086-40b5-6378a1000000
cf-cache-status: HIT
age: 31387
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca46deed0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41f0baa1423dbd529f6c47bd51fe708f
f09b44f30b63f5e29dd247f592147ffc6b308e72
313b769259453565919ab14410faea927a23ad75636abc57851dfe67d43ea156
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4370
x-amzn-requestid: 5791c184-d5eb-4666-bc94-f838cd0183af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllHrcIAMFSWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-15fb3d2f67359d6837df5d0d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: opMjAWEDBvz7pKcnuQrmD_7njQ0X28fR3Ngnoe7WI96zNNNt9oQL5A==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 09:17:34 GMT
age: 34501
etag: "f09b44f30b63f5e29dd247f592147ffc6b308e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39bdd16276747b1445a79e674a2a3347
d0676f63738484298a78b7abf7e4934c3d256065
67aa526299060c2a39c4baa10fd03f121497dccd5e765676639ed73ac529c34b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11061
x-amzn-requestid: 428128ec-c441-4ff7-9c84-880a01672b00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVFnFf0IAMFTvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260223-185c48300f161931310fa35f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: gc77o7y-moH1HuMEZFe9-00DVAda9baa-5VEPlMA4SIZDJNzQ8jUlA==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:49:08 GMT
etag: "d0676f63738484298a78b7abf7e4934c3d256065"
content-type: image/jpeg
age: 75807
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:44:51 GMT
age: 76064
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0530376e431b6563796e4abb0db0bc4e
6921f4bd83a806e1ea8247854ad4c045fa7ee298
d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnTEztoAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: AdbJgoCBGJGvjP53lBj3_GWyuRF8O_fgNTPPEjUmFmyRxMQl2pgTzw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:54:29 GMT
age: 75486
etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/408_957588f94dea5d81cf5b.js
104.18.28.69200 OK 42 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/408_957588f94dea5d81cf5b.js
IP 104.18.28.69:0
File type Unicode text, UTF-8 text, with very long lines (65148), with no line terminators
Hash 192b0abe38a655694e5c46cece98888c
bd7e24c3c0bcf9e55e92d789bfa68ed3fb2595cb
40a5a55aacc6edbbd00892998816b353ef3f184f24658d8049d1d3d09a993442
GET /m-assets/assets/js/408_957588f94dea5d81cf5b.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: hYtvLcCJJIV5vaao4GAGcQ==
etag: W/"858b6f2dc089248579bda6a8e0600671"
last-modified: Fri, 31 Mar 2023 05:32:53 GMT
x-content-type-options: nosniff
x-pos-request-id: a41cf6d5-d01e-008e-6992-6320b0000000
cf-cache-status: HIT
age: 46945
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca46eef90afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 78a93851c07bc72ae322b9ce9c30d14b
0e0c93f5f97a510f3471de81aa9a65657f06b15e
8e75431d6476416e81fd1af92e592a6159793131ad428d101af1499705464a65
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5631
Cache-Control: max-age=93633
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:52:35 GMT
Etag: "6425e0b5-1d7"
Expires: Sat, 01 Apr 2023 20:53:08 GMT
Last-Modified: Thu, 30 Mar 2023 19:19:17 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7ea999a491ab4009f8658e78af2bfb94
f0cbd3d48c9081acfdeb53adf55135dba5bbe08b
d159c0baaa0869f3e69e16ea482178e6184d68cb6f5ae8a6156955488fd415fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
us.matk.temu.com/web/wtm
13.107.238.53200 OK 0 B IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web/wtm HTTP/1.1
Host: us.matk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1559
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; _gcl_au=1.1.258690656.1680288754
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
content-type: application/octet-stream
expires: Fri, 31 Mar 2023 18:52:34 GMT
vary: Accept-Encoding
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
x-cache: CONFIG_NOCACHE
x-azure-ref: 08isnZAAAAAD6BGYsmypzTZWKkxBzBebpQ1BIMzBFREdFMDQxNwBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
date: Fri, 31 Mar 2023 18:52:34 GMT
content-length: 0
X-Firefox-Spdy: h2
us.matk.temu.com/web/wtm
13.107.238.53200 OK 0 B IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web/wtm HTTP/1.1
Host: us.matk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1575
