temu.com/s/Dr9Yry1U5i1E54hN
20.237.10.133301 Moved Permanently 166 B URL HTTP/1.1 temu.com/s/Dr9Yry1U5i1E54hN
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /s/Dr9Yry1U5i1E54hN HTTP/1.1
Host: temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Nginx
Date: Sun, 05 Feb 2023 19:21:56 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://temu.com/s/Dr9Yry1U5i1E54hN
x-yak-request-id: 1675624916338-686161d03e6d444a186832838fe9c892
strict-transport-security: max-age=2592000
Set-Cookie: api_uid=Cm3Ax2PgAdQvUQEGCw8YAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=temu.com; path=/
cip: 91.90.42.154
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14419
Expires: Sun, 05 Feb 2023 23:22:15 GMT
Date: Sun, 05 Feb 2023 19:21:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3653
Expires: Sun, 05 Feb 2023 20:22:49 GMT
Date: Sun, 05 Feb 2023 19:21:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 18:33:56 GMT
content-type: application/json
age: 2880
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10030
Expires: Sun, 05 Feb 2023 22:09:06 GMT
Date: Sun, 05 Feb 2023 19:21:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LcDku87JRiZ+I+UpskSSKNMzk4+qr5E1Qn0NNLNmGZQiAdSrTRtQ2jCwOIn0BZ+5PY8MFGr+fDo=
x-amz-request-id: JSFNYYCQC19MTFR2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 18:53:24 GMT
age: 1712
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 19:21:56 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 18:49:07 GMT
age: 1970
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13878
Expires: Sun, 05 Feb 2023 23:13:15 GMT
Date: Sun, 05 Feb 2023 19:21:57 GMT
Connection: keep-alive
push.services.mozilla.com/
54.187.31.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.31.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rgGDM7jgL9eUNaS7ezz++A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: O/odK+1jtwybOJks7OW6Lr0Qdug=
temu.com/s/Dr9Yry1U5i1E54hN
20.237.10.133302 Found 0 B URL HTTP/2 temu.com/s/Dr9Yry1U5i1E54hN
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/Dr9Yry1U5i1E54hN HTTP/1.1
Host: temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: Nginx
date: Sun, 05 Feb 2023 19:21:57 GMT
content-type: text/html;charset=UTF-8
content-length: 0
location: https://www.temu.com/walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward%21%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you%7E%21%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png
x-yak-request-id: 1675624917912-908147f015b1f81efef19ad45f77afe8
set-cookie: region=211; Expires=Tue, 07-Mar-23 19:21:57 GMT; Path=/
language=en; Expires=Tue, 07-Mar-23 19:21:57 GMT; Path=/
currency=USD; Expires=Tue, 07-Mar-23 19:21:57 GMT; Path=/
api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=temu.com; path=/
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
cip: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash f47f533a09d9434db5fccd561f68f468
6365ac51a7ab66be48f3ce7c662cf3cefe3ab24f
80cb6e077aec552ff7fd7e19c40326afccc84f4d5a9b49b302bcfd6572cad6ca
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 19:21:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:34:29 GMT
Expires: Sun, 05 Feb 2023 21:34:29 GMT
ETag: "6365ac51a7ab66be48f3ce7c662cf3cefe3ab24f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash f47f533a09d9434db5fccd561f68f468
6365ac51a7ab66be48f3ce7c662cf3cefe3ab24f
80cb6e077aec552ff7fd7e19c40326afccc84f4d5a9b49b302bcfd6572cad6ca
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 19:21:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:34:29 GMT
Expires: Sun, 05 Feb 2023 21:34:29 GMT
ETag: "6365ac51a7ab66be48f3ce7c662cf3cefe3ab24f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash f47f533a09d9434db5fccd561f68f468
6365ac51a7ab66be48f3ce7c662cf3cefe3ab24f
80cb6e077aec552ff7fd7e19c40326afccc84f4d5a9b49b302bcfd6572cad6ca
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 19:21:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:34:29 GMT
Expires: Sun, 05 Feb 2023 21:34:29 GMT
ETag: "6365ac51a7ab66be48f3ce7c662cf3cefe3ab24f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash f47f533a09d9434db5fccd561f68f468
6365ac51a7ab66be48f3ce7c662cf3cefe3ab24f
80cb6e077aec552ff7fd7e19c40326afccc84f4d5a9b49b302bcfd6572cad6ca
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 19:21:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:34:29 GMT
