{"report_id":"4d5b89d0-758d-4acd-b371-125b39954b12","version":6,"status":"done","tags":[],"date":"2023-11-01T03:23:53Z","url":{"schema":"http","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"final":{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"title":"Get Free Gifts"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T16:33:55Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.temu.com","ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"domain_registered":"2003-04-29","domain_rank":0,"first_seen":"2021-09-28 09:23:29","last_seen":"2023-10-31 18:21:38","alert_count":0,"request_count":10,"received_data":257392,"sent_data":15689,"comment":"","tags":null,"fingerprints":null},{"fqdn":"static.kwcdn.com","ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2022-08-08","domain_rank":0,"first_seen":"2022-09-05 12:50:07","last_seen":"2023-10-31 18:21:38","alert_count":0,"request_count":11,"received_data":5365546,"sent_data":5251,"comment":"","tags":null,"fingerprints":null},{"fqdn":"eu.pftk.temu.com","ip":{"addr":"20.123.108.148","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"domain_registered":"2003-04-29","domain_rank":0,"first_seen":"2023-04-25 17:58:50","last_seen":"2023-10-31 18:12:54","alert_count":0,"request_count":3,"received_data":1410,"sent_data":1619,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.godaddy.com","ip":{"addr":"192.124.249.22","port":0,"asn":30148,"as":"SUCURI-SEC","country":"United States","country_code":"US"},"domain_registered":"1999-03-02","domain_rank":698,"first_seen":"2012-05-20 21:28:57","last_seen":"2023-10-31 05:09:26","alert_count":0,"request_count":8,"received_data":20921,"sent_data":2640,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aimg.kwcdn.com","ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2022-08-08","domain_rank":0,"first_seen":"2022-09-05 12:50:08","last_seen":"2023-10-31 18:21:38","alert_count":0,"request_count":9,"received_data":126955,"sent_data":4530,"comment":"","tags":null,"fingerprints":null},{"fqdn":"eu.thtk.temu.com","ip":{"addr":"20.223.34.138","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"domain_registered":"2003-04-29","domain_rank":0,"first_seen":"2023-04-25 17:58:49","last_seen":"2023-10-31 18:12:51","alert_count":0,"request_count":1,"received_data":2561,"sent_data":487,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"216.93.246.18","port":3478,"asn":399004,"as":"COUNTERPATH-BOSTON","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:36.696629+0000\",\"flow_id\":256412848005429,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"216.93.246.18\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.696629+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"172.253.121.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:36.739429+0000\",\"flow_id\":1404479081039973,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.253.121.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.739429+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"77.72.169.211","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:36.784359+0000\",\"flow_id\":560698396047335,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.211\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.784359+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"216.93.246.18","port":3478,"asn":399004,"as":"COUNTERPATH-BOSTON","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:36.796834+0000\",\"flow_id\":256412848005429,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"216.93.246.18\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.696629+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"172.217.213.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:36.813676+0000\",\"flow_id\":1456357991017068,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.217.213.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.813676+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"64.233.164.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:36.834841+0000\",\"flow_id\":1112567333829913,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"64.233.164.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.834841+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"172.253.121.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:36.839674+0000\",\"flow_id\":1404479081039973,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.253.121.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.739429+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"74.125.24.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:36.854885+0000\",\"flow_id\":1661726147218277,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.24.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.854885+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"74.125.204.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:36.875535+0000\",\"flow_id\":271067276401679,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.204.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.875535+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"77.72.169.211","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:36.884605+0000\",\"flow_id\":560698396047335,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.211\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.784359+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"185.53.178.50","port":3478,"asn":19905,"as":"NEUSTAR-AS6","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:36.902952+0000\",\"flow_id\":1895333713463080,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"185.53.178.50\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.902952+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"172.217.213.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:36.913916+0000\",\"flow_id\":1456357991017068,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.217.213.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.813676+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"77.72.169.213","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:36.923129+0000\",\"flow_id\":1439457294685689,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.213\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.923129+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"64.233.164.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:36.935076+0000\",\"flow_id\":1112567333829913,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"64.233.164.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.834841+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"212.227.67.34","port":3478,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:36.943717+0000\",\"flow_id\":536096823338597,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"212.227.67.34\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.943717+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"74.125.24.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:36.955129+0000\",\"flow_id\":1661726147218277,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.24.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.854885+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"62.71.2.168","port":3478,"asn":1759,"as":"Telia Finland Oyj","country":"Finland","country_code":"FI"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:36.969183+0000\",\"flow_id\":1678171577043423,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"62.71.2.168\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.969183+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"74.125.204.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:36.975782+0000\",\"flow_id\":271067276401679,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.204.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.875535+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"75.2.81.221","port":3478,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:36.993510+0000\",\"flow_id\":1891536962332902,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"75.2.81.221\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.993510+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:36Z","timestamp":1698809016,"ip_dst":{"addr":"216.93.246.18","port":3478,"asn":399004,"as":"COUNTERPATH-BOSTON","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:36.997013+0000\",\"flow_id\":256412848005429,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"216.93.246.18\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.696629+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"185.53.178.50","port":3478,"asn":19905,"as":"NEUSTAR-AS6","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.003284+0000\",\"flow_id\":1895333713463080,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"185.53.178.50\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.902952+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"77.72.169.213","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.023357+0000\",\"flow_id\":1439457294685689,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.213\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.923129+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"172.253.121.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:37.039866+0000\",\"flow_id\":1404479081039973,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.253.121.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.739429+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"212.227.67.34","port":3478,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.043925+0000\",\"flow_id\":536096823338597,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"212.227.67.34\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.943717+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"62.71.2.168","port":3478,"asn":1759,"as":"Telia Finland Oyj","country":"Finland","country_code":"FI"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.069432+0000\",\"flow_id\":1678171577043423,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"62.71.2.168\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.969183+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"77.72.169.211","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.084854+0000\",\"flow_id\":560698396047335,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.211\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.784359+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"75.2.81.221","port":3478,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.093795+0000\",\"flow_id\":1891536962332902,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"75.2.81.221\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.993510+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"172.217.213.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:37.114135+0000\",\"flow_id\":1456357991017068,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.217.213.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.813676+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"64.233.164.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:37.135307+0000\",\"flow_id\":1112567333829913,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"64.233.164.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.834841+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"74.125.24.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:37.155359+0000\",\"flow_id\":1661726147218277,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.24.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.854885+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"74.125.204.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:37.176007+0000\",\"flow_id\":271067276401679,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.204.