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; _gcl_au=1.1.258690656.1680288754; _bee=IyubPAqak8H6y3MvFxwcAzCHSeC47ape; njrpl=IyubPAqak8H6y3MvFxwcAzCHSeC47ape; dilx=Gyvl4Hn0YplqsEszC3oOG; hfsc=L32CeIs44Tn915LKeg==; _ga_R8YHFZCMMX=GS1.1.1680288753.1.0.1680288753.60.0.0; _ga=GA1.1.776704758.1680288754
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
content-type: application/octet-stream
expires: Fri, 31 Mar 2023 18:52:34 GMT
vary: Accept-Encoding
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
x-cache: CONFIG_NOCACHE
x-azure-ref: 08isnZAAAAAB9u9Ab0oJSSZZ6NGdPRi5/Q1BIMzBFREdFMDQxNwBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
date: Fri, 31 Mar 2023 18:52:34 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4950e24a0440a020b30c6874c98f75bd
3b15a0974242f132b9b2c664a19a3c3e37472cab
36fca91cbb3cce32e2754454af341bb4dec9bf5f202858cca1ce1397baf8a411
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.temu.com/api/sec-csp/c/sec-gif
20.121.111.193200 OK 0 B URL HTTP/2 www.temu.com/api/sec-csp/c/sec-gif
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/sec-csp/c/sec-gif HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3807
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:35 GMT
content-length: 0
x-yak-request-id: 1680288755289-e27e3843afdc17ace9f19db1d27dfdca
access-control-allow-origin: https://www.temu.com
vary: Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680288755289|2
set-cookie: api_uid=Cm2GomQnK/O6BQEGHxDAAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33t0&_p=1141187806&_gaz=1&cid=776704758.1680288754&ul=en-us&sr=1280x1024&_s=1&sid=1680288753&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjOAz0m0gMZjHA4JbjepVa%26refer_share_channel%3Dsnapchat_chat%26refer_share_suin%3DBBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM%26group_sn%3D230331-3778EDF6AF5284DA3081%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D98863876%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg&dt=Get%20Free%20Gifts&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33t0&_p=1141187806&_gaz=1&cid=776704758.1680288754&ul=en-us&sr=1280x1024&_s=1&sid=1680288753&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjOAz0m0gMZjHA4JbjepVa%26refer_share_channel%3Dsnapchat_chat%26refer_share_suin%3DBBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM%26group_sn%3D230331-3778EDF6AF5284DA3081%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D98863876%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg&dt=Get%20Free%20Gifts&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33t0&_p=1141187806&_gaz=1&cid=776704758.1680288754&ul=en-us&sr=1280x1024&_s=1&sid=1680288753&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjOAz0m0gMZjHA4JbjepVa%26refer_share_channel%3Dsnapchat_chat%26refer_share_suin%3DBBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM%26group_sn%3D230331-3778EDF6AF5284DA3081%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D98863876%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg&dt=Get%20Free%20Gifts&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Fri, 31 Mar 2023 18:52:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33t0&_p=1141187806&cid=776704758.1680288754&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1680288753&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjOAz0m0gMZjHA4JbjepVa%26refer_share_channel%3Dsnapchat_chat%26refer_share_suin%3DBBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM%26group_sn%3D230331-3778EDF6AF5284DA3081%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D98863876%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg&dt=Get%20Free%20Gifts&en=scroll&epn.percent_scrolled=90&_et=8
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33t0&_p=1141187806&cid=776704758.1680288754&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1680288753&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjOAz0m0gMZjHA4JbjepVa%26refer_share_channel%3Dsnapchat_chat%26refer_share_suin%3DBBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM%26group_sn%3D230331-3778EDF6AF5284DA3081%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D98863876%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg&dt=Get%20Free%20Gifts&en=scroll&epn.percent_scrolled=90&_et=8
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33t0&_p=1141187806&cid=776704758.1680288754&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1680288753&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjOAz0m0gMZjHA4JbjepVa%26refer_share_channel%3Dsnapchat_chat%26refer_share_suin%3DBBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM%26group_sn%3D230331-3778EDF6AF5284DA3081%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D98863876%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg&dt=Get%20Free%20Gifts&en=scroll&epn.percent_scrolled=90&_et=8 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Fri, 31 Mar 2023 18:52:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=776704758.1680288754>m=45je33t0&aip=1