Expires: Sun, 05 Feb 2023 21:34:29 GMT
ETag: "6365ac51a7ab66be48f3ce7c662cf3cefe3ab24f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash f47f533a09d9434db5fccd561f68f468
6365ac51a7ab66be48f3ce7c662cf3cefe3ab24f
80cb6e077aec552ff7fd7e19c40326afccc84f4d5a9b49b302bcfd6572cad6ca
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 19:21:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:34:29 GMT
Expires: Sun, 05 Feb 2023 21:34:29 GMT
ETag: "6365ac51a7ab66be48f3ce7c662cf3cefe3ab24f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
104.18.29.69200 OK 19 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
IP 104.18.29.69:0
File type PNG image data, 470 x 328, 8-bit colormap, non-interlaced\012- data
Hash 5bcec11d2b497f3f16822b36489ec5b6
1823e11f2efaf6590e09e8f8178e09971f792f1b
41f753cb40c792a19a625a2434f7ded86b43376ce1813ef3bf056a7f52c6157c
GET /upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.kwcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 19:21:58 GMT
content-type: image/png
content-length: 18595
cache-control: max-age=31536000
last-modified: Fri, 09 Dec 2022 05:54:31 GMT
request-id: 80d484941c11447ed478757d3bffb391
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
age: 5049826
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 794e031cab64b505-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14478
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 19:21:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14478
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 19:21:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14478
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 19:21:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14478
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 19:21:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14478
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 19:21:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 76260
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: c11233d1-ef16-4b03-9174-a493011dc0ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEoFHOKIAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8166-4a290e811547293f437311bb;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1F0bxib8bn4kZvGBTL63ecNDDEy6XZ8kIb8K5BNqusVL9SvAAARUJw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:11:45 GMT
age: 76213
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 12:31:54 GMT
age: 24604
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 56510
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 14:53:51 GMT
age: 16087
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/biz_vendors_2d255e9c3c7818fb12e9.css
104.18.29.69200 OK 37 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/css/biz_vendors_2d255e9c3c7818fb12e9.css
IP 104.18.29.69:0
File type Unicode text, UTF-8 text, with very long lines (6854)
Hash f17b03f3729cdf5accb41972adbd5cd9
91c55fe5e94eb733f84330e82218e7d3560e667f
f903a3bdbf6b4c8d885231198b6541f873b8b417a96a098e3f38e9fc10d774b2
GET /m-assets/assets/css/biz_vendors_2d255e9c3c7818fb12e9.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 19:21:58 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: RyNGcQVeIpHpt9BpMuykpg==
etag: W/"47234671055e2291e9b7d06932eca4a6"
last-modified: Sat, 28 Jan 2023 07:22:41 GMT
x-content-type-options: nosniff
x-pos-request-id: 749970cb-601e-0019-4feb-3216c9000000
cf-cache-status: HIT
age: 163996
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 794e031c0a9bb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ebdb2f21cb28e2d8b96eeaf78e15f6a0
43168762bd68a0d4253d1f72f01a35bdea618306
13dbbf843167946835e2ebdcc075db7a76357efb4d9dc2a82b84d3bc13190390
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 19:21:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 05 Feb 2023 01:58:14 GMT
Expires: Mon, 06 Feb 2023 01:58:14 GMT
ETag: "43168762bd68a0d4253d1f72f01a35bdea618306"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 19:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NSR6SG3
142.250.74.168200 OK 73 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NSR6SG3
IP 142.250.74.168:0
File type ASCII text, with very long lines (7645)
Hash dd3b9a61ca10baebb6402475c9232482
5fe814f2f344d4c0dd8340088fbe1c8ee369a729
bfaa316bfa6c11a965ea4ec4d2aeb4ac568c20f4953d78e2db1169216ffa5fa3