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.875535+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"185.53.178.50","port":3478,"asn":19905,"as":"NEUSTAR-AS6","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.203525+0000\",\"flow_id\":1895333713463080,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"185.53.178.50\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.902952+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"77.72.169.213","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.223588+0000\",\"flow_id\":1439457294685689,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.213\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.923129+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"212.227.67.34","port":3478,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.244141+0000\",\"flow_id\":536096823338597,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"212.227.67.34\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.943717+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"62.71.2.168","port":3478,"asn":1759,"as":"Telia Finland Oyj","country":"Finland","country_code":"FI"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.269669+0000\",\"flow_id\":1678171577043423,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"62.71.2.168\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.969183+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"75.2.81.221","port":3478,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.294030+0000\",\"flow_id\":1891536962332902,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"75.2.81.221\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.993510+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"216.93.246.18","port":3478,"asn":399004,"as":"COUNTERPATH-BOSTON","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.397264+0000\",\"flow_id\":256412848005429,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"216.93.246.18\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.696629+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"172.253.121.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:37.440095+0000\",\"flow_id\":1404479081039973,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.253.121.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.739429+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"77.72.169.211","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.485089+0000\",\"flow_id\":560698396047335,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.211\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.784359+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"172.217.213.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:37.514409+0000\",\"flow_id\":1456357991017068,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.217.213.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.813676+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"64.233.164.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:37.535514+0000\",\"flow_id\":1112567333829913,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"64.233.164.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.834841+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"74.125.24.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:37.555588+0000\",\"flow_id\":1661726147218277,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.24.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.854885+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"74.125.204.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:37.576239+0000\",\"flow_id\":271067276401679,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.204.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.875535+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"185.53.178.50","port":3478,"asn":19905,"as":"NEUSTAR-AS6","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.603765+0000\",\"flow_id\":1895333713463080,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"185.53.178.50\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.902952+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"77.72.169.213","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.623821+0000\",\"flow_id\":1439457294685689,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.213\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.923129+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"212.227.67.34","port":3478,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.644371+0000\",\"flow_id\":536096823338597,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"212.227.67.34\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.943717+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"62.71.2.168","port":3478,"asn":1759,"as":"Telia Finland Oyj","country":"Finland","country_code":"FI"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.669961+0000\",\"flow_id\":1678171577043423,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"62.71.2.168\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.969183+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:37Z","timestamp":1698809017,"ip_dst":{"addr":"75.2.81.221","port":3478,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:37.694267+0000\",\"flow_id\":1891536962332902,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"75.2.81.221\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":248,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.993510+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"216.93.246.18","port":3478,"asn":399004,"as":"COUNTERPATH-BOSTON","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:38.197502+0000\",\"flow_id\":256412848005429,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"216.93.246.18\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.696629+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"172.253.121.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:38.240327+0000\",\"flow_id\":1404479081039973,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.253.121.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.739429+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"77.72.169.211","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:38.285491+0000\",\"flow_id\":560698396047335,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.211\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.784359+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"172.217.213.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:38.314634+0000\",\"flow_id\":1456357991017068,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.217.213.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.813676+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"64.233.164.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:38.335741+0000\",\"flow_id\":1112567333829913,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"64.233.164.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.834841+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"74.125.24.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:38.355833+0000\",\"flow_id\":1661726147218277,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.24.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.854885+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"74.125.204.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:38.376459+0000\",\"flow_id\":271067276401679,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.204.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.875535+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"185.53.178.50","port":3478,"asn":19905,"as":"NEUSTAR-AS6","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:38.404038+0000\",\"flow_id\":1895333713463080,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"185.53.178.50\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.902952+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"77.72.169.213","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:38.424041+0000\",\"flow_id\":1439457294685689,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.213\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.923129+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"212.227.67.34","port":3478,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:38.444622+0000\",\"flow_id\":536096823338597,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"212.227.67.34\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.943717+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"62.71.2.168","port":3478,"asn":1759,"as":"Telia Finland Oyj","country":"Finland","country_code":"FI"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:38.470203+0000\",\"flow_id\":1678171577043423,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"62.71.2.168\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.969183+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:38Z","timestamp":1698809018,"ip_dst":{"addr":"75.2.81.221","port":3478,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:38.494491+0000\",\"flow_id\":1891536962332902,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"75.2.81.221\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":310,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.993510+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:39Z","timestamp":1698809019,"ip_dst":{"addr":"216.93.246.18","port":3478,"asn":399004,"as":"COUNTERPATH-BOSTON","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:39.797741+0000\",\"flow_id\":256412848005429,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"216.93.246.18\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.696629+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:39Z","timestamp":1698809019,"ip_dst":{"addr":"172.253.121.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:39.840574+0000\",\"flow_id\":1404479081039973,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.253.121.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.739429+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:39Z","timestamp":1698809019,"ip_dst":{"addr":"77.72.169.211","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:39.885808+0000\",\"flow_id\":560698396047335,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.211\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.784359+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:39Z","timestamp":1698809019,"ip_dst":{"addr":"172.217.213.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:39.914914+0000\",\"flow_id\":1456357991017068,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"172.217.213.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.813676+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:39Z","timestamp":1698809019,"ip_dst":{"addr":"64.233.164.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:39.935982+0000\",\"flow_id\":1112567333829913,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"64.233.164.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.834841+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:39Z","timestamp":1698809019,"ip_dst":{"addr":"74.125.24.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:39.956065+0000\",\"flow_id\":1661726147218277,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.24.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.854885+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:39Z","timestamp":1698809019,"ip_dst":{"addr":"74.125.204.127","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2023-11-01T03:23:39.976697+0000\",\"flow_id\":271067276401679,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"74.125.204.127\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_06_03\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.875535+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:40Z","timestamp":1698809020,"ip_dst":{"addr":"185.53.178.50","port":3478,"asn":19905,"as":"NEUSTAR-AS6","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:40.004419+0000\",\"flow_id\":1895333713463080,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"185.53.178.50\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.902952+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:40Z","timestamp":1698809020,"ip_dst":{"addr":"77.72.169.213","port":3478,"asn":42416,"as":"Comnet Internetional BV","country":"Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:40.024432+0000\",\"flow_id\":1439457294685689,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"77.72.169.213\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.923129+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:40Z","timestamp":1698809020,"ip_dst":{"addr":"212.227.67.34","port":3478,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:40.044893+0000\",\"flow_id\":536096823338597,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"212.227.67.34\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.943717+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:40Z","timestamp":1698809020,"ip_dst":{"addr":"62.71.2.168","port":3478,"asn":1759,"as":"Telia Finland Oyj","country":"Finland","country_code":"FI"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:40.070407+0000\",\"flow_id\":1678171577043423,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"62.71.2.168\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.969183+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-01T03:23:40Z","timestamp":1698809020,"ip_dst":{"addr":"75.2.81.221","port":3478,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2023-11-01T03:23:40.094719+0000\",\"flow_id\":1891536962332902,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.138\",\"src_port\":46732,\"dest_ip\":\"75.2.81.221\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2013_01_04\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":372,\"bytes_toclient\":0,\"start\":\"2023-11-01T03:23:36.993510+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"41195ba6f246577455fe2302b22869d3","sha1":"5d603fb219c708c4cf300526e78ba460fbeca98f","sha256":"72b8a2ba6e06933ed1f049ec9f7aea34439266cde5707ede1c4f5352d579c62c","sha512":"45cd5dcc350c9e34cc6d844c2bc17dd3bd4d72ad0e3761b55264263e73ae37384a577ce1c9f45024611bedefd794488056e4a6e7f915172ac3a96e0c68104b3a","ssdeep":"","tlshash":"ada0220200000008c2a08082fe0c3233a208a0020a0080203fcf002fbbe200382b0cc0","size":71,"data":"","first_seen":"2023-11-01T04:23:55Z","last_seen":"2024-08-20T21:33:45.544068Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/react_webpack_runtime_3f58d683b6ad845a1a6c.