64.233.161.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=776704758.1680288754>m=45je33t0&aip=1
IP 64.233.161.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX&cid=776704758.1680288754>m=45je33t0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Fri, 31 Mar 2023 18:52:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bd5f736130efca53385a376507e64fbd
60e4def162522bc32731cd670834c76d763e83d4
aa03ff80ff8b3e95f9ff11ad9efaee8a0e4d6dbb4e6acdf36e5fe4a06212625f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/10974797857/?random=1680288753756&cv=11&fst=1680285600000&bg=ffffff&guid=ON&async=1>m=45He33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjO&frm=0&tiba=Get%20Free%20Gifts&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3566244475&rmt_tld=0&ipr=y
142.250.74.4200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10974797857/?random=1680288753756&cv=11&fst=1680285600000&bg=ffffff&guid=ON&async=1>m=45He33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjO&frm=0&tiba=Get%20Free%20Gifts&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3566244475&rmt_tld=0&ipr=y
IP 142.250.74.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10974797857/?random=1680288753756&cv=11&fst=1680285600000&bg=ffffff&guid=ON&async=1>m=45He33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjO&frm=0&tiba=Get%20Free%20Gifts&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3566244475&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 18:52:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a013b8698c4ff7b527a98379d21f8d51
4cffc2d5925e6daea086b70fecc3e12fd2a75b8d
28f02fdf4c2167dbfc6bd7530f24586626b50b5440f4d1747d31be0d800946f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjOAz0m0gMZjHA4JbjepVa%26refer_share_channel%3Dsnapchat_chat%26refer_share_suin%3DBBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM%26group_sn%3D230331-3778EDF6AF5284DA3081%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D98863876%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg&rl=&if=false&ts=1680288754785&sw=1280&sh=1024&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1680288754784.222992240&it=1680288754438&coo=false&tm=1&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjOAz0m0gMZjHA4JbjepVa%26refer_share_channel%3Dsnapchat_chat%26refer_share_suin%3DBBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM%26group_sn%3D230331-3778EDF6AF5284DA3081%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D98863876%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg&rl=&if=false&ts=1680288754785&sw=1280&sh=1024&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1680288754784.222992240&it=1680288754438&coo=false&tm=1&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26outside_pool_type%3D1%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099514021774%26h5_back_retention_pop%3Dfalse%26gs_comp_nickname%3DJa***rt%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1680312986%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D78fegEuTe2cjOAz0m0gMZjHA4JbjepVa%26refer_share_channel%3Dsnapchat_chat%26refer_share_suin%3DBBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM%26group_sn%3D230331-3778EDF6AF5284DA3081%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D98863876%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg&rl=&if=false&ts=1680288754785&sw=1280&sh=1024&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1680288754784.222992240&it=1680288754438&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 31 Mar 2023 18:52:35 GMT
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 6b9db56ed2f255d259aca9619d8ed02b
c05de4e2c3353bae604ce8bfcf9bd2ffb5a4ff84
344059e80abc593777df7fcb2a023ff0144b6fcbd05b268af2145fbb99a8cea7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 31 Mar 2023 18:52:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 30 Mar 2023 21:01:03 GMT
Expires: Fri, 31 Mar 2023 21:01:03 GMT
ETag: "c05de4e2c3353bae604ce8bfcf9bd2ffb5a4ff84"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
static.kwcdn.com/m-assets/assets/css/8283_4c02f3641f86c1557304.css
104.18.28.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/css/8283_4c02f3641f86c1557304.css