GET /gtm.js?id=GTM-NSR6SG3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 19:21:59 GMT
expires: Sun, 05 Feb 2023 19:21:59 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 19:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.temu.com/api/phantom/xg/pfb/a4
20.237.10.133200 OK 1.9 kB URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash b66012bd7944760200789b7f46eacd54
6b2c0da09e27518334cf7e0bf1f6c97d2bc7e70a
c602bcb78f4500e36400f87bd3094552f06373b65662b10f14de0b2598c38043
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1508
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward!%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you~!%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==; region=211; language=en; currency=USD; _nano_fp=XpE8npExn0UjX0dbXT_LoZauik0cHhuUzwyO8G9u; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=umsLwHtzarRKuV6WJBkaICTx6KGd7apz; Max-Age=31536000; Expires=Mon, 05 Feb 2024 19:21:59 GMT; Path=/; Domain=.temu.com
njrpl=umsLwHtzarRKuV6WJBkaICTx6KGd7apz; Max-Age=31536000; Expires=Mon, 05 Feb 2024 19:21:59 GMT; Path=/; Domain=.temu.com
dilx=vjrj6QsHrSpgLfCzyNswX; Max-Age=31536000; Expires=Mon, 05 Feb 2024 19:21:59 GMT; Path=/; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1675624919250-a910d1388c8c7d6d2819d48769ee033c
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675624919250|20
cip: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash b645bae84a7ef209a29ce18e438703de
3426469e9ae58cccbf19ab14cfdb6a094149fed6
3327175e9300aa5cdb609f84797af2f03f921021c1ce26e3b80ab4e3982424c3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 19:21:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:42:54 GMT
Expires: Sun, 05 Feb 2023 21:42:54 GMT
ETag: "3426469e9ae58cccbf19ab14cfdb6a094149fed6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash b645bae84a7ef209a29ce18e438703de
3426469e9ae58cccbf19ab14cfdb6a094149fed6
3327175e9300aa5cdb609f84797af2f03f921021c1ce26e3b80ab4e3982424c3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 19:21:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:42:54 GMT
Expires: Sun, 05 Feb 2023 21:42:54 GMT
ETag: "3426469e9ae58cccbf19ab14cfdb6a094149fed6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.temu.com/api/sec-csp/c/sec-gif
20.237.10.133200 OK 0 B URL HTTP/2 www.temu.com/api/sec-csp/c/sec-gif
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/sec-csp/c/sec-gif HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2188
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:59 GMT
content-length: 0
x-yak-request-id: 1675624919558-0b46311e3112bee9a13764a061bf3eb0
access-control-allow-origin: https://www.temu.com
vary: Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675624919558|2
set-cookie: api_uid=Cm3AS2PgAdcmBQDnLypGAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 812c281b6ca8230ae3817d6da02234f4
ad8cce13897baf00d4c59c78c5db1256c559c543
c6b9cfe534827ebd092f960503720d66be257a43a74bbd41827d180c652371c2
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 19:21:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 05 Feb 2023 03:13:21 GMT
Expires: Mon, 06 Feb 2023 03:13:21 GMT
ETag: "ad8cce13897baf00d4c59c78c5db1256c559c543"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f31d413448fb27f6006f2545602f47ff
59841d25babb3ba8963eba808c51fcea6492590a
dc69d16cb98638c74987c8bdb4613c2e7837b39a0423fefdfb2b7f518f21134c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1879
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 19:21:59 GMT
Last-Modified: Sun, 05 Feb 2023 18:50:40 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 19:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 19:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: EnXIulLNvHPun6fbnlYb/mhEuyH29GogXYoQ4oPUSnl4V18MiA/it4ycaOFd1RO09kuRn4bsIPqKtky/+gm2Jg==
content-length: 27843
x-fb-trip-id: 1904183273
date: Sun, 05 Feb 2023 19:21:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=273161182.1675624961>m=45je3210&aip=1&z=1563474953
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=273161182.1675624961>m=45je3210&aip=1&z=1563474953