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c361837cae845f29a0e962dfc4c82b","sha1":"9fc8fed56dc5c7b526fd89a8125e47f31d627a10","sha256":"83ed4d1a8f8454e2446cd5ddeb1aa8276f23bcf3e454156c508c8d07dad680b9","sha512":"f5dcdc38855a06c66c11319dafe5fd12326c72fbeffdc9fb13d3fb209b9b1bdc37e81e4b96281f01c13a9bc799eedddbd698d51c05d51d114a343f7fd2104006","ssdeep":"768:oTOvVSA8mq+7WqkpWjEgeZfvVjE/x2AfNl7WqhvIGpxbf3/c8bZ6Kukmq43KAZB1:8Oc3wlggKFmcq6GpRfkEZ61KGNmSXZ","tlshash":"2a331a1da22cb1da58ac48f26c5e515f36a9230978533cf0cdb9e6ee3744d27709a63c","size":50822,"data":"","first_seen":"2023-10-31T20:43:54Z","last_seen":"2023-11-01T04:23:55Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/vendors_07ba115885eac13108d8.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d5f71d8c1c2772b7d6dbed44719a93f","sha1":"d85a5b0df807407317f0129c0faf08378bf89662","sha256":"82f52c5689ad1bcc30d94197d1bc1222300abef8fc0501cf8a46d56eba92585f","sha512":"71ff813de2df4836f57e4e911fbe3781620a202d9a2b4f87d4ed1abce82c934851c619b15eec9293fab2950f173c58735861f1e1688f902748f7332b7b0540fd","ssdeep":"6144:EknBhkRqiT2GqLWgNWQ2sGW0SjhlS9tcsQ9o4xo3zOn:rnBhkRqiOJGc7/oDOn","tlshash":"1ab406cc72d2f0a207f361b6407f250bb37a291a684d8454f221e9d5acb955ea237f3d","size":524193,"data":"","first_seen":"2023-10-29T04:31:06Z","last_seen":"2024-08-20T21:59:03.269551Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"180a44a49f5f0211cd6e7608036cc362","sha1":"381697b882ec5f0800596d6b1f1551d9b42f131c","sha256":"6e45f13c58505a88b7430a8f6d2c73d8def06c48d440fc3e627e6527fbdcc2e0","sha512":"37f93af5ca5e62578a6423e1e5854edc334b7778fe9205300f45faa9841ffc5e2d478a8ecf0b9e13979dd5d5bb2619cd9aaee3ab75b6ba38800bde17f7e6014d","ssdeep":"","tlshash":"be41dc0c355844e7ccd0467c9d5a39c326fd64671f84c6e0bb9e4a270bb8daf31172aa","size":2327,"data":"","first_seen":"2023-10-13T15:52:23Z","last_seen":"2024-08-21T04:51:19.545059Z","times_seen":477,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"73919c7408b9fee8ac0922aa760aaabe","sha1":"c383275441da7e76b8f9d410c1f9526cae3eb175","sha256":"985329d357eb52535d98073a8817e5ef0c64512812710f5e6fcc666f498f74f0","sha512":"30e6fb725434e120786adb1714998a33ed02b337d0ac326c195fa0c8c994614084c650a68578eb066e13aa3fa628de8c2dade3bef67fec774f3d9e06c4f16417","ssdeep":"","tlshash":"293111defa0036345997b23232bf630a17772261a8424424113a9bc82f2898a06b6f99","size":1561,"data":"","first_seen":"2023-03-12T10:46:37Z","last_seen":"2026-01-29T16:41:38.981247Z","times_seen":6736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/ruby_free_right_1913a4bb58b1cc42fa76.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"70e86e1c10b54df3f7ea168a3801d3eb","sha1":"154e3f915bea01b3eec2a69534e9dd42082e671f","sha256":"7342e818d8a3837716cea422e4a55b6cb08db85aabcb55815917a42e61033915","sha512":"3c70df7becdf1192ea457260814b4f1574eea1452f7c73e6bec4eb2772b8d6519063dd5acea78ae50ddfd8c8d387445cb81dfc4672d6daba1d5a480c6ede4d63","ssdeep":"49152:8GGeUvi3pJux3OyrviTN6JFCGtV/RIrWYJJXGYcj0:BbXv","tlshash":"4cc53a017156552d16e2036e683f3f8effa96b08f6a0d0c490a8d528f918f74b27f9b5","size":2523910,"data":"","first_seen":"2023-11-01T04:23:55Z","last_seen":"2024-08-20T21:33:45.548176Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/4208_e4378c30181ed52d121f.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3887278ac2a4b5eeef2d682406abb5d","sha1":"789df875fff3a169da43dbe83a756465be92e4bb","sha256":"a161e971c18da83ea4c415261c40d3ba7184a757ddcbb5f67a925f790aeccf57","sha512":"e8ced4c4500b64678b8e0494999c3cc1c921d7d71fab7cdea076b97b63a8c87f1c08d52c9a5f2b39c132728387ddd36ac474b8ad7f3bc245b92516d3c8d0b6e9","ssdeep":"1536:8eDOVz62zdovs0wTfLIWRQGqZAEvvHMAfjYIe75Wi:ZaDEvnYX","tlshash":"8083c2e0bad2b40117e358600a6f155be7bb3160214e8448de69c7e93c71a5becb7e7c","size":85274,"data":"","first_seen":"2023-05-22T19:12:05Z","last_seen":"2024-08-21T09:44:12.375829Z","times_seen":683,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"a00b879422acb6ba7faf489460df6cb4","sha1":"cb35c63163c01e1a15bb8ba2af07372f8273e7a7","sha256":"819689677c71313bf80be126cfc4575cf73cf3612f4f969920b065e86c82782a","sha512":"1289140a722cd7b11cc4ef8c4c69d42518a1654d53fc37933360e7f6cda3d78e1db8c60c3410886893230192d2a5710d8ac8a29a6c136f179f4cf865126cc561","ssdeep":"","tlshash":"30a022f0802c08bb00c8328aaa0b3280ab3000a8b00f00000800e208200f00303300c8","size":62,"data":"","first_seen":"2023-09-24T17:12:48Z","last_seen":"2025-10-21T22:41:13.771648Z","times_seen":972,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa74e4f5c1e2c49ed7bc9f281ea07486","sha1":"8e8fcad0a00ac69b7fbeb44aaf4980b636d86b3d","sha256":"1de23989da83b74576f04de2b44948a3ec5f3c06571b461e6973c1163f933b5f","sha512":"fa7f206ccd3c30ba665025a9500c274ed0f55658b46bbcdc0a7211ffc1a90c01a5e855f6be0ef63daeb86fed79dd018f81d9e589a0ca76a3c2c744e12912c4f3","ssdeep":"","tlshash":"4041628e7981f049cfbb6174833fa34fb2396228685c6440c112aae43e7475f9a13f69","size":1893,"data":"","first_seen":"2023-03-26T13:37:10Z","last_seen":"2024-08-21T09:44:12.362753Z","times_seen":1523,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"cf43521594ffa3aa712815392ce7987e","sha1":"8935971f38b5bfb581948c3865efa3f4ca0b3159","sha256":"82f5451efcc4c9c1fa5b5bd799c727036b22743f156ab72777cee4c7123cc3f2","sha512":"b63092259ce519e0419dbe7e94382f901a65fd607b58f708432742f9e352b2787ca9b82f1c2b02a457824fe140de775203fc335f5347bb181e18493bd20c8d4e","ssdeep":"384:esfRzR3opR4y00sDdkeU6QDUE4bbEkDai3EDaD5:phxoMi6U6Q/4XEkuHG5","tlshash":"e052e88873c1b4f305b315a5247f320bb13a66057429e095db41f9e268a4edf5263fbe","size":14175,"data":"","first_seen":"2023-10-21T00:50:20Z","last_seen":"2024-08-21T04:00:17.437961Z","times_seen":231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"9ffbda9e99babc937b09a7cef8169198","sha1":"5643b7a6afdfb3479af8a6523ba117425330be5b","sha256":"1b7f620ac193efe1a7efebed4447c9a400b7b9408709984cf1c8b0a7a88c99de","sha512":"5288301a5906f66cdfc03bcb9d2b2a0454142659439fb0846d878ea605812c6399c55a4e34e2eae91534c73f12758d6700937d8bad8f8ca26f4e3399f4237ac4","ssdeep":"","tlshash":"f7b02b4003290c600c49520e018155691000451087448461e8640301a0c3f892284cec","size":125,"data":"","first_seen":"2023-11-01T04:23:55Z","last_seen":"2024-08-20T21:33:45.553098Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"8cb9d2758bbfe1f576d9da02f75e40a1","sha1":"dec61c38c2af88a9f3204ac9cde8d21fa40cec2b","sha256":"09c4cd0b878c256978529c5670ef421a02c3cf54218de3e6db3a9d7a4aa0f823","sha512":"3d6e7614ea9417649b16f6f5fb3e78337cb62baba18fb9a861d1987b4f840dfef4e60d6483d52c176ab9a8f5a8f0a013d29f86202e646fc38f68b9c38f2e5bb5","ssdeep":"","tlshash":"dca0027d201091310e6b446db520dad43d707310a1037810800d89850025d841c10b94","size":58,"data":"","first_seen":"2023-03-12T14:31:42Z","last_seen":"2024-08-21T09:44:12.36518Z","times_seen":1509,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b1f734d113adcac21105bd348d83f915","sha1":"c4562e10f451eb3e89a47219b0b76818f75ec1b8","sha256":"1756f903eebfffd784d7f33856e9a7bf9644c4d8d5fb7cf606596343469ffbb0","sha512":"9934c1b70aec2ce978e6adf491b1e075456dfac3bd1f653d727b011867b2470c4e1c39939e11eab1fcc409dd1472b88b527250b712095726ea1b8a48b5011b5c","ssdeep":"","tlshash":"0711142f2e5440345a133519943fd394b4505593540de2bb727ccd54bf20f2b1664df9","size":979,"data":"","first_seen":"2024-08-20T21:33:45.55454Z","last_seen":"2024-08-20T21:33:45.55454Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d090e03ad7fd3c801c28e94eb27b8122","sha1":"a89f107f271dfac4f5b33c786aa3b6be9bfdd950","sha256":"a549dc008656f83f16ec4c01af9964504f63c0e28e30005b39d833481e207a4e","sha512":"db7a06827ee843529f0d642822f194a89b91cb8ef5c63e399311a8fbe64256670ce11d2d97d1926e05e085c008b105025da4e45ee11ce200731dd38050fab6ba","ssdeep":"","tlshash":"95d0a70cb45ae34d4812385e6569011136b2b1bdf058176564bd49c41b3505a642349d","size":225,"data":"","first_seen":"2023-03-12T14:31:43Z","last_seen":"2025-12-21T16:06:38.165382Z","times_seen":930,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b1a2e8c7e2ab9488bc47ff63785cfe59","sha1":"4d743d470c2e8eb4c34e35151af4f24c4c5c1c28","sha256":"bea22307a65a6b4e4620453372741280bbae75c4faed1adb4acec5910541706b","sha512":"1dc0bd8ed3b9615fccf194ff58b01f20b3922199c9117096f15d3f028db33c1b95979b4f697c3e0830a18aae89abcc0e950fa004db6c3539587beb3c05ef3cf0","ssdeep":"","tlshash":"a1c08034651418b8935a4410177fa71907b6613159c306302216cc442d757855165bc9","size":164,"data":"","first_seen":"2023-03-12T10:46:37Z","last_seen":"2026-04-22T13:00:50.32158Z","times_seen":10605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"3cbdbd8216d4b426a9cd78dc2632ece2","sha1":"9483d3bdd8ac6478f8ec0e64f9719d28a7a9cb6e","sha256":"1b43e279b6e381c895b378d4be944edd03cf54ebe31bbb5526e8abce0eb2ec82","sha512":"42b3bcab17ba1e802678873f52109059f11eceb7f1038a00471d03e5ca8ecbe5b8f0825ddafbf9184f0d649f13c6e2c81fa0d7d71da0d1eca65f6b8711ec1f25","ssdeep":"6144:x1WoPAu0uu9++45ENISKgs9osj9/RyHaYu8Ki84CgcZENeqcDdJ:CA","tlshash":"4414051f571519720bd213e6789f3dc362fa01aae3d004a4d9adc46d13edf6ab22b09d","size":198675,"data":"","first_seen":"2024-08-20T21:33:45.557165Z","last_seen":"2024-08-20T21:33:45.557165Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/biz_vendors_6cf8ea0824cc0d496770.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5784fbeb9bf55dc8313e37213ab07b6","sha1":"998225728860021d4b3577fd8b9a519eb1cd2d05","sha256":"e8dc2ed5ad8385e5a70dd6a68fc55f32e4c27b0f48b201a4096fe3fa428e7e91","sha512":"c49d91f883cf9537a1c5614794994f1da6440e644ead69ed9756e1f0596bc3ce8bb88e18c8b97ffa44f2e19748bffce203aacbedfc1cf4961b92524e08902f53","ssdeep":"6144:2+pFxnQEQl+O5KWv+YFKYymJllwk1ZpJyQGAiSKL6W/i:2+pFN0KQFKYyEllwKZpoQGA3M6WK","tlshash":"8294c58cb6ebf4e603e36475407f660bf33a2a44241d9511f231e9d5bc2499f9232f6a","size":439641,"data":"","first_seen":"2023-10-31T20:43:54Z","last_seen":"2024-08-20T21:36:28.568809Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/dynamic_vendors_9ba98012942f9e18bb80.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5a56dd7689542498fb9e5f3598fc408","sha1":"e6a520206b75ffe417d32815f960b386c601e701","sha256":"fbb147bc1fbbfe8d34f229e05e4dc70a7df77632b6b13d8ccba92278cafe7504","sha512":"0117ba6dff244118d408997175d7a44c7bc1422ad981ef48f35a00eac723e8a00b680f552bb16f40455a60298314524302c7717553a83b3d58d5c5e029bc70a9","ssdeep":"3072:aEl0bSrG6LqPEbVyHYMJFy3egRxzQQD8SXSEu0:all6XRMJU3egRxZD/u0","tlshash":"ae143a88b9a2615703caa3f0905f160a723914377409489cbe7acff9ed74d9e506bb7c","size":208946,"data":"","first_seen":"2023-10-24T12:25:13Z","last_seen":"2024-08-21T03:37:48.06585Z","times_seen":401,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"089eaa2bbeb4564f697c227b356348ff","sha1":"8533d2f08e01eb7596c8f2950ed101ee2c694887","sha256":"35d5a70170732265dd5d51bb64f082616e28be1f500ecb28be3513dca25f86b2","sha512":"eef8687dcee80860bb788b959791e4b82a581ef84eb8ba22a272856665688128b7d5f679a9b486cd6229470b7bdf091336b75d734474b85a9ba0c99ef41561a3","ssdeep":"","tlshash":"9a800020800e822aa2b08300832a2a0822200300288802a038ca202be80228320c00ca","size":28,"data":"","first_seen":"2023-03-13T08:52:19Z","last_seen":"2025-07-09T13:25:43.001942Z","times_seen":5944,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"047755da8068d678fb67d51986540ff3","sha1":"b3ca824c7948f8ca4510a61b8e909beea3326bc6","sha256":"bae99835ce2935ece67d701512762d6548fe47612241d2920fb5d2bd1c006f1b","sha512":"4c2e1bf8a122ebe0325255b85408994fda02d66499dc83bcbf62f52a6dbae3b12811e62bfbd2bf3be5a24df49ff5dfc35b21cc9e354e58de16048fbf250f9137","ssdeep":"","tlshash":"4611009ab204f13a2a5301e8929f7e4e3d313351750784620724d88be97cebd5967e0c","size":920,"data":"","first_seen":"2023-07-03T20:53:14Z","last_seen":"2024-08-21T09:44:12.372417Z","times_seen":933,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"1e9e2ded2636cdae712b85f48ea2b2fb","sha1":"ba375470397098fdca39cf07b8910674417312dc","sha256":"6385bf5b852614bef40e1e8d0e6e5f3964549d7d4025a66d5efc63fe884cce94","sha512":"679c0384f626af46af0ee63364f124078d9ea6cff2a30002ff819e7186cb7023fd47cbc7eebf43fe739f1d8c46addb3615ba023b93a3bfdb0433f638079cc816","ssdeep":"","tlshash":"7ef0ed001ed318fe9452609f6b653e437a932a968bc690807f8ef55f2f5205743302cc","size":450,"data":"","first_seen":"2023-03-12T10:46:37Z","last_seen":"2026-04-22T13:00:50.335738Z","times_seen":9585,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"f55de8f23ddfdc8c4b76bc74a32ff57e","sha1":"afdb707a84ff173048f21b72e6efe7ab9ef86e16","sha256":"2aa16913a260d09e1a3421410616cca55e9e131507c60c9b7cb38c1b990cfd51","sha512":"bb2e70347d730da7356cb4b916f6a1cca6947f92d9a77432de4447a186b56e6e84898420a4bdb0f6bdfdca684521f9b86d766d7bf5c231f68057ec4059a61149","ssdeep":"","tlshash":"5a800455040535f0ccf0440f45555d0033504440404c50014154000f35c1c5351cddc3","size":36,"data":"","first_seen":"2023-08-29T20:06:12Z","last_seen":"2026-04-22T13:00:50.332168Z","times_seen":10195,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"840d408b943d210cf768b90d87cbdf6a","sha1":"dd58b6b67320024bd7ec8880ae6fe364f094c636","sha256":"890adade2878c06dd82fa3c8d8f5a187dd39aebe2bde07a9a5e7576d2b8e0d82","sha512":"7ee0252bf0fdbc87e2aadb0d0725d55cd4083008993167f07de117f2648308241a526b868635b1831e0b6014a7441db3b1cd0125f3a9f0ad0d00542032ac85a9","ssdeep":"","tlshash":"3a71b7881728fc714633874dec22276681ed2a1bcff8c55aba5e3438013b59f270a1e9","size":3797,"data":"","first_seen":"2024-08-20T21:33:45.562674Z","last_seen":"2024-08-20T21:33:45.562674Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/8745_5a2cd9a3cbf91dac9c60.