IP 104.18.28.69:0
GET /m-assets/assets/css/8283_4c02f3641f86c1557304.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: JheBF5nuItw1lI7jxrfqMA==
etag: W/"2617811799ee22dc35948ee3c6b7ea30"
last-modified: Fri, 31 Mar 2023 05:29:57 GMT
x-content-type-options: nosniff
x-pos-request-id: 5538cd2e-a01e-0051-7392-639dc9000000
cf-cache-status: HIT
age: 46945
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca46eff9b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/l1
20.121.111.193200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/l1
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/l1 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0PJl0myXqTon9_R5vC4TGKaPkJRTnBg1tlg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1680288754565-fae5efb8ad7808451756c18d56970068
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680288754565|3
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a4
20.121.111.193200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1507
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0PJl0myXqTon9_R5vC4TGKaPkJRTnBg1tlg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=X2WAYVtFRdYdmjGl8bbszOsdsgzYyapD; Max-Age=31536000; Expires=Sat, 30 Mar 2024 18:52:34 GMT; Path=/; Domain=.temu.com
njrpl=X2WAYVtFRdYdmjGl8bbszOsdsgzYyapD; Max-Age=31536000; Expires=Sat, 30 Mar 2024 18:52:34 GMT; Path=/; Domain=.temu.com
dilx=Gyvl4Hn0YplqsEszC3oOG; Max-Age=31536000; Expires=Sat, 30 Mar 2024 18:52:34 GMT; Path=/; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1680288754552-4c9e4ebfc3f9ef1e2e27109cdf0c7736
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680288754552|21
cip: 91.90.42.154
X-Firefox-Spdy: h2
us.pftk.temu.com/pmm/api/pmm/api
20.84.3.191200 OK 0 B URL HTTP/2 us.pftk.temu.com/pmm/api/pmm/api
IP 20.84.3.191:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /pmm/api/pmm/api HTTP/1.1
Host: us.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1863
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; _gcl_au=1.1.258690656.1680288754
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:35 GMT
content-type: application/octet-stream
expires: Fri, 31 Mar 2023 18:52:34 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/ruby_free_goods_8fc367ebf5355ae552bb.js
104.18.28.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/ruby_free_goods_8fc367ebf5355ae552bb.js
IP 104.18.28.69:0
GET /m-assets/assets/js/ruby_free_goods_8fc367ebf5355ae552bb.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: WSdzrs3zFgKhcIQzcY8tYA==
etag: W/"592773aecdf31602a1708433718f2d60"
last-modified: Thu, 30 Mar 2023 08:46:02 GMT
x-content-type-options: nosniff
x-pos-request-id: d98a641f-101e-0092-12e4-62648b000000
cf-cache-status: HIT
age: 113798
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca46def20afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/react_webpack_runtime_a647c3df28ee616d84a1.js
104.18.28.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/react_webpack_runtime_a647c3df28ee616d84a1.js
IP 104.18.28.69:0
GET /m-assets/assets/js/react_webpack_runtime_a647c3df28ee616d84a1.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: vvdQyYb4DDDWnMTuHN2Kqg==
etag: W/"bef750c986f80c30d69cc4ee1cdd8aaa"
last-modified: Fri, 31 Mar 2023 09:44:06 GMT
x-content-type-options: nosniff
x-pos-request-id: 0b15684f-101e-0042-45b5-6350ed000000
cf-cache-status: HIT
age: 31387
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca46eef60afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
us.pftk.temu.com/pmm/api/pmm/api
20.84.3.191200 OK 0 B URL HTTP/2 us.pftk.temu.com/pmm/api/pmm/api
IP 20.84.3.191:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /pmm/api/pmm/api HTTP/1.1
Host: us.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1914
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; _gcl_au=1.1.258690656.1680288754; _bee=IyubPAqak8H6y3MvFxwcAzCHSeC47ape; njrpl=IyubPAqak8H6y3MvFxwcAzCHSeC47ape; dilx=Gyvl4Hn0YplqsEszC3oOG; hfsc=L32CeIs44Tn915LKeg==; _ga_R8YHFZCMMX=GS1.1.1680288753.1.0.1680288753.60.0.0; _ga=GA1.1.776704758.1680288754
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:35 GMT
content-type: application/octet-stream
expires: Fri, 31 Mar 2023 18:52:34 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/vendors_7b18f31158ae24935be7.js
104.18.28.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/vendors_7b18f31158ae24935be7.js
IP 104.18.28.69:0
GET /m-assets/assets/js/vendors_7b18f31158ae24935be7.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: 6b2m6FO09+cR99TmbnCBag==