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=273161182.1675624961>m=45je3210&aip=1&z=1563474953 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 19:21:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1675624960883&cv=11&fst=1675624960883&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fwalrus_flip_card.html%3F_bg_fs%3D1%26_p_rfs%3D1%26group_sn%3D122001_20230204C2E8E9407C005948%26gs_code_way%3D3%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3Di***a%26gsfp_tip%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3Dzg7gsOwLivtx2upQWJHfWxuijxAnxs1s%26refer_share_channel%3Dwhatsapp_chat%26refer_share_suin%3DBC2UIZYGBFRVIQZQGAZT22ZBLQMEH75G&tiba=Flip%20Card&auid=1035547587.1675624961&data=event%3Dpage_view&rfmt=3&fmt=4
216.58.207.194200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1675624960883&cv=11&fst=1675624960883&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fwalrus_flip_card.html%3F_bg_fs%3D1%26_p_rfs%3D1%26group_sn%3D122001_20230204C2E8E9407C005948%26gs_code_way%3D3%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3Di***a%26gsfp_tip%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3Dzg7gsOwLivtx2upQWJHfWxuijxAnxs1s%26refer_share_channel%3Dwhatsapp_chat%26refer_share_suin%3DBC2UIZYGBFRVIQZQGAZT22ZBLQMEH75G&tiba=Flip%20Card&auid=1035547587.1675624961&data=event%3Dpage_view&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (2953), with no line terminators
Hash d36957ba0b030e551c2898bf02649dea
2d1f1ede4472e2eac33d73338ece13a684fa2bb5
5805356e13496b95609e3aafb44ab7eb54194d6da4b68d93f2ce4c0275d8765c
GET /pagead/viewthroughconversion/10974797857/?random=1675624960883&cv=11&fst=1675624960883&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fwalrus_flip_card.html%3F_bg_fs%3D1%26_p_rfs%3D1%26group_sn%3D122001_20230204C2E8E9407C005948%26gs_code_way%3D3%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3Di***a%26gsfp_tip%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3Dzg7gsOwLivtx2upQWJHfWxuijxAnxs1s%26refer_share_channel%3Dwhatsapp_chat%26refer_share_suin%3DBC2UIZYGBFRVIQZQGAZT22ZBLQMEH75G&tiba=Flip%20Card&auid=1035547587.1675624961&data=event%3Dpage_view&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 19:21:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 19:36:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f31d413448fb27f6006f2545602f47ff
59841d25babb3ba8963eba808c51fcea6492590a
dc69d16cb98638c74987c8bdb4613c2e7837b39a0423fefdfb2b7f518f21134c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1879
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 19:21:59 GMT
Last-Modified: Sun, 05 Feb 2023 18:50:40 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 19:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 19:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.temu.com/api/phantom/xg/pfb/l1
20.237.10.133200 OK 115 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/l1
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 97ca7ff0137b4a1af93e3facad14821e
1f824aa586c6917e7cdb35e2d28f586154a7d8af
cd12ad57a17a89b18de481dead6e09f005a21aa8d7383e4b0b8c827b8335a0c3
GET /api/phantom/xg/pfb/l1 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward!%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you~!%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==; region=211; language=en; currency=USD; _nano_fp=XpE8npExn0UjX0dbXT_LoZauik0cHhuUzwyO8G9u; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1675624919251-47b28390f68e4d157d4698884b9a0a13
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675624919251|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/sec-csp/c/sec-gif
20.237.10.133200 OK 0 B URL HTTP/2 www.temu.com/api/sec-csp/c/sec-gif
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/sec-csp/c/sec-gif HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3717
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:59 GMT
content-length: 0
x-yak-request-id: 1675624919979-aa328111af1f3157a17304b02ebafa0d
access-control-allow-origin: https://www.temu.com
vary: Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675624919979|2
set-cookie: api_uid=CmzU82PgAdeeiwDELy0AAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
X-Firefox-Spdy: h2
us.matk.temu.com/web/wtm
13.107.237.53200 OK 0 B IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web/wtm HTTP/1.1
Host: us.matk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1464
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==; _gcl_au=1.1.1035547587.1675624961; _bee=ZxLRIH0VwKXHlTupEqYLmEb6ZttOMapF; njrpl=ZxLRIH0VwKXHlTupEqYLmEb6ZttOMapF; dilx=vjrj6QsHrSpgLfCzyNswX; _ga_R8YHFZCMMX=GS1.1.1675624961.1.0.1675624961.60.0.0; _ga=GA1.1.273161182.1675624961