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d28c0656c64296371089fcd4fc1ad49a","sha1":"11f855f22f27d2189be79fef91e9e7d19f6bff3f","sha256":"c1a94b797d45dbb303c235fab77a2d9a5bf3c34665268aa8a20d4ceb3a7e8450","sha512":"0f2f78283d7cc84ac5d7ae1e21c92e9ac9d9cdc0acfa3e9c240c619cc87adb117b39f6727b38398ad9305d5b79d01e861ebda76d89fa653b9afd252b56523633","ssdeep":"6144:Io+HXSA71WoP1Wot1WoZ1Wo11Wo8CJZ4nqQQsw3z3ofJcYnv8yA/2UX:Io+HXpynbQ53u+Q8yA/20","tlshash":"79b45d8cf6daf1b202d211a5107f2946f37639086665d400f23dc9c97aa8e6ed237b7d","size":527973,"data":"","first_seen":"2023-10-31T20:43:54Z","last_seen":"2024-08-20T21:36:28.557196Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/risk-finger-h5_092c0ede732873e0bb69.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c8918f44f038bfe8f2b0bf14d357512","sha1":"c22f3c61e9609d4a42a398d2613909189b0fe5ae","sha256":"ebca16dec7e52cbba22af6ed8c36f43c0c482ae7c8ddb6d3e45e2bd02f941516","sha512":"b79eea69ae651a476af8df59f799f6bd9a95672e374282466e6d2fcf4e1ce48dbb4afb28b3d96f00c4abb5d06ea148428f2eee005ea37dcc91d23bf56e52c71a","ssdeep":"1536:DhnWHFGChLoVCWlmAsi0/XhXSnoVPWjqH:DOrXKg/","tlshash":"4863d69ebfe6b66903d354a5087f144af33e3984554ec081d912c6c178f8b8e9e27e6c","size":72855,"data":"","first_seen":"2023-10-24T12:25:13Z","last_seen":"2024-08-21T03:37:48.064887Z","times_seen":401,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"ocsp.godaddy.com/","fqdn":"ocsp.godaddy.com","domain":"godaddy.com","tld":"com"},"ip":{"addr":"192.124.249.22","port":0,"asn":30148,"as":"SUCURI-SEC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-01T03:23:34.439243777Z","timestamp":1698809014439,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.godaddy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 75\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Sucuri/Cloudproxy\r\nDate: Wed, 01 Nov 2023 03:23:33 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 2107\r\nConnection: keep-alive\r\nX-Sucuri-ID: 19022\r\nContent-Transfer-Encoding: Binary\r\nCache-Control: public, no-transform, must-revalidate\r\nLast-Modified: Tue, 31 Oct 2023 21:23:06 GMT\r\nExpires: Wed, 01 Nov 2023 21:23:06 GMT\r\nETag: \"e10e78cecfd0df74ac2b5579892d7aefada34e96\"\r\nP3P: CP=\"IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2107,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"26c4ce32741cc3338a33dbeed1d7b46d","sha1":"e10e78cecfd0df74ac2b5579892d7aefada34e96","sha256":"e7a0a5d6bf857a1d5d366555c06104a3efd2dbf15db8e6d718d06fb6d47924ec","sha512":"7753a79bec9cc47070bcb20b0beb2f0b3f15d98e8a5b81f0c65f3f0c38242247ea6336687b0a4b1e28fab0cf8778812509d95538ee5f30d2d2cbdd8445f07e09","ssdeep":"","tlshash":"dd410af69b4ea48db9428b84b9f4c6311cb800f1a3444cd534f3c10a38ba3641dc888c","first_seen":"2023-11-01T01:01:01Z","last_seen":"2023-11-01T04:23:55Z","times_seen":4,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aimg.kwcdn.com/upload_aimg/dawn/7925093e-3260-4a6b-ac2c-8182125ca0df.png","fqdn":"aimg.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.403Z","timestamp":1698809015403,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /upload_aimg/dawn/7925093e-3260-4a6b-ac2c-8182125ca0df.png HTTP/1.1\r\nHost: aimg.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.kwcdn.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 1453\r\ncache-control: max-age=31536000\r\nlast-modified: Sun, 04 Dec 2022 19:32:32 GMT\r\nrequest-id: a81ef0f9f8852c310ce98e819f4129f0\r\nx-content-type-options: nosniff\r\nx-fop-destination-type: fop\r\nx-imagine-success: true\r\ncf-cache-status: HIT\r\nage: 400473\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f1051568c9568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1453,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced\\012- data","md5":"e813a7905590eeb104d554293fe900f1","sha1":"cf5e7d620231859f217046dd8af67c4be02719c4","sha256":"3a6539a055020a7d3c2041904eceae444dd6c91f0022345a8ca4f6d87e846683","sha512":"f4073232d2127a7f72098f6ba1006a330f04b0fce98c571f9a4bb81b16b11bcfd0740b998797e677791e225b51dc3afb894b09bffea95671f3b58cbf84077fb7","ssdeep":"","tlshash":"","first_seen":"2023-05-06T12:18:01Z","last_seen":"2023-11-20T18:06:29Z","times_seen":153,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aimg.kwcdn.com/upload_aimg/dawn/65349fbe-d82d-4ebb-9d09-ec53784d3627.png.slim.png","fqdn":"aimg.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.404Z","timestamp":1698809015404,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /upload_aimg/dawn/65349fbe-d82d-4ebb-9d09-ec53784d3627.png.slim.png HTTP/1.1\r\nHost: aimg.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.kwcdn.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 10592\r\ncache-control: max-age=31536000\r\nlast-modified: Fri, 24 Feb 2023 02:06:19 GMT\r\nrequest-id: d11859789b3fcf2c3e2878e1a9e4477c\r\nx-content-type-options: nosniff\r\nx-fop-destination-type: fop\r\nx-imagine-success: true\r\ncf-cache-status: HIT\r\nage: 136347\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f1051568ca568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10592,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2142 x 832, 8-bit colormap, non-interlaced\\012- data","md5":"7568518047739638478866f57782126c","sha1":"4be130f06b63566d96ccbe0e2fbd70439535a767","sha256":"32082a4b4c4052bef878f5e35c2dc0738cb900f09c590ead51aaf26d1f445fc8","sha512":"353a00d862f6652b92ec7c9d6df457a8abd9256ae204ff6782e49b19d5f0c37eafe22a6940e554bdafa76e1da3c049cb9fcde32ca51d662f66207720095ec7fa","ssdeep":"","tlshash":"","first_seen":"2023-10-30T15:57:42Z","last_seen":"2023-11-20T18:06:29Z","times_seen":133,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":126,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aimg.kwcdn.com/upload_aimg/dawn/e6626d23-4c0b-4fb0-9b53-c06d4f93c2d4.png.slim.png","fqdn":"aimg.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.405Z","timestamp":1698809015405,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /upload_aimg/dawn/e6626d23-4c0b-4fb0-9b53-c06d4f93c2d4.png.slim.png HTTP/1.1\r\nHost: aimg.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.kwcdn.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 1519\r\ncache-control: max-age=31536000\r\nlast-modified: Thu, 07 Sep 2023 10:19:17 GMT\r\nrequest-id: eb7c7a6ba0d898b57efad13aa9270970\r\nx-content-type-options: nosniff\r\nx-fop-destination-type: fop\r\nx-imagine-success: true\r\ncf-cache-status: HIT\r\nage: 400473\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f1051568cb568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1519,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 528 x 144, 8-bit colormap, non-interlaced\\012- data","md5":"27e5c35e32a402ad599abb3c33e4e85b","sha1":"c9ee3d3ae46385ffa3c64ae65d67caa2433d0c07","sha256":"ccffc92032ad00f76dd32a2f07a6247965ef193dc008214ef7ce91540fef4574","sha512":"8b30e271ae20e266d027936aac8a3e7a026218615ff3e301d73fff6879ef72ccdecfe304610e1ba8469460768c35dd3bfa902fde9c6f28cc309c0200ca518db5","ssdeep":"","tlshash":"9631c7cc7c83d06cd3b4bef1492e8b6830834b91203ae7887b315c2827c02588ae9b15","first_seen":"2023-10-10T17:36:51Z","last_seen":"2025-04-13T22:54:05.713575Z","times_seen":222,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":125,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aimg.kwcdn.com/upload_aimg/dawn/b85ccf95-0e14-478b-a400-989ba80c53e7.png.slim.png","fqdn":"aimg.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.399Z","timestamp":1698809015399,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /upload_aimg/dawn/b85ccf95-0e14-478b-a400-989ba80c53e7.png.slim.png HTTP/1.1\r\nHost: aimg.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.kwcdn.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 24245\r\ncache-control: max-age=31536000\r\nlast-modified: Tue, 01 Aug 2023 16:48:13 GMT\r\nrequest-id: 438a8e9d7db7777a97525df2d4e3dd4d\r\nx-content-type-options: nosniff\r\nx-fop-destination-type: fop\r\nx-imagine-success: true\r\ncf-cache-status: HIT\r\nage: 136347\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f1051568cc568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24245,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2142 x 832, 8-bit colormap, non-interlaced\\012- data","md5":"2152c06c8e0cc97d78338162bb18fd24","sha1":"92f38674a67bfb77177e807980cff27380a6acec","sha256":"bd2a6afa9ea1e249c09df899e955bdac9758d45270a8b77683c1129e61c5a8c6","sha512":"4d8917bd96f2b38cc42a513708528720843ed4ee04e3691e6b56b2dc772b176f8778d697515e1e1709c6ff392b1cbe3afd12f53f4666620eb0cece78a69dc4ac","ssdeep":"","tlshash":"","first_seen":"2023-10-30T15:57:42Z","last_seen":"2023-11-20T18:06:29Z","times_seen":133,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":131,"dns":0,"connect":0,"send":0,"wait":10,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aimg.kwcdn.com/upload_aimg/dawn/06e27200-b709-4e85-9a73-c0f19fc9baa8.png","fqdn":"aimg.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.402Z","timestamp":1698809015402,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /upload_aimg/dawn/06e27200-b709-4e85-9a73-c0f19fc9baa8.png HTTP/1.1\r\nHost: aimg.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.kwcdn.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 1304\r\ncache-control: max-age=31536000\r\nlast-modified: Mon, 05 Dec 2022 19:00:43 GMT\r\nrequest-id: 95878408e60b5596e19766f0872d75e2\r\nx-content-type-options: nosniff\r\nx-fop-destination-type: fop\r\nx-imagine-success: true\r\ncf-cache-status: HIT\r\nage: 607813\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f1051568cd568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1304,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 35, 8-bit/color RGBA, non-interlaced\\012- data","md5":"746c339d5271025bc8bd77e23dc1a1a4","sha1":"4ef210fcbc6b6de49849e048f23bebd687cb091a","sha256":"a630906454581c114482722315e2b448f0a68faecbe1961c8710fef7d4ba35c5","sha512":"6fa69c314ee80894abef29d8173a65047a7d2d3afba00007625cfabc0be5abd006fdfa158ccad20bd7f8969b1c023823d45bfe86c24d6decc73f4bacc53b029f","ssdeep":"","tlshash":"","first_seen":"2023-05-06T12:18:01Z","last_seen":"2023-11-20T18:06:29Z","times_seen":153,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":129,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.godaddy.com/","fqdn":"ocsp.godaddy.com","domain":"godaddy.com","tld":"com"},"ip":{"addr":"192.124.249.41","port":0,"asn":30148,"as":"SUCURI-SEC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-01T03:23:35.778361473Z","timestamp":1698809015778,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.godaddy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 75\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Sucuri/Cloudproxy\r\nDate: Wed, 01 Nov 2023 03:23:34 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 2107\r\nConnection: keep-alive\r\nX-Sucuri-ID: 19041\r\nContent-Transfer-Encoding: Binary\r\nCache-Control: public, no-transform, must-revalidate\r\nLast-Modified: Tue, 31 Oct 2023 21:23:06 GMT\r\nExpires: Wed, 01 Nov 2023 21:23:06 GMT\r\nETag: \"e10e78cecfd0df74ac2b5579892d7aefada34e96\"\r\nP3P: CP=\"IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2107,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"26c4ce32741cc3338a33dbeed1d7b46d","sha1":"e10e78cecfd0df74ac2b5579892d7aefada34e96","sha256":"e7a0a5d6bf857a1d5d366555c06104a3efd2dbf15db8e6d718d06fb6d47924ec","sha512":"7753a79bec9cc47070bcb20b0beb2f0b3f15d98e8a5b81f0c65f3f0c38242247ea6336687b0a4b1e28fab0cf8778812509d95538ee5f30d2d2cbdd8445f07e09","ssdeep":"","tlshash":"dd410af69b4ea48db9428b84b9f4c6311cb800f1a3444cd534f3c10a38ba3641dc888c","first_seen":"2023-11-01T01:01:01Z","last_seen":"2023-11-01T04:23:55Z","times_seen":4,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aimg.kwcdn.com/upload_aimg/dawn/32105797-b1c4-450a-a3da-536e892ed66a.png?imageView2/2/w/1300/q/80","fqdn":"aimg.