etag: W/"e9bda6e853b4f7e711f7d4e66e70816a"
last-modified: Sun, 12 Mar 2023 12:27:19 GMT
x-content-type-options: nosniff
x-pos-request-id: e5147075-a01e-0005-14de-5452f2000000
cf-cache-status: HIT
age: 1662082
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca46eefa0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/6636_f96d4894d854d9d6832e.js
104.18.28.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/6636_f96d4894d854d9d6832e.js
IP 104.18.28.69:0
GET /m-assets/assets/js/6636_f96d4894d854d9d6832e.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: YUPSzWpRR9FMJB3LA5R5fg==
etag: W/"6143d2cd6a5147d14c241dcb0394797e"
last-modified: Thu, 23 Mar 2023 01:59:30 GMT
x-content-type-options: nosniff
x-pos-request-id: 552f199f-a01e-0015-2833-5de2d0000000
cf-cache-status: HIT
age: 713530
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca493c3cb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/risk-finger-h5_05624d9679dc868511b4.js
104.18.28.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/risk-finger-h5_05624d9679dc868511b4.js
IP 104.18.28.69:0
GET /m-assets/assets/js/risk-finger-h5_05624d9679dc868511b4.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: C4sX6U2e6irvbSgiuHAXdQ==
etag: W/"0b8b17e94d9eea2aef6d2822b8701775"
last-modified: Wed, 08 Feb 2023 06:09:49 GMT
x-content-type-options: nosniff
x-pos-request-id: d25fc30b-e01e-0069-2786-3be4c9000000
cf-cache-status: HIT
age: 4431260
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca4a6eafb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
us.thtk.temu.com/c/th.gif
20.185.14.249200 OK 0 B URL HTTP/2 us.thtk.temu.com/c/th.gif
IP 20.185.14.249:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /c/th.gif HTTP/1.1
Host: us.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1966
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: image/gif
expires: Fri, 31 Mar 2023 18:52:33 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
us.thtk.temu.com/c/th.gif
20.185.14.249200 OK 0 B URL HTTP/2 us.thtk.temu.com/c/th.gif
IP 20.185.14.249:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /c/th.gif HTTP/1.1
Host: us.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 634
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: image/gif
expires: Fri, 31 Mar 2023 18:52:33 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
us.thtk.temu.com/c/th.gif
20.185.14.249200 OK 0 B URL HTTP/2 us.thtk.temu.com/c/th.gif
IP 20.185.14.249:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /c/th.gif HTTP/1.1
Host: us.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 634
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: image/gif
expires: Fri, 31 Mar 2023 18:52:33 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/dawn_common_popup_sku_9811cb46a779c8522551.css
104.18.28.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/css/dawn_common_popup_sku_9811cb46a779c8522551.css
IP 104.18.28.69:0
GET /m-assets/assets/css/dawn_common_popup_sku_9811cb46a779c8522551.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: C+x9KJn5kGCdpCHqvmUjTA==
etag: W/"0bec7d2899f990609da421eabe65234c"
last-modified: Thu, 30 Mar 2023 12:20:24 GMT
x-content-type-options: nosniff
x-pos-request-id: 3174c7d0-c01e-0003-330c-63a8fe000000
cf-cache-status: HIT
age: 59087
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca46eff7b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/l1
20.121.111.193200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/l1
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/l1 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0PJl0myXqTon9_R5vC4TGKaPkJRTnBg1tlg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1680288754554-eadae09c9aa8043388948c676aee65da
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680288754554|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
locale.temu.com/api/bg/huygens/region/locate
20.121.111.193200 OK 0 B URL HTTP/2 locale.temu.com/api/bg/huygens/region/locate
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/bg/huygens/region/locate HTTP/1.1
Host: locale.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 2
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
x-yak-request-id: 1680288754725-5b17dea6e25856606a51de9d32374987
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
yak-timeinfo: 1680288754725|2
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/server/_stm
20.121.111.193200 OK 0 B URL HTTP/2 www.temu.com/api/server/_stm