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
content-type: application/octet-stream
expires: Sun, 05 Feb 2023 19:21:58 GMT
vary: Accept-Encoding
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
x-cache: CONFIG_NOCACHE
x-azure-ref: 01wHgYwAAAABG0cH25FdlRJvSDrEIUbgcQ1BIMzBFREdFMDQwOQBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
date: Sun, 05 Feb 2023 19:21:59 GMT
content-length: 0
X-Firefox-Spdy: h2
www.thtk.temu.com/c/th.gif
20.231.235.230200 OK 0 B URL HTTP/2 www.thtk.temu.com/c/th.gif
IP 20.231.235.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /c/th.gif HTTP/1.1
Host: www.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1943
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: image/gif
expires: Sun, 05 Feb 2023 19:21:58 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=273161182.1675624961>m=45je3210&aip=1
64.233.165.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=273161182.1675624961>m=45je3210&aip=1
IP 64.233.165.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX&cid=273161182.1675624961>m=45je3210&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Sun, 05 Feb 2023 19:22:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 19:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/10974797857/?random=1675624960883&cv=11&fst=1675623600000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fwalrus_flip_card.html%3F_bg_fs%3D1%26_p_rfs%3D1%26group_sn%3D122001_20230204C2E8E9407C005948%26gs_code_way%3D3%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3Di***a%26gsfp_tip%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3Dzg7gsOwLivtx2upQWJHfWxuijxAnxs1s%26refer_share_channel%3Dwhatsapp_chat%26refer_share_suin%3DBC2UIZYGBFRVIQZQGAZT22ZBLQMEH75G&tiba=Flip%20Card&data=event%3Dpage_view&fmt=3&is_vtc=1&random=1814710303&rmt_tld=0&ipr=y
216.58.211.4200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10974797857/?random=1675624960883&cv=11&fst=1675623600000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fwalrus_flip_card.html%3F_bg_fs%3D1%26_p_rfs%3D1%26group_sn%3D122001_20230204C2E8E9407C005948%26gs_code_way%3D3%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3Di***a%26gsfp_tip%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3Dzg7gsOwLivtx2upQWJHfWxuijxAnxs1s%26refer_share_channel%3Dwhatsapp_chat%26refer_share_suin%3DBC2UIZYGBFRVIQZQGAZT22ZBLQMEH75G&tiba=Flip%20Card&data=event%3Dpage_view&fmt=3&is_vtc=1&random=1814710303&rmt_tld=0&ipr=y
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10974797857/?random=1675624960883&cv=11&fst=1675623600000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fwalrus_flip_card.html%3F_bg_fs%3D1%26_p_rfs%3D1%26group_sn%3D122001_20230204C2E8E9407C005948%26gs_code_way%3D3%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3Di***a%26gsfp_tip%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3Dzg7gsOwLivtx2upQWJHfWxuijxAnxs1s%26refer_share_channel%3Dwhatsapp_chat%26refer_share_suin%3DBC2UIZYGBFRVIQZQGAZT22ZBLQMEH75G&tiba=Flip%20Card&data=event%3Dpage_view&fmt=3&is_vtc=1&random=1814710303&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 19:22:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 19:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fwalrus_flip_card.html%3F_bg_fs%3D1%26_p_rfs%3D1%26group_sn%3D122001_20230204C2E8E9407C005948%26gs_code_way%3D3%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3Di***a%26gsfp_tip%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3Dzg7gsOwLivtx2upQWJHfWxuijxAnxs1s%26refer_share_channel%3Dwhatsapp_chat%26refer_share_suin%3DBC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_lucky_flip%26_ex_sid%3Dmkt_activity_lucky_flip%26gs_invite_code%3D64130797%26gs_og_title%3D%25F0%259F%258E%258AClick%2520here%2520to%2520get%2520your%2520Reward!%2520Up%2520to%2520%2524100%2520credits%2520are%2520waiting%2520for%2520you~!