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.145Z","timestamp":1698809016145,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /upload_aimg/dawn/32105797-b1c4-450a-a3da-536e892ed66a.png?imageView2/2/w/1300/q/80 HTTP/1.1\r\nHost: aimg.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: image/png\r\ncontent-length: 9987\r\ncache-control: max-age=31536000\r\nlast-modified: Sat, 26 Nov 2022 19:54:39 GMT\r\nrequest-id: dc8b4dd6ee9fef7aac3c0e37d00d2149\r\nx-content-type-options: nosniff\r\nx-fop-destination-type: fop\r\nx-imagine-success: true\r\ncf-cache-status: HIT\r\nage: 316907\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f1051939e3568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9987,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGB, non-interlaced\\012- data","md5":"6b52fefe14120f80189183996d45fe1f","sha1":"a8d70d2bc7a0e2acfabd8919efaec53871181575","sha256":"705364318430a57986f49ebd8f215a89a142dd0b1691728706f00adf211abbb9","sha512":"339fc276e67442271bd00d05fc06353f613ff6f782cb53557fe36c67e909d72d0e0f242894ca42ca0bc6109213b346b492cdc3afca01d149c7bb0a6a05085842","ssdeep":"","tlshash":"","first_seen":"2023-05-02T15:09:00Z","last_seen":"2023-12-03T22:25:12Z","times_seen":164,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aimg.kwcdn.com/upload_aimg/dawn/78fe67fd-50cf-4a24-ba2b-41e096296ba0.png?imageView2/2/w/1300/q/80","fqdn":"aimg.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.143Z","timestamp":1698809016143,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /upload_aimg/dawn/78fe67fd-50cf-4a24-ba2b-41e096296ba0.png?imageView2/2/w/1300/q/80 HTTP/1.1\r\nHost: aimg.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: image/png\r\ncontent-length: 10396\r\ncache-control: max-age=31536000\r\nlast-modified: Fri, 02 Dec 2022 14:08:01 GMT\r\nrequest-id: 57a5ed084c92b0a62a5b895b17a3bba6\r\nx-content-type-options: nosniff\r\nx-fop-destination-type: fop\r\nx-imagine-success: true\r\ncf-cache-status: HIT\r\nage: 471957\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f1051939e2568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10396,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGB, non-interlaced\\012- data","md5":"ab04b1bcd19ae608d5cc35f29878f8c7","sha1":"35c6ac357cfce87bd55a6a1d4b8e828d597aca30","sha256":"f675f3134800db90b0f1f1c89278a9787827a284f4fde16cc71e2a30b8926b92","sha512":"3d7e120ffeafaa90e9f78dfe0f6ac75314973508929f83419f57772cadbf0f6170e2867c0c2ea35309be0ae35b0866ba3cc2bb2da72abf3d86bfb72344fa695f","ssdeep":"","tlshash":"","first_seen":"2023-05-02T15:09:00Z","last_seen":"2023-12-03T22:25:12Z","times_seen":164,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.godaddy.com/","fqdn":"ocsp.godaddy.com","domain":"godaddy.com","tld":"com"},"ip":{"addr":"192.124.249.22","port":0,"asn":30148,"as":"SUCURI-SEC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-01T03:23:36.210574324Z","timestamp":1698809016210,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.godaddy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 75\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Sucuri/Cloudproxy\r\nDate: Wed, 01 Nov 2023 03:23:34 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 2107\r\nConnection: keep-alive\r\nX-Sucuri-ID: 19022\r\nContent-Transfer-Encoding: Binary\r\nCache-Control: public, no-transform, must-revalidate\r\nLast-Modified: Tue, 31 Oct 2023 21:59:15 GMT\r\nExpires: Wed, 01 Nov 2023 21:59:15 GMT\r\nETag: \"9a04df05430efe92ae55800821965476ab78832f\"\r\nP3P: CP=\"IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2107,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"9610cc6270a71578cc3f6aedd2aed8fa","sha1":"9a04df05430efe92ae55800821965476ab78832f","sha256":"81a259e51a67cc16ffaa68c935e57939e8525ed6f1c97c6dae9eeac92c11fb40","sha512":"642ce91bf85d1a23250e07c72160858a3273dd79c17dad60479130b2c4c0b45084bc9acf4f2a8b94e07ed8cdb9b09aa7bce35526a846b8fece62ab6732b86d77","ssdeep":"","tlshash":"9f41d8f69b6926d5bb431f80fdf8c6351c7860f067d848d128f3c0a114a97552d994dd","first_seen":"2023-11-01T02:27:57Z","last_seen":"2023-11-01T04:23:55Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.godaddy.com/","fqdn":"ocsp.godaddy.com","domain":"godaddy.com","tld":"com"},"ip":{"addr":"192.124.249.22","port":0,"asn":30148,"as":"SUCURI-SEC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-01T03:23:36.255884096Z","timestamp":1698809016255,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.godaddy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 75\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Sucuri/Cloudproxy\r\nDate: Wed, 01 Nov 2023 03:23:35 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 2107\r\nConnection: keep-alive\r\nX-Sucuri-ID: 19022\r\nContent-Transfer-Encoding: Binary\r\nCache-Control: public, no-transform, must-revalidate\r\nLast-Modified: Tue, 31 Oct 2023 21:59:15 GMT\r\nExpires: Wed, 01 Nov 2023 21:59:15 GMT\r\nETag: \"9a04df05430efe92ae55800821965476ab78832f\"\r\nP3P: CP=\"IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2107,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"9610cc6270a71578cc3f6aedd2aed8fa","sha1":"9a04df05430efe92ae55800821965476ab78832f","sha256":"81a259e51a67cc16ffaa68c935e57939e8525ed6f1c97c6dae9eeac92c11fb40","sha512":"642ce91bf85d1a23250e07c72160858a3273dd79c17dad60479130b2c4c0b45084bc9acf4f2a8b94e07ed8cdb9b09aa7bce35526a846b8fece62ab6732b86d77","ssdeep":"","tlshash":"9f41d8f69b6926d5bb431f80fdf8c6351c7860f067d848d128f3c0a114a97552d994dd","first_seen":"2023-11-01T02:27:57Z","last_seen":"2023-11-01T04:23:55Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.godaddy.com/","fqdn":"ocsp.godaddy.com","domain":"godaddy.com","tld":"com"},"ip":{"addr":"192.124.249.36","port":0,"asn":30148,"as":"SUCURI-SEC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-01T03:23:36.264395522Z","timestamp":1698809016264,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.godaddy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 75\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Sucuri/Cloudproxy\r\nDate: Wed, 01 Nov 2023 03:23:35 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 2107\r\nConnection: keep-alive\r\nX-Sucuri-ID: 19036\r\nContent-Transfer-Encoding: Binary\r\nCache-Control: public, no-transform, must-revalidate\r\nLast-Modified: Tue, 31 Oct 2023 21:59:15 GMT\r\nExpires: Wed, 01 Nov 2023 21:59:15 GMT\r\nETag: \"9a04df05430efe92ae55800821965476ab78832f\"\r\nP3P: CP=\"IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2107,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"9610cc6270a71578cc3f6aedd2aed8fa","sha1":"9a04df05430efe92ae55800821965476ab78832f","sha256":"81a259e51a67cc16ffaa68c935e57939e8525ed6f1c97c6dae9eeac92c11fb40","sha512":"642ce91bf85d1a23250e07c72160858a3273dd79c17dad60479130b2c4c0b45084bc9acf4f2a8b94e07ed8cdb9b09aa7bce35526a846b8fece62ab6732b86d77","ssdeep":"","tlshash":"9f41d8f69b6926d5bb431f80fdf8c6351c7860f067d848d128f3c0a114a97552d994dd","first_seen":"2023-11-01T02:27:57Z","last_seen":"2023-11-01T04:23:55Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.godaddy.com/","fqdn":"ocsp.godaddy.com","domain":"godaddy.com","tld":"com"},"ip":{"addr":"192.124.249.36","port":0,"asn":30148,"as":"SUCURI-SEC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-01T03:23:36.267846929Z","timestamp":1698809016267,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.godaddy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 75\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Sucuri/Cloudproxy\r\nDate: Wed, 01 Nov 2023 03:23:35 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 2107\r\nConnection: keep-alive\r\nX-Sucuri-ID: 19036\r\nContent-Transfer-Encoding: Binary\r\nCache-Control: public, no-transform, must-revalidate\r\nLast-Modified: Tue, 31 Oct 2023 21:59:15 GMT\r\nExpires: Wed, 01 Nov 2023 21:59:15 GMT\r\nETag: \"9a04df05430efe92ae55800821965476ab78832f\"\r\nP3P: CP=\"IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2107,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"9610cc6270a71578cc3f6aedd2aed8fa","sha1":"9a04df05430efe92ae55800821965476ab78832f","sha256":"81a259e51a67cc16ffaa68c935e57939e8525ed6f1c97c6dae9eeac92c11fb40","sha512":"642ce91bf85d1a23250e07c72160858a3273dd79c17dad60479130b2c4c0b45084bc9acf4f2a8b94e07ed8cdb9b09aa7bce35526a846b8fece62ab6732b86d77","ssdeep":"","tlshash":"9f41d8f69b6926d5bb431f80fdf8c6351c7860f067d848d128f3c0a114a97552d994dd","first_seen":"2023-11-01T02:27:57Z","last_seen":"2023-11-01T04:23:55Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.godaddy.com/","fqdn":"ocsp.godaddy.com","domain":"godaddy.com","tld":"com"},"ip":{"addr":"192.124.249.36","port":0,"asn":30148,"as":"SUCURI-SEC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-01T03:23:36.26854521Z","timestamp":1698809016268,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.godaddy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 75\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Sucuri/Cloudproxy\r\nDate: Wed, 01 Nov 2023 03:23:35 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 2107\r\nConnection: keep-alive\r\nX-Sucuri-ID: 19036\r\nContent-Transfer-Encoding: Binary\r\nCache-Control: public, no-transform, must-revalidate\r\nLast-Modified: Tue, 31 Oct 2023 21:59:15 GMT\r\nExpires: Wed, 01 Nov 2023 21:59:15 GMT\r\nETag: \"9a04df05430efe92ae55800821965476ab78832f\"\r\nP3P: CP=\"IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2107,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"9610cc6270a71578cc3f6aedd2aed8fa","sha1":"9a04df05430efe92ae55800821965476ab78832f","sha256":"81a259e51a67cc16ffaa68c935e57939e8525ed6f1c97c6dae9eeac92c11fb40","sha512":"642ce91bf85d1a23250e07c72160858a3273dd79c17dad60479130b2c4c0b45084bc9acf4f2a8b94e07ed8cdb9b09aa7bce35526a846b8fece62ab6732b86d77","ssdeep":"","tlshash":"9f41d8f69b6926d5bb431f80fdf8c6351c7860f067d848d128f3c0a114a97552d994dd","first_seen":"2023-11-01T02:27:57Z","last_seen":"2023-11-01T04:23:55Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.godaddy.com/","fqdn":"ocsp.godaddy.com","domain":"godaddy.com","tld":"com"},"ip":{"addr":"192.124.249.36","port":0,"asn":30148,"as":"SUCURI-SEC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-01T03:23:36.299288767Z","timestamp":1698809016299,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.godaddy.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 76\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Sucuri/Cloudproxy\r\nDate: Wed, 01 Nov 2023 03:23:35 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 2108\r\nConnection: keep-alive\r\nX-Sucuri-ID: 19036\r\nContent-Transfer-Encoding: Binary\r\nCache-Control: public, no-transform, must-revalidate\r\nLast-Modified: Tue, 31 Oct 2023 22:04:58 GMT\r\nExpires: Wed, 01 Nov 2023 22:04:58 GMT\r\nETag: \"1c5877f841069c308843a19499baec959e3a16a0\"\r\nP3P: CP=\"IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2108,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"ca9eebb7aabd2bf72b0276398cc6d5e2","sha1":"1c5877f841069c308843a19499baec959e3a16a0","sha256":"edec32c9e0dbc79d9e41d83c2ffb51e78cbcf68b4566cc5f5323b359844b755e","sha512":"9ff42599a84b790e3562cb071a50cece7d9e2b61418336f8784d518cf380ce9cf7452c94e5e938b8282af2cfa25e33d43bd1fc3c8a9786b5936341eb85620c8f","ssdeep":"","tlshash":"96412eeae79d199cfe431f5cb8f8c5310dfa41b151858dc174f2c755159e3a52c6888c","first_seen":"2023-11-01T02:27:57Z","last_seen":"2023-11-01T22:28:08Z","times_seen":5,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"eu.thtk.temu.com/c/th.gif","fqdn":"eu.thtk.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.223.34.138","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.083Z","timestamp":1698809016083,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.thtk.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:23 GMT","end":"Tue, 13 Aug 2024 13:25:23 GMT"},"fingerprint":{"sha1":"6C:16:D5:C1:7B:12:5A:3B:10:7F:8E:44:DE:D9:C2:4B:A5:CD:FA:D6","sha256":"2D:E1:D7:58:C5:38:A0:93:4D:76:93:A7:24:7F:C8:56:FA:20:EB:FE:96:1F:2E:0A:49:4D:D8:DC:9E:25:34:C7"}}},"request":{"raw":"POST /c/th.gif HTTP/1.1\r\nHost: eu.thtk.