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/server/_stm HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0PJl0myXqTon9_R5vC4TGKaPkJRTnBg1tlg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: application/json
vary: Accept-Encoding
cip: 91.90.42.154
cache-control: no-cache, no-store
content-encoding: gzip
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a3
20.121.111.193200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a3
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/a3 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0PJl0myXqTon9_R5vC4TGKaPkJRTnBg1tlg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1680288754474-1245c0092baa8a1792874e6065d51de7
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680288754474|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a4
20.121.111.193200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1507
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0PJl0myXqTon9_R5vC4TGKaPkJRTnBg1tlg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:34 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=IyubPAqak8H6y3MvFxwcAzCHSeC47ape; Max-Age=31536000; Expires=Sat, 30 Mar 2024 18:52:34 GMT; Path=/; Domain=.temu.com
njrpl=IyubPAqak8H6y3MvFxwcAzCHSeC47ape; Max-Age=31536000; Expires=Sat, 30 Mar 2024 18:52:34 GMT; Path=/; Domain=.temu.com
dilx=Gyvl4Hn0YplqsEszC3oOG; Max-Age=31536000; Expires=Sat, 30 Mar 2024 18:52:34 GMT; Path=/; Domain=.temu.com
hfsc=L32CeIs44Tn915LKeg==; Max-Age=31536000; Expires=Sat, 30 Mar 2024 18:52:34 GMT; Path=/; HttpOnly; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1680288754565-49592616176b8ed3bf980224a2313c36
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680288754565|20
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg
20.121.111.193200 OK 0 B URL HTTP/2 www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, iris-context-client-language, User-Agent
content-language: en
set-cookie: AccessToken=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
PDDAccessToken=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
user_uin=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
pdd_user_uin=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
pdd_user_id=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
region=211; Expires=Sun, 30-Apr-23 18:52:33 GMT; Path=/
language=en; Expires=Sun, 30-Apr-23 18:52:33 GMT; Path=/
currency=USD; Expires=Sun, 30-Apr-23 18:52:33 GMT; Path=/
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-accel-buffering: no
content-encoding: gzip
x-yak-request-id: 1680288753515-55b72c75b5103688d5860cf3d5af32ce
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
x-frame-options: SAMEORIGIN
cip: 91.90.42.154
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/8283_fa15581b44059d6050b2.js
104.18.28.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/8283_fa15581b44059d6050b2.js
IP 104.18.28.69:0
GET /m-assets/assets/js/8283_fa15581b44059d6050b2.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: QL3rRPtDwIS7td1wBdgDTQ==
etag: W/"40bdeb44fb43c084bbb5dd7005d8034d"
last-modified: Fri, 31 Mar 2023 09:44:08 GMT
x-content-type-options: nosniff
x-pos-request-id: 479e1675-401e-0073-36b5-635afe000000
cf-cache-status: HIT
age: 31387
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7b0aca46deef0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/favicon.ico
20.121.111.193200 OK 0 B IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /favicon.ico HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&outside_pool_type=1&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099514021774&h5_back_retention_pop=false&gs_comp_nickname=Ja***rt&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEF42Dm8S08MZdbJ4-YI1vl8wAg-1680202658%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1680312986&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=78fegEuTe2cjOAz0m0gMZjHA4JbjepVa&refer_share_channel=snapchat_chat&refer_share_suin=BBU2ROLHUWJF4XRQGAZ6YZ6YR3TAN7IDNWT35OX3AAFMM&group_sn=230331-3778EDF6AF5284DA3081&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=98863876&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F9e6b36a9-f966-416d-840c-39de4f58b9e7.jpg.slim.jpeg
Cookie: api_uid=CmzikGQnK/ElLQCGF6HdAg==; region=211; language=en; currency=USD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Fri, 31 Mar 2023 18:52:33 GMT
content-type: image/x-icon
cache-control: max-age=3600
x-yak-request-id: 1680288753966-4abe36e102c37475d40f910687a7e36b
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
x-frame-options: SAMEORIGIN
cip: 91.90.42.154
X-Firefox-Spdy: h2