%2520%26gs_og_description%3DAccept%2520my%2520invitation%2520and%2520flip%2520your%2520cards%2520on%2520Temu%2520app%25EF%25BC%2581%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F982072c9-7e93-4cad-99c9-5fd630f9b789.png&rl=&if=false&ts=1675624961920&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675624961919.1469991829&it=1675624961500&coo=false&tm=1&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fwalrus_flip_card.html%3F_bg_fs%3D1%26_p_rfs%3D1%26group_sn%3D122001_20230204C2E8E9407C005948%26gs_code_way%3D3%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3Di***a%26gsfp_tip%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3Dzg7gsOwLivtx2upQWJHfWxuijxAnxs1s%26refer_share_channel%3Dwhatsapp_chat%26refer_share_suin%3DBC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_lucky_flip%26_ex_sid%3Dmkt_activity_lucky_flip%26gs_invite_code%3D64130797%26gs_og_title%3D%25F0%259F%258E%258AClick%2520here%2520to%2520get%2520your%2520Reward!%2520Up%2520to%2520%2524100%2520credits%2520are%2520waiting%2520for%2520you~!%2520%26gs_og_description%3DAccept%2520my%2520invitation%2520and%2520flip%2520your%2520cards%2520on%2520Temu%2520app%25EF%25BC%2581%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F982072c9-7e93-4cad-99c9-5fd630f9b789.png&rl=&if=false&ts=1675624961920&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675624961919.1469991829&it=1675624961500&coo=false&tm=1&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fwalrus_flip_card.html%3F_bg_fs%3D1%26_p_rfs%3D1%26group_sn%3D122001_20230204C2E8E9407C005948%26gs_code_way%3D3%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3Di***a%26gsfp_tip%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3Dzg7gsOwLivtx2upQWJHfWxuijxAnxs1s%26refer_share_channel%3Dwhatsapp_chat%26refer_share_suin%3DBC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_lucky_flip%26_ex_sid%3Dmkt_activity_lucky_flip%26gs_invite_code%3D64130797%26gs_og_title%3D%25F0%259F%258E%258AClick%2520here%2520to%2520get%2520your%2520Reward!%2520Up%2520to%2520%2524100%2520credits%2520are%2520waiting%2520for%2520you~!%2520%26gs_og_description%3DAccept%2520my%2520invitation%2520and%2520flip%2520your%2520cards%2520on%2520Temu%2520app%25EF%25BC%2581%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F982072c9-7e93-4cad-99c9-5fd630f9b789.png&rl=&if=false&ts=1675624961920&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675624961919.1469991829&it=1675624961500&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Feb 2023 19:22:00 GMT
X-Firefox-Spdy: h2
www.pftk.temu.com/pmm/api/pmm/api
20.185.14.73200 OK 0 B URL HTTP/2 www.pftk.temu.com/pmm/api/pmm/api
IP 20.185.14.73:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /pmm/api/pmm/api HTTP/1.1
Host: www.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1703
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 19:22:00 GMT
content-type: application/octet-stream
expires: Sun, 05 Feb 2023 19:21:59 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
www.temu.com/walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward%21%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you%7E%21%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png
20.237.10.133200 OK 0 B URL HTTP/2 www.temu.com/walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward%21%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you%7E%21%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward%21%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you%7E%21%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, iris-context-client-language, User-Agent
content-language: en
set-cookie: AccessToken=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
PDDAccessToken=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
user_uin=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
pdd_user_uin=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
pdd_user_id=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
region=211; Expires=Tue, 07-Mar-23 19:21:58 GMT; Path=/
language=en; Expires=Tue, 07-Mar-23 19:21:58 GMT; Path=/
currency=USD; Expires=Tue, 07-Mar-23 19:21:58 GMT; Path=/
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-accel-buffering: no
content-encoding: gzip
x-yak-request-id: 1675624918090-0839da04b197fb4a17f075d679a4883a
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
cip: 91.90.42.154
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/biz_vendors_b24781589dbf54850151.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/biz_vendors_b24781589dbf54850151.js
IP 104.18.29.69:0
GET /m-assets/assets/js/biz_vendors_b24781589dbf54850151.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 19:21:58 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: mqe3R7pni0gfwKDDHcuo7g==
etag: W/"9aa7b747ba678b481fc0a0c31dcba8ee"