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 643\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nCookie: api_uid=CnEixmVBxLUvTABjrLCrAg==\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: image/gif\r\nexpires: Wed, 01 Nov 2023 03:23:34 GMT\r\ncache-control: no-cache\r\naccess-control-allow-origin: https://www.temu.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2108,"size_decoded":0,"mime_type":"image/gif","magic":"data","md5":"ca9eebb7aabd2bf72b0276398cc6d5e2","sha1":"1c5877f841069c308843a19499baec959e3a16a0","sha256":"edec32c9e0dbc79d9e41d83c2ffb51e78cbcf68b4566cc5f5323b359844b755e","sha512":"9ff42599a84b790e3562cb071a50cece7d9e2b61418336f8784d518cf380ce9cf7452c94e5e938b8282af2cfa25e33d43bd1fc3c8a9786b5936341eb85620c8f","ssdeep":"","tlshash":"96412eeae79d199cfe431f5cb8f8c5310dfa41b151858dc174f2c755159e3a52c6888c","first_seen":"2023-11-01T02:27:57Z","last_seen":"2023-11-01T22:28:08Z","times_seen":5,"resource_available":false,"data":null}},"time_used":496,"timings":{"blocked":227,"dns":0,"connect":39,"send":0,"wait":40,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/api/phantom/xg/pfb/a4","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.748Z","timestamp":1698809016748,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:20 GMT","end":"Tue, 13 Aug 2024 13:25:20 GMT"},"fingerprint":{"sha1":"DF:7A:E2:E8:63:59:CD:A2:AF:E9:56:63:9A:99:1E:4F:71:A7:30:35","sha256":"10:61:90:92:7E:F0:9A:68:A4:55:0F:62:39:EE:D5:38:02:F2:51:9E:BC:2C:05:D3:B3:16:CB:CA:9F:80:15:69"}}},"request":{"raw":"POST /api/phantom/xg/pfb/a4 HTTP/1.1\r\nHost: www.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=UTF-8\r\nContent-Length: 2333\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B\r\nCookie: region=151; language=en; currency=NOK; api_uid=CnEixmVBxLUvTABjrLCrAg==; timezone=UTC; _nano_fp=XpEbl0Colp9an5XJX9_Q~YKc3XsSsQPCtOD17CCj\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: _bee=MtzZ1yBws63LLKmBRL3LxFhy4YLxReY2; Max-Age=31536000; Expires=Thu, 31 Oct 2024 03:23:35 GMT; Path=/; Domain=.temu.com\nnjrpl=MtzZ1yBws63LLKmBRL3LxFhy4YLxReY2; Max-Age=31536000; Expires=Thu, 31 Oct 2024 03:23:35 GMT; Path=/; Domain=.temu.com\ndilx=UM0SdlZjhyqLI_r0NoORy; Max-Age=31536000; Expires=Thu, 31 Oct 2024 03:23:35 GMT; Path=/; Domain=.temu.com\nhfsc=L32DcIEw4D751p/Efw==; Max-Age=31536000; Expires=Thu, 31 Oct 2024 03:23:35 GMT; Path=/; HttpOnly; Domain=.temu.com\r\ncontent-encoding: gzip\r\nx-yak-request-id: 1698809015891-c6354db1cc66343f48821ce8d3e7ecf8\r\naccess-control-allow-origin: https://www.temu.com\r\nvary: Accept-Encoding, Origin\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content\r\naccess-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=2592000\r\ncontent-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif\r\nyak-timeinfo: 1698809015891|15\r\ncip: 91.90.42.154\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":194,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"712108f2080c80335f0524155259b591","sha1":"02463d4463e8339e36c1c70c75f531a493692a94","sha256":"9e6cd0ce80cbba19fdc22583d7d07bb0fc8a119015d90488c34a2ecddc67aa7e","sha512":"2d5c9583454523e0d2ed07b86ffc2fa6ea83c348e32d0a5d6ed481a3dc8d0c3a0b471e8217728bb061f931086552f2f6752e305c94ca6a87905105eca584b15a","ssdeep":"","tlshash":"59d022520a80e452d800acbf08ba7e03248c3063cf907c3d080caf22c3d073e6f5a053","first_seen":"2023-11-01T04:23:55Z","last_seen":"2023-11-01T04:23:55Z","times_seen":1,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-01T03:23:34.199Z","timestamp":1698809014199,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:20 GMT","end":"Tue, 13 Aug 2024 13:25:20 GMT"},"fingerprint":{"sha1":"DF:7A:E2:E8:63:59:CD:A2:AF:E9:56:63:9A:99:1E:4F:71:A7:30:35","sha256":"10:61:90:92:7E:F0:9A:68:A4:55:0F:62:39:EE:D5:38:02:F2:51:9E:BC:2C:05:D3:B3:16:CB:CA:9F:80:15:69"}}},"request":{"raw":"GET /ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B HTTP/1.1\r\nHost: www.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 01 Nov 2023 03:23:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-language: en\r\nsurrogate-control: no-store\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-accel-buffering: no\r\ncontent-encoding: gzip\r\nx-yak-request-id: 1698809013554-86b2e05ccff9ad6ee70b8747ed0a802d\r\nstrict-transport-security: max-age=2592000\r\nset-cookie: region=151; Expires=Mon, 29-Apr-24 03:23:33 GMT; Path=/\nlanguage=en; Expires=Mon, 29-Apr-24 03:23:33 GMT; Path=/\ncurrency=NOK; Expires=Mon, 29-Apr-24 03:23:33 GMT; Path=/\napi_uid=CnEixmVBxLUvTABjrLCrAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/\r\ncontent-security-policy-report-only: default-src *.temu.com *.kwcdn.com  wss://*.temu.com *.paypal.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca  www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/110000006/sec-gif\r\nvary: Accept-Encoding, User-Agent\r\nx-frame-options: SAMEORIGIN\r\ncip: 91.90.42.154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":231726,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":551,"timings":{"blocked":244,"dns":0,"connect":39,"send":0,"wait":63,"receive":0,"ssl":202},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/biz_vendors_6cf8ea0824cc0d496770.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.439Z","timestamp":1698809015439,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/js/biz_vendors_6cf8ea0824cc0d496770.js HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: tXhPvrm/VdyDE+NyE6sHtg==\r\netag: W/\"0x8DBD9F911E31163\"\r\nlast-modified: Tue, 31 Oct 2023 10:06:37 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: 7c333da4-301e-0080-47ed-0b82ad000000\r\ncf-cache-status: HIT\r\nage: 57132\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10514ca285697-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":439641,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/ruby_free_right_1913a4bb58b1cc42fa76.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.450Z","timestamp":1698809015450,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/js/ruby_free_right_1913a4bb58b1cc42fa76.js HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: cOhuHBC1TfP36haKOAHT6w==\r\netag: W/\"0x8DBD9F9118E46F4\"\r\nlast-modified: Tue, 31 Oct 2023 10:06:36 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: aef1f9b2-f01e-0070-4aed-0b27f8000000\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10514da2e5697-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2523910,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/api/phantom/xg/pfb/a4","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.739Z","timestamp":1698809016739,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:20 GMT","end":"Tue, 13 Aug 2024 13:25:20 GMT"},"fingerprint":{"sha1":"DF:7A:E2:E8:63:59:CD:A2:AF:E9:56:63:9A:99:1E:4F:71:A7:30:35","sha256":"10:61:90:92:7E:F0:9A:68:A4:55:0F:62:39:EE:D5:38:02:F2:51:9E:BC:2C:05:D3:B3:16:CB:CA:9F:80:15:69"}}},"request":{"raw":"POST /api/phantom/xg/pfb/a4 HTTP/1.1\r\nHost: www.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=UTF-8\r\nContent-Length: 2336\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B\r\nCookie: region=151; language=en; currency=NOK; api_uid=CnEixmVBxLUvTABjrLCrAg==; timezone=UTC; _nano_fp=XpEbl0Colp9an5XJX9_Q~YKc3XsSsQPCtOD17CCj\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: _bee=WFeG7HuhqM8cZHzJxxZ4UynjyFNT7eYR; Max-Age=31536000; Expires=Thu, 31 Oct 2024 03:23:35 GMT; Path=/; Domain=.temu.com\nnjrpl=WFeG7HuhqM8cZHzJxxZ4UynjyFNT7eYR; Max-Age=31536000; Expires=Thu, 31 Oct 2024 03:23:35 GMT; Path=/; Domain=.temu.com\ndilx=UM0SdlZjhyqLI_r0NoORy; Max-Age=31536000; Expires=Thu, 31 Oct 2024 03:23:35 GMT; Path=/; Domain=.temu.com\nhfsc=L32DcIEw4D751p/FfA==; Max-Age=31536000; Expires=Thu, 31 Oct 2024 03:23:35 GMT; Path=/; HttpOnly; Domain=.temu.com\r\ncontent-encoding: gzip\r\nx-yak-request-id: 1698809015878-3404414fe2f02d5448e1628a997fdaad\r\naccess-control-allow-origin: https://www.temu.com\r\nvary: Accept-Encoding, Origin\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content\r\naccess-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=2592000\r\ncontent-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif\r\nyak-timeinfo: 1698809015878|26\r\ncip: 91.90.42.154\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":194,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"bb22ab2c54a9b05f5585c880257e3ce4","sha1":"3970f658e4d50908d1993a4c6c5bc1df888c1f8d","sha256":"252cd11979bd7ee19683e1fed8bb41a214774f68d357ea30fc2753c29704a466","sha512":"0dff1aa4361dcd177d7c3303b68e69abe505808cc95f29701418b1d10c085e72735049458cbf52f5012cfd2a6d617df232fa4b4131b03069d26066cf68c34001","ssdeep":"","tlshash":"15d022120aa0c801c400843f16b2bf12390c2083de80fe3a500c8b2682c4b3e2f8e193","first_seen":"2023-11-01T04:23:55Z","last_seen":"2023-11-01T04:23:55Z","times_seen":1,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/favicon.ico","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.586Z","timestamp":1698809015586,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:20 GMT","end":"Tue, 13 Aug 2024 13:25:20 GMT"},"fingerprint":{"sha1":"DF:7A:E2:E8:63:59:CD:A2:AF:E9:56:63:9A:99:1E:4F:71:A7:30:35","sha256":"10:61:90:92:7E:F0:9A:68:A4:55:0F:62:39:EE:D5:38:02:F2:51:9E:BC:2C:05:D3:B3:16:CB:CA:9F:80:15:69"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B\r\nCookie: region=151; language=en; currency=NOK; api_uid=CnEixmVBxLUvTABjrLCrAg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: image/x-icon\r\ncache-control: max-age=3600\r\nx-yak-request-id: 1698809014697-bef7b3ecbeb42e3dd1f70756599cbc75\r\nstrict-transport-security: max-age=2592000\r\ncontent-security-policy-report-only: default-src *.temu.com *.kwcdn.com  wss://*.temu.com *.paypal.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca  www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/110000006/sec-gif\r\nvary: User-Agent\r\nx-frame-options: SAMEORIGIN\r\ncip: 91.90.42.154\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16958,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\\012- data","md5":"d26edcc90efcd957d6c0cecb09bba13b","sha1":"398b0409df13c402e913d9caf5fce84eeeb0423a","sha256":"9e50f7118d02f2fc45af374163bf05bb6467869ff0333751d2e0d9a0401e8b5e","sha512":"334d823fffc06e55c59f8073d247659dcb505c7e51ad5f322bcacd78443f38ed01a938895593cd073b47dfa8fa08ce1d87065272eb948d791f9706b555087cd8","ssdeep":"96:drZLHwgveJt5XZXEvAWmxSIW+hz1vXDRMZqVHz:drZLQgveJSmxM89MwBz","tlshash":"5f72b9c2de5c0d1afa591935436b922407c79e318ae0ec2b9a21fd933f73ad32123395","first_seen":"2023-04-30T21:09:58Z","last_seen":"2026-04-22T13:00:50.279057Z","times_seen":8138,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/risk-finger-h5_092c0ede732873e0bb69.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.004Z","timestamp":1698809016004,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/js/risk-finger-h5_092c0ede732873e0bb69.js HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: nIkY9E8Di/6PKwvxTTV1Eg==\r\netag: W/\"0x8DBD4447C77CCEB\"\r\nlast-modified: Tue, 24 Oct 2023 03:51:21 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: 6d8bea02-001e-004b-7f2d-0623fe000000\r\ncf-cache-status: HIT\r\nage: 507949\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f1051858d05699-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":72855,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/api/server/_stm","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.199Z","timestamp":1698809016199,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:20 GMT","end":"Tue, 13 Aug 2024 13:25:20 GMT"},"fingerprint":{"sha1":"DF:7A:E2:E8:63:59:CD:A2:AF:E9:56:63:9A:99:1E:4F:71:A7:30:35","sha256":"10:61:90:92:7E:F0:9A:68:A4:55:0F:62:39:EE:D5:38:02:F2:51:9E:BC:2C:05:D3:B3:16:CB:CA:9F:80:15:69"}}},"request":{"raw":"GET /api/server/_stm HTTP/1.1\r\nHost: www.