last-modified: Sun, 05 Feb 2023 09:17:12 GMT
x-content-type-options: nosniff
x-pos-request-id: 177f3a5b-b01e-0030-1942-39f4e9000000
cf-cache-status: HIT
age: 29848
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 794e031c1d54fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.thtk.temu.com/c/th.gif
20.231.235.230200 OK 0 B URL HTTP/2 www.thtk.temu.com/c/th.gif
IP 20.231.235.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /c/th.gif HTTP/1.1
Host: www.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 736
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: image/gif
expires: Sun, 05 Feb 2023 19:21:58 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a3
20.237.10.133200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a3
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/a3 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward!%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you~!%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==; region=211; language=en; currency=USD; _nano_fp=XpE8npExn0UjX0dbXT_LoZauik0cHhuUzwyO8G9u; timezone=UTC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1675624919115-eca5281fe257c81a49528cd44e0748e2
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675624919115|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/l1
20.237.10.133200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/l1
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/l1 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward!%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you~!%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==; region=211; language=en; currency=USD; _nano_fp=XpE8npExn0UjX0dbXT_LoZauik0cHhuUzwyO8G9u; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1675624919257-5cbee5ffba5fa51f047b89777cffeaf5
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675624919257|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a4
20.237.10.133200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1508
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward!%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you~!%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==; region=211; language=en; currency=USD; _nano_fp=XpE8npExn0UjX0dbXT_LoZauik0cHhuUzwyO8G9u; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=ZxLRIH0VwKXHlTupEqYLmEb6ZttOMapF; Max-Age=31536000; Expires=Mon, 05 Feb 2024 19:21:59 GMT; Path=/; Domain=.temu.com
njrpl=ZxLRIH0VwKXHlTupEqYLmEb6ZttOMapF; Max-Age=31536000; Expires=Mon, 05 Feb 2024 19:21:59 GMT; Path=/; Domain=.temu.com
dilx=vjrj6QsHrSpgLfCzyNswX; Max-Age=31536000; Expires=Mon, 05 Feb 2024 19:21:59 GMT; Path=/; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1675624919255-aaa5464cd0b0f16b07550d4a5d2229da
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675624919255|21
cip: 91.90.42.154
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/walrus_flip_card_e27b0dec0563eee2def2.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/walrus_flip_card_e27b0dec0563eee2def2.js
IP 104.18.29.69:0
GET /m-assets/assets/js/walrus_flip_card_e27b0dec0563eee2def2.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 19:21:58 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: s2cpJUJo/1o5CgKXHMwNfw==
etag: W/"b36729254268ff5a390a02971ccc0d7f"
last-modified: Sun, 05 Feb 2023 09:17:12 GMT
x-content-type-options: nosniff
x-pos-request-id: 78e0a680-b01e-0048-5942-395ef8000000
cf-cache-status: HIT
age: 29848
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 794e031c0d52fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/favicon.ico
20.237.10.133200 OK 0 B IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /favicon.ico HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward%21%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you%7E%21%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==; region=211; language=en; currency=USD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:58 GMT
content-type: image/x-icon
cache-control: max-age=3600
x-yak-request-id: 1675624918572-d3a9a905e0fca52204fcc21d7fe543c7
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/server/_stm
20.237.10.133200 OK 0 B URL HTTP/2 www.temu.com/api/server/_stm
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/server/_stm HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/walrus_flip_card.html?_bg_fs=1&_p_rfs=1&group_sn=122001_20230204C2E8E9407C005948&gs_code_way=3&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaEELuuUGnBUUAdr0eXJKKuGUwAg-1672675589%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=i***a&gsfp_tip=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=zg7gsOwLivtx2upQWJHfWxuijxAnxs1s&refer_share_channel=whatsapp_chat&refer_share_suin=BC2UIZYGBFRVIQZQGAZT22ZBLQMEH75GZ4BJABYWKYYDM&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_lucky_flip&_ex_sid=mkt_activity_lucky_flip&gs_invite_code=64130797&gs_og_title=%F0%9F%8E%8AClick%20here%20to%20get%20your%20Reward!%20Up%20to%20%24100%20credits%20are%20waiting%20for%20you~!%20&gs_og_description=Accept%20my%20invitation%20and%20flip%20your%20cards%20on%20Temu%20app%EF%BC%81&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F982072c9-7e93-4cad-99c9-5fd630f9b789.png
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==; region=211; language=en; currency=USD; _nano_fp=XpE8npExn0UjX0dbXT_LoZauik0cHhuUzwyO8G9u; timezone=UTC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: application/json
vary: Accept-Encoding
cip: 91.90.42.154
cache-control: no-cache, no-store
content-encoding: gzip
X-Firefox-Spdy: h2
locale.temu.com/api/bg/huygens/region/locate
20.121.111.193200 OK 0 B URL HTTP/2 locale.temu.com/api/bg/huygens/region/locate
IP 20.121.111.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
OPTIONS /api/bg/huygens/region/locate HTTP/1.1
Host: locale.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.temu.com/
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: application/octet-stream
x-yak-request-id: 1675624919398-c914b67bceda9c434e969ac609465ebd
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
yak-timeinfo: 1675624919398|0
set-cookie: api_uid=CmzAFWPgAdcYKgDnL7nIAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
content-encoding: gzip
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.thtk.temu.com/c/th.gif
20.231.235.230200 OK 0 B URL HTTP/2 www.thtk.temu.com/c/th.gif
IP 20.231.235.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /c/th.gif HTTP/1.1
Host: www.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 735
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: image/gif
expires: Sun, 05 Feb 2023 19:21:58 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/walrus_flip_card_d354a49a77c6ec6c397e.css
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/css/walrus_flip_card_d354a49a77c6ec6c397e.css
IP 104.18.29.69:0
GET /m-assets/assets/css/walrus_flip_card_d354a49a77c6ec6c397e.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 19:21:58 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: 5LjRzrifMp9TfwedZeRNSw==
etag: W/"e4b8d1ceb89f329f537f079d65e44d4b"
last-modified: Sun, 05 Feb 2023 01:33:50 GMT
x-content-type-options: nosniff
x-pos-request-id: 3dd1bda7-b01e-0098-0f02-396a9e000000
cf-cache-status: HIT
age: 29848
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 794e031c1aa2b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/vendors_955ebe89dd2456b1f115.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/vendors_955ebe89dd2456b1f115.js
IP 104.18.29.69:0
GET /m-assets/assets/js/vendors_955ebe89dd2456b1f115.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 19:21:58 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: PQFMghwDwtyg8vPQZLSKEg==
etag: W/"3d014c821c03c2dca0f2f3d064b48a12"
last-modified: Sun, 05 Feb 2023 00:36:26 GMT
x-content-type-options: nosniff
x-pos-request-id: 38eca487-b01e-0058-66fc-38eeda000000
cf-cache-status: HIT
age: 29848
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 794e031c1d53fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2
locale.temu.com/api/bg/huygens/region/locate
20.237.10.133200 OK 0 B URL HTTP/2 locale.temu.com/api/bg/huygens/region/locate
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/bg/huygens/region/locate HTTP/1.1
Host: locale.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 2
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=Cm3AX2PgAdVOZgCdCuO9Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Sun, 05 Feb 2023 19:21:59 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
x-yak-request-id: 1675624919505-85a995c59c90ec200d4a4dc448cbfee9
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
yak-timeinfo: 1675624919505|1
cip: 91.90.42.154
X-Firefox-Spdy: h2