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B\r\nCookie: region=151; language=en; currency=NOK; api_uid=CnEixmVBxLUvTABjrLCrAg==; timezone=UTC; _nano_fp=XpEbl0Colp9an5XJX9_Q~YKc3XsSsQPCtOD17CCj\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/json\r\nvary: accept-encoding\r\ncache-control: no-cache, no-store\r\ncip: 91.90.42.154\r\ncontent-encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29,"size_decoded":0,"mime_type":"application/json","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"0fc96b92e8713ef6515ecd5242923a0a","sha1":"40fbbc4c4c96037029a58c90a235d2919dafcecc","sha256":"6131e7e9edc6cce1b8f824cc71b97b7ad0aae6a403a5157b4d28751c0329ce46","sha512":"4025779df403706274b567ef34326089ce043403374310806662dbd6e9d00df43e733beb6ee92eaa430ea6351416386e3ad3a7beb1900dd1a356a86734086595","ssdeep":"","tlshash":"2e80000a00208aef00e00f3cae820b8b03aa0c2000ca20800b0a03e200ab020a003820","first_seen":"2023-11-01T04:23:55Z","last_seen":"2023-11-01T04:23:55Z","times_seen":1,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/api/phantom/dm/wl/cg","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.218Z","timestamp":1698809016218,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:20 GMT","end":"Tue, 13 Aug 2024 13:25:20 GMT"},"fingerprint":{"sha1":"DF:7A:E2:E8:63:59:CD:A2:AF:E9:56:63:9A:99:1E:4F:71:A7:30:35","sha256":"10:61:90:92:7E:F0:9A:68:A4:55:0F:62:39:EE:D5:38:02:F2:51:9E:BC:2C:05:D3:B3:16:CB:CA:9F:80:15:69"}}},"request":{"raw":"GET /api/phantom/dm/wl/cg HTTP/1.1\r\nHost: www.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B\r\nCookie: region=151; language=en; currency=NOK; api_uid=CnEixmVBxLUvTABjrLCrAg==; timezone=UTC; _nano_fp=XpEbl0Colp9an5XJX9_Q~YKc3XsSsQPCtOD17CCj\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/json;charset=UTF-8\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-yak-request-id: 1698809015357-b147d906857a3190ef5d962ae6e1c61a\r\nstrict-transport-security: max-age=2592000\r\ncontent-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif\r\nyak-timeinfo: 1698809015357|1\r\ncip: 91.90.42.154\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":112,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"b27fb22ce11a5835b4d9f9821fbde1dc","sha1":"2423d7509446510882224eb144ca22930260d806","sha256":"8c73c87d0ac6b5acd8e0fc7953f5fa35c756d59ccd390de45dfec69530b29147","sha512":"bdd46ea02baceb9e0e50366189cadedb20ce09c94b4b4d4c84f641dbb0a8ac7a5d0f14bbfe3259e1c6f8fbdce8de1399d1e9dce7148b9cb7fcedbde66da6d3a7","ssdeep":"","tlshash":"f1b09263d9d0de52c0007c4d66ae7e261088300288900e694a9d655e8bd89353a56a37","first_seen":"2023-04-05T15:14:09Z","last_seen":"2023-12-18T03:50:12Z","times_seen":1583,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/css/8745-e95e25f03ce457fc2208.css","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:34.933Z","timestamp":1698809014933,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/css/8745-e95e25f03ce457fc2208.css HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: g5jTRC//YGhG5HiTdiHOSA==\r\netag: W/\"0x8DBD9EC85CEBF33\"\r\nlast-modified: Tue, 31 Oct 2023 08:36:48 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: d352b425-101e-003a-52d5-0bfafc000000\r\ncf-cache-status: HIT\r\nage: 57132\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10512a9745697-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":115538,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8398d3442fff606846e478937621ce48","sha1":"a6588ad2c80ebfb583b355ee8b0fd5214424babf","sha256":"852c25f0ec3f0158c899820570beca1f44b8482bc4678bb1260839746db48b0d","sha512":"dba9a17eb75e1a794414bffb474d0b278af88e6e07a5b0dd88b542f58afed320da8abe0354c8e270e1f932707cfdea86964320b016c4aacc0e47fa4fe2d1a387","ssdeep":"768:4D20iAnbM8rG5OGlVzJVuxLyGlcGljXBVc5pL4IL0riWD6L:4DJZA8CTlNGPlPlzBVc5pL4IL0riWD6L","tlshash":"e8b3806e5863119b7012aa15dbd81ead561fc23341630dce331b681b9f8bfed329d287","first_seen":"2023-10-31T20:43:54Z","last_seen":"2023-11-03T06:30:07Z","times_seen":18,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":166,"dns":126,"connect":5,"send":0,"wait":14,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"eu.pftk.temu.com/pmm/api/pmm/defined","fqdn":"eu.pftk.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.108.148","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.078Z","timestamp":1698809016078,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pftk.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:25 GMT","end":"Tue, 13 Aug 2024 13:25:25 GMT"},"fingerprint":{"sha1":"F4:BE:81:8F:72:EA:45:6C:90:FB:ED:AA:86:7C:F4:6D:10:06:EA:D8","sha256":"71:02:D1:74:74:8C:05:BE:75:9E:28:67:AE:01:46:6E:9B:B7:E3:78:CB:9C:AC:07:AF:0B:93:55:CF:96:10:D5"}}},"request":{"raw":"POST /pmm/api/pmm/defined HTTP/1.1\r\nHost: eu.pftk.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1884\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nCookie: api_uid=CnEixmVBxLUvTABjrLCrAg==\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/octet-stream\r\nexpires: Wed, 01 Nov 2023 03:23:34 GMT\r\ncache-control: no-cache\r\naccess-control-allow-origin: https://www.temu.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":621,"timings":{"blocked":290,"dns":55,"connect":57,"send":0,"wait":40,"receive":0,"ssl":177},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/api/phantom/xg/pfb/a3","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.220Z","timestamp":1698809016220,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:20 GMT","end":"Tue, 13 Aug 2024 13:25:20 GMT"},"fingerprint":{"sha1":"DF:7A:E2:E8:63:59:CD:A2:AF:E9:56:63:9A:99:1E:4F:71:A7:30:35","sha256":"10:61:90:92:7E:F0:9A:68:A4:55:0F:62:39:EE:D5:38:02:F2:51:9E:BC:2C:05:D3:B3:16:CB:CA:9F:80:15:69"}}},"request":{"raw":"GET /api/phantom/xg/pfb/a3 HTTP/1.1\r\nHost: www.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B\r\nCookie: region=151; language=en; currency=NOK; api_uid=CnEixmVBxLUvTABjrLCrAg==; timezone=UTC; _nano_fp=XpEbl0Colp9an5XJX9_Q~YKc3XsSsQPCtOD17CCj\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/json;charset=UTF-8\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-yak-request-id: 1698809015358-2ad6ff5327968a6d153fccd3d82bfe01\r\nstrict-transport-security: max-age=2592000\r\ncontent-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif\r\nyak-timeinfo: 1698809015358|1\r\ncip: 91.90.42.154\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"c6414e5496710ed55ee4f9ec40f156ea","sha1":"41cba42db5066498b26b124c6014f8404f89eebe","sha256":"88631f128b21eb159e7e9e24b6a4107ef29ae7fc05b5653b4723b2aee1b7972e","sha512":"72bf1b067fb60a9c76a9fc6789acc40934f174cd9a852e4767ed2862fb8b4eb985980319469a951560691e2516c12bb896ef044203fc2a614bf01226fcba44b1","ssdeep":"","tlshash":"98a022e38cc0c003e800088c08bbbe022a8830228a203b200a0c008aeae08303b030ab","first_seen":"2023-04-05T13:42:24Z","last_seen":"2025-04-06T22:08:53.165685Z","times_seen":6534,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/api/phantom/xg/pfb/l1","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.741Z","timestamp":1698809016741,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:20 GMT","end":"Tue, 13 Aug 2024 13:25:20 GMT"},"fingerprint":{"sha1":"DF:7A:E2:E8:63:59:CD:A2:AF:E9:56:63:9A:99:1E:4F:71:A7:30:35","sha256":"10:61:90:92:7E:F0:9A:68:A4:55:0F:62:39:EE:D5:38:02:F2:51:9E:BC:2C:05:D3:B3:16:CB:CA:9F:80:15:69"}}},"request":{"raw":"GET /api/phantom/xg/pfb/l1 HTTP/1.1\r\nHost: www.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B\r\nCookie: region=151; language=en; currency=NOK; api_uid=CnEixmVBxLUvTABjrLCrAg==; timezone=UTC; _nano_fp=XpEbl0Colp9an5XJX9_Q~YKc3XsSsQPCtOD17CCj\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/json;charset=UTF-8\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-yak-request-id: 1698809015880-5629484c55ca4ca6878d6b7182f19a97\r\nstrict-transport-security: max-age=2592000\r\ncontent-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif\r\nyak-timeinfo: 1698809015880|2\r\ncip: 91.90.42.154\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":114,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"bb0687da0fb05463be21230ed3fa5de3","sha1":"874f00ce048e7f938949306983dbdee59f0f1a63","sha256":"2910d68aaf70adf92b6006ed9add84cad15e47a44df6b805d29467a028d3cf3a","sha512":"d34a7604b557b5fb103ef5a9671cf2c315fa39812890f39a938d2edd43a13748a30bf5371ad08177d4baf4db1b8c1771a5f7a0731c79508fe65cc4b205a672e2","ssdeep":"","tlshash":"75c02b19484180334c004f4d14ca1c2221c0310dc4642720008c0c0d4390493ff02ca7","first_seen":"2023-04-05T15:14:09Z","last_seen":"2024-08-21T09:44:12.357838Z","times_seen":2356,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/css/biz_vendors-9c1dc331d37147bce60c.css","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:34.932Z","timestamp":1698809014932,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/css/biz_vendors-9c1dc331d37147bce60c.css HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: TPtZTKvFiHhnNFr2G/FAbw==\r\netag: W/\"0x8DBD81A11BE4EB4\"\r\nlast-modified: Sun, 29 Oct 2023 00:57:48 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: 3212146e-101e-0092-090a-0a648b000000\r\ncf-cache-status: HIT\r\nage: 258769\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10512a9575697-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33572,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":339,"timings":{"blocked":163,"dns":127,"connect":1,"send":0,"wait":10,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aimg.kwcdn.com/upload_aimg/dawn/12f53c06-2818-4285-83c2-8dfacbebb37b.ttf","fqdn":"aimg.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.412Z","timestamp":1698809015412,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /upload_aimg/dawn/12f53c06-2818-4285-83c2-8dfacbebb37b.ttf HTTP/1.1\r\nHost: aimg.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.kwcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: font/ttf\r\ncache-control: max-age=31536000\r\ncontent-md5: vc3dZJAQ+PUM3cZsfSCM+Q==\r\netag: W/\"bdcddd649010f8f50cddc66c7d208cf9\"\r\nlast-modified: Wed, 19 Apr 2023 09:00:25 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: f6603be1-f01e-008c-0686-7376b4000000\r\ncf-cache-status: HIT\r\nage: 597049\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10515682e5699-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31288,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 10 tables, 1st \"OS/2\", 22 names, Macintosh, Copyright \\302\\254\\302\\251 2023 temu. All rights reserved.TemuMarket HeavyRegular2.001;MONO;Temu\\012- data","md5":"bdcddd649010f8f50cddc66c7d208cf9","sha1":"80e119731bcf49c7ff4d16354354ad119d519ee6","sha256":"8dbc708bd214c0ac24edde6523d540b124d8de22abbe87923f4f923545cef940","sha512":"984758a30efe1e67a575a6b8aeb5679f79c488969a32b438d31bb29b99449db7109c11af30665d4014a152d34c3dfccd465be1a604f143ca85599a04a712fed2","ssdeep":"768:cGrrLR/iYekrP9C8rqdVvJ/hqTCLYgx38b5ui7EFJ:HLIopnrqX9hq2sgCVNG","tlshash":"3be25c4063e5ce0acc3bdd7884e6934292faf634e22c0b3bfd89558d595a8ec0ddda51","first_seen":"2023-07-01T18:40:18Z","last_seen":"2025-04-13T22:54:05.684114Z","times_seen":258,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":115,"connect":4,"send":0,"wait":26,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/dynamic_vendors_9ba98012942f9e18bb80.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.001Z","timestamp":1698809016001,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/js/dynamic_vendors_9ba98012942f9e18bb80.js HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: taVt12iVQkmPueXzWY/ECA==\r\netag: W/\"0x8DBD4447D4CD830\"\r\nlast-modified: Tue, 24 Oct 2023 03:51:22 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: 638e6818-901e-008a-462d-068cb8000000\r\ncf-cache-status: HIT\r\nage: 418719\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f1051858be5699-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":208946,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/vendors_07ba115885eac13108d8.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.442Z","timestamp":1698809015442,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/js/vendors_07ba115885eac13108d8.js HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: nV9x2MHCdyt9bb7URxmpPw==\r\netag: W/\"0x8DBD82BF18B355D\"\r\nlast-modified: Sun, 29 Oct 2023 03:05:45 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: c4dcc74f-101e-0016-6415-0a9fd6000000\r\ncf-cache-status: HIT\r\nage: 258769\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10514ca2a5697-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":524193,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/4208_e4378c30181ed52d121f.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.734Z","timestamp":1698809015734,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/js/4208_e4378c30181ed52d121f.js HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: s4hyeKwqS17u8taCQGq7XQ==\r\netag: W/\"0x8DBA531C0F2A09F\"\r\nlast-modified: Fri, 25 Aug 2023 06:08:51 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: 37482b5b-201e-0089-7f1b-d7f1be000000\r\ncf-cache-status: HIT\r\nage: 602651\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10516a8695699-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85274,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"eu.pftk.temu.com/pmm/api/pmm/defined","fqdn":"eu.pftk.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.108.148","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.074Z","timestamp":1698809016074,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pftk.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:25 GMT","end":"Tue, 13 Aug 2024 13:25:25 GMT"},"fingerprint":{"sha1":"F4:BE:81:8F:72:EA:45:6C:90:FB:ED:AA:86:7C:F4:6D:10:06:EA:D8","sha256":"71:02:D1:74:74:8C:05:BE:75:9E:28:67:AE:01:46:6E:9B:B7:E3:78:CB:9C:AC:07:AF:0B:93:55:CF:96:10:D5"}}},"request":{"raw":"POST /pmm/api/pmm/defined HTTP/1.1\r\nHost: eu.pftk.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1917\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nCookie: api_uid=CnEixmVBxLUvTABjrLCrAg==\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/octet-stream\r\nexpires: Wed, 01 Nov 2023 03:23:34 GMT\r\ncache-control: no-cache\r\naccess-control-allow-origin: https://www.temu.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":931,"timings":{"blocked":416,"dns":58,"connect":57,"send":0,"wait":98,"receive":0,"ssl":297},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"eu.pftk.temu.com/pmm/api/pmm/api","fqdn":"eu.pftk.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.108.148","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.709Z","timestamp":1698809016709,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pftk.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:25 GMT","end":"Tue, 13 Aug 2024 13:25:25 GMT"},"fingerprint":{"sha1":"F4:BE:81:8F:72:EA:45:6C:90:FB:ED:AA:86:7C:F4:6D:10:06:EA:D8","sha256":"71:02:D1:74:74:8C:05:BE:75:9E:28:67:AE:01:46:6E:9B:B7:E3:78:CB:9C:AC:07:AF:0B:93:55:CF:96:10:D5"}}},"request":{"raw":"POST /pmm/api/pmm/api HTTP/1.1\r\nHost: eu.pftk.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1796\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nCookie: api_uid=CnEixmVBxLUvTABjrLCrAg==\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/octet-stream\r\nexpires: Wed, 01 Nov 2023 03:23:34 GMT\r\ncache-control: no-cache\r\naccess-control-allow-origin: https://www.temu.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/api/phantom/xg/pfb/l1","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.750Z","timestamp":1698809016750,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:20 GMT","end":"Tue, 13 Aug 2024 13:25:20 GMT"},"fingerprint":{"sha1":"DF:7A:E2:E8:63:59:CD:A2:AF:E9:56:63:9A:99:1E:4F:71:A7:30:35","sha256":"10:61:90:92:7E:F0:9A:68:A4:55:0F:62:39:EE:D5:38:02:F2:51:9E:BC:2C:05:D3:B3:16:CB:CA:9F:80:15:69"}}},"request":{"raw":"GET /api/phantom/xg/pfb/l1 HTTP/1.1\r\nHost: www.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B\r\nCookie: region=151; language=en; currency=NOK; api_uid=CnEixmVBxLUvTABjrLCrAg==; timezone=UTC; _nano_fp=XpEbl0Colp9an5XJX9_Q~YKc3XsSsQPCtOD17CCj\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/json;charset=UTF-8\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-yak-request-id: 1698809015894-65478f65f5f8957dac292309472511da\r\nstrict-transport-security: max-age=2592000\r\ncontent-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif\r\nyak-timeinfo: 1698809015894|1\r\ncip: 91.90.42.154\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":114,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"bb0687da0fb05463be21230ed3fa5de3","sha1":"874f00ce048e7f938949306983dbdee59f0f1a63","sha256":"2910d68aaf70adf92b6006ed9add84cad15e47a44df6b805d29467a028d3cf3a","sha512":"d34a7604b557b5fb103ef5a9671cf2c315fa39812890f39a938d2edd43a13748a30bf5371ad08177d4baf4db1b8c1771a5f7a0731c79508fe65cc4b205a672e2","ssdeep":"","tlshash":"75c02b19484180334c004f4d14ca1c2221c0310dc4642720008c0c0d4390493ff02ca7","first_seen":"2023-04-05T15:14:09Z","last_seen":"2024-08-21T09:44:12.357838Z","times_seen":2356,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/css/ruby_free_right-10f2b7128fad3f3b2964.css","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:34.935Z","timestamp":1698809014935,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/css/ruby_free_right-10f2b7128fad3f3b2964.css HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: pKvyq4npWfdtyLnZVvuKGQ==\r\netag: W/\"0x8DBD9289C88AB5C\"\r\nlast-modified: Mon, 30 Oct 2023 09:14:25 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: b34fd32c-c01e-002f-0514-0bcdd4000000\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10512a96b5697-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":776267,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a4abf2ab89e959f76dc8b9d956fb8a19","sha1":"19a30e23eb1fd20a9a85610c9c73de628cf868d2","sha256":"da440c78523470b5cd211cc3810acad7009d758f74cb168b51c3247b6a243794","sha512":"a27326aa3a9c64f8d4a1cab8b02d6c877408ed7a720eb5f6255c61e8ca20674f9e8feee0f73756639f2101a7a51b620229d95f24f28786f720355beba1d1f8fc","ssdeep":"12288:3PWWTxRrS5LFhHHCz8l09qvCp0+vmSAvWIaGMOk4:FTxRrSRHHRl0cCpDEa+","tlshash":"55f4766b4962224de027da16bfe45bcc4229c523d1230e9d72173d2bc78b7e727a534b","first_seen":"2023-11-01T04:23:55Z","last_seen":"2023-11-13T19:08:16Z","times_seen":15,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":162,"dns":125,"connect":5,"send":0,"wait":58,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/react_webpack_runtime_3f58d683b6ad845a1a6c.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.436Z","timestamp":1698809015436,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/js/react_webpack_runtime_3f58d683b6ad845a1a6c.js HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: gcNhg3yuhF8poOli38TIKw==\r\netag: W/\"0x8DBD9F91110EBDB\"\r\nlast-modified: Tue, 31 Oct 2023 10:06:35 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: e2f7ca7c-101e-0092-37ed-0b648b000000\r\ncf-cache-status: HIT\r\nage: 57132\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10514ca275697-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":50822,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (50751)","md5":"81c361837cae845f29a0e962dfc4c82b","sha1":"9fc8fed56dc5c7b526fd89a8125e47f31d627a10","sha256":"83ed4d1a8f8454e2446cd5ddeb1aa8276f23bcf3e454156c508c8d07dad680b9","sha512":"f5dcdc38855a06c66c11319dafe5fd12326c72fbeffdc9fb13d3fb209b9b1bdc37e81e4b96281f01c13a9bc799eedddbd698d51c05d51d114a343f7fd2104006","ssdeep":"768:oTOvVSA8mq+7WqkpWjEgeZfvVjE/x2AfNl7WqhvIGpxbf3/c8bZ6Kukmq43KAZB1:8Oc3wlggKFmcq6GpRfkEZ61KGNmSXZ","tlshash":"2a331a1da22cb1da58ac48f26c5e515f36a9230978533cf0cdb9e6ee3744d27709a63c","first_seen":"2023-10-31T20:43:54Z","last_seen":"2023-11-01T04:23:55Z","times_seen":3,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.temu.com/api/phantom/xg/pfb/b","fqdn":"www.temu.com","domain":"temu.com","tld":"com"},"ip":{"addr":"20.123.110.224","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:36.222Z","timestamp":1698809016222,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.temu.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 13 Jul 2023 13:25:20 GMT","end":"Tue, 13 Aug 2024 13:25:20 GMT"},"fingerprint":{"sha1":"DF:7A:E2:E8:63:59:CD:A2:AF:E9:56:63:9A:99:1E:4F:71:A7:30:35","sha256":"10:61:90:92:7E:F0:9A:68:A4:55:0F:62:39:EE:D5:38:02:F2:51:9E:BC:2C:05:D3:B3:16:CB:CA:9F:80:15:69"}}},"request":{"raw":"GET /api/phantom/xg/pfb/b HTTP/1.1\r\nHost: www.temu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B\r\nCookie: region=151; language=en; currency=NOK; api_uid=CnEixmVBxLUvTABjrLCrAg==; timezone=UTC; _nano_fp=XpEbl0Colp9an5XJX9_Q~YKc3XsSsQPCtOD17CCj\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Wed, 01 Nov 2023 03:23:35 GMT\r\ncontent-type: application/json;charset=UTF-8\r\ncache-control: max-age=94608000, immutable, private\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-yak-request-id: 1698809015361-0e90277d868ea8d3e528ee82a3b61d08\r\nstrict-transport-security: max-age=2592000\r\ncontent-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif\r\nyak-timeinfo: 1698809015361|2\r\ncip: 91.90.42.154\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":161,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"7940668cdab2c42445f23357597d63dd","sha1":"0912d50d3c3b3aeb7b4d7727cb31765b055de4da","sha256":"2303187da94d2e265071a9a7a2d265486e25b41b65739c53c7b8ae9703a50c3d","sha512":"3e3480bdff1a2e5ed41ff75c051f6aac847eafd990374430efc287a4af6b5115bff147237d76ec8f125517809d0a797da306029848981a80528b0c91e143a3b4","ssdeep":"","tlshash":"63c08c56af61c822c480843f04377d06568c289bc2912e3a084c4f97ebc053f3f0a403","first_seen":"2023-11-01T04:23:55Z","last_seen":"2023-11-01T04:23:55Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aimg.kwcdn.com/upload_aimg/dawn/bab4c552-e8ad-46e5-b1b0-4aa47e220429.ttf","fqdn":"aimg.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.419Z","timestamp":1698809015419,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /upload_aimg/dawn/bab4c552-e8ad-46e5-b1b0-4aa47e220429.ttf HTTP/1.1\r\nHost: aimg.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.kwcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: font/ttf\r\ncache-control: max-age=31536000\r\ncontent-md5: 4CSKkP7kvPiChFMXNV4J9g==\r\netag: W/\"e0248a90fee4bcf882845317355e09f6\"\r\nlast-modified: Wed, 19 Apr 2023 09:00:25 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: d2050974-d01e-009e-4388-739092000000\r\ncf-cache-status: HIT\r\nage: 329060\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10515682d5699-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31092,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 10 tables, 1st \"OS/2\", 22 names, Macintosh, Copyright \\302\\254\\302\\251 2023 Temu. All rights reserved.TemuMarket-BoldBold2.001;MONO;TemuMark\\012- data","md5":"e0248a90fee4bcf882845317355e09f6","sha1":"ddc96c9886623f21e7c0ef4682d72133c8d71148","sha256":"8e4b66c4be42c2d5a98639ed4638824efd6ee0b4972daad3929f93a8bc26debb","sha512":"f7716c74d6bd5a9a3a390f2a4bbb2e3c300d6de7fad201e3651a33566bae5006c29819fb29c0f5404431e6487714052e7ff8bb4e8c02e25193ebd872049beb09","ssdeep":"768:G0MpCq9PwlCCoC8AEQbkLEBHp0DDiLxWubLFFJ:dvY9C8LDidWubLV","tlshash":"66d27c81b7edca4adc3fea79c661878293b2f626e21d0337fd8c498c5c579d84888751","first_seen":"2023-05-07T21:46:56Z","last_seen":"2024-08-21T06:34:01.763694Z","times_seen":164,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":0,"dns":107,"connect":4,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.kwcdn.com/m-assets/assets/js/8745_5a2cd9a3cbf91dac9c60.js","fqdn":"static.kwcdn.com","domain":"kwcdn.com","tld":"com"},"ip":{"addr":"172.64.152.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.temu.com/ruby_free_right.html?_bg_fs=1\u0026_p_rfs=1\u0026btn_active=1\u0026fish_banner=no\u0026gs_comp_expired=1698847886\u0026team_type=C\u0026gs_team_remove=1\u0026needs_login=1\u0026login_scene=7\u0026_p_login_channel=activity\u0026_x_sid=personal\u0026refer_share_id=3AeoGyWI1j2Q0HSExQxsrXM9QEARKkyB\u0026refer_share_channel=copy_link\u0026refer_share_suin=BDIRDWR6XZAZB6ZQGAZQFJRH2ODZRW5KLDHTKA6I32YFA\u0026group_sn=231031-858BD74332A953031297\u0026_ex_campaign=mkt_activity\u0026_ex_cid=mkt_activity_goods\u0026_ex_sid=free_goods_invite\u0026gs_invite_code=477846401\u0026gs_og_title=%D9%87%D9%84%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D9%82%D8%A8%D9%88%D9%84%20%D8%AF%D8%B9%D9%88%D8%AA%D9%8A%20%D8%AD%D8%AA%D9%89%20%D8%A3%D8%AA%D9%85%D9%83%D9%86%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D9%87%D8%AF%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9\u0026gs_og_description=%D8%A7%D8%B6%D8%BA%D8%B7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A2%D9%86%20%D9%88%D8%B4%D8%A7%D8%B1%D9%83%20%D9%81%D9%8A%20%D9%87%EF%BF%BD%25B","date":"2023-11-01T03:23:35.448Z","timestamp":1698809015448,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwcdn.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sun, 09 Jul 2023 08:39:48 GMT","end":"Fri, 09 Aug 2024 08:39:48 GMT"},"fingerprint":{"sha1":"8E:20:D0:9F:7B:0A:C3:EA:D1:3B:83:B0:98:01:3E:92:E0:ED:ED:AB","sha256":"A5:D9:A2:D8:71:CF:58:45:94:50:49:53:DA:04:F7:85:42:3B:D8:71:FF:7F:0A:AE:F2:A1:A6:CA:A9:58:87:A6"}}},"request":{"raw":"GET /m-assets/assets/js/8745_5a2cd9a3cbf91dac9c60.js HTTP/1.1\r\nHost: static.kwcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.temu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.temu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Nov 2023 03:23:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncontent-md5: 0owGVsZCljcQifzU/BrUmg==\r\netag: W/\"0x8DBD9F911E29C41\"\r\nlast-modified: Tue, 31 Oct 2023 10:06:37 GMT\r\nx-content-type-options: nosniff\r\nx-pos-request-id: 0874d186-f01e-0024-03ed-0be8c3000000\r\ncf-cache-status: HIT\r\nage: 57132\r\naccess-control-allow-origin: *\r\ncoloid: 83\r\ntiming-allow-origin: *\r\nx-cip: 91.90.42.154\r\nserver: cloudflare\r\ncf-ray: 81f10514ca2d5697-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":527973,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}