www.temu.com/link-app?originalUrl=&redirectUrl=https://www.temu.com/hat-trick-download.html?_p_rfs=1&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb&page_url=/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&scheme=temu://com.einnovation.temu/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb
301 Moved Permanently 166 B URL HTTP/1.1 www.temu.com/link-app?originalUrl=&redirectUrl=https://www.temu.com/hat-trick-download.html?_p_rfs=1&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb&page_url=/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&scheme=temu://com.einnovation.temu/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /link-app?originalUrl=&redirectUrl=https://www.temu.com/hat-trick-download.html?_p_rfs=1&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb&page_url=/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&scheme=temu://com.einnovation.temu/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Nginx
Date: Wed, 01 Feb 2023 17:30:05 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://www.temu.com/link-app?originalUrl=&redirectUrl=https://www.temu.com/hat-trick-download.html?_p_rfs=1&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb&page_url=/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&scheme=temu://com.einnovation.temu/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb
x-yak-request-id: 1675272605812-54115026d5bfaaa155d44f72f61b7263
strict-transport-security: max-age=2592000
Set-Cookie: api_uid=CmwaS2PaoZ1EzQBxBfRLAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2752
Expires: Wed, 01 Feb 2023 18:15:57 GMT
Date: Wed, 01 Feb 2023 17:30:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3673
Expires: Wed, 01 Feb 2023 18:31:18 GMT
Date: Wed, 01 Feb 2023 17:30:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 16:43:25 GMT
content-type: application/json
age: 2800
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16984
Expires: Wed, 01 Feb 2023 22:13:09 GMT
Date: Wed, 01 Feb 2023 17:30:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lfeCmhXqf3p8bxrBYyVx1cpMIk7n9Ul6HfHHYWlN4xvK3szYGCmXTkrW1q2Br5BrXl5ZroxKjt4=
x-amz-request-id: JN2X4Z3MQMW737YE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 16:51:38 GMT
age: 2308
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 66b0efc1c205657a5786866bc233afc7
4b969647443f18c24cfaf745344b78b598a3cf66
8eaf164923ac0c02d85ff0f9d6b5e31729936638770663e0b5e79eb67a810aa2
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 17:30:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 01:54:16 GMT
Expires: Thu, 02 Feb 2023 01:54:16 GMT
ETag: "4b969647443f18c24cfaf745344b78b598a3cf66"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 16:41:42 GMT
age: 2904
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2971
Expires: Wed, 01 Feb 2023 18:19:37 GMT
Date: Wed, 01 Feb 2023 17:30:06 GMT
Connection: keep-alive
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash bdb63020af0f5e3418fc8b820c33afa9
d1c0e3e8a35059184d59b56d4c4961ce63338753
ab6930c02926771649a6ef66ed9c2a265c65239207b59a83f489988d60f78e6b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 17:30:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 21:28:19 GMT
Expires: Wed, 01 Feb 2023 21:28:19 GMT
ETag: "d1c0e3e8a35059184d59b56d4c4961ce63338753"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash bdb63020af0f5e3418fc8b820c33afa9
d1c0e3e8a35059184d59b56d4c4961ce63338753
ab6930c02926771649a6ef66ed9c2a265c65239207b59a83f489988d60f78e6b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 17:30:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 21:28:19 GMT
Expires: Wed, 01 Feb 2023 21:28:19 GMT
ETag: "d1c0e3e8a35059184d59b56d4c4961ce63338753"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash bdb63020af0f5e3418fc8b820c33afa9
d1c0e3e8a35059184d59b56d4c4961ce63338753
ab6930c02926771649a6ef66ed9c2a265c65239207b59a83f489988d60f78e6b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 17:30:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 21:28:19 GMT
Expires: Wed, 01 Feb 2023 21:28:19 GMT
ETag: "d1c0e3e8a35059184d59b56d4c4961ce63338753"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h9eXG93JlKqzzAncOWf6aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ylrzrOsVTNjW6L0qNkxaKsk5q44=
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash bdb63020af0f5e3418fc8b820c33afa9
d1c0e3e8a35059184d59b56d4c4961ce63338753
ab6930c02926771649a6ef66ed9c2a265c65239207b59a83f489988d60f78e6b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 17:30:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 21:28:19 GMT
Expires: Wed, 01 Feb 2023 21:28:19 GMT
ETag: "d1c0e3e8a35059184d59b56d4c4961ce63338753"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
aimg.kwcdn.com/upload_aimg/landing/34315d06-df2a-44bb-a379-51c697c24f0e.png.slim.png?imageView2/2/w/1300/q/80/format/webp
200 OK 10 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/landing/34315d06-df2a-44bb-a379-51c697c24f0e.png.slim.png?imageView2/2/w/1300/q/80/format/webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 54911a0aa03a907e6a778e51651119a5
0878d60b0ad048e3a23277e317908c5117668b87
735f4efdedc89ee2336edca85fc8432fe9031476426c3a7a17f6ca2b9d9c8129
GET /upload_aimg/landing/34315d06-df2a-44bb-a379-51c697c24f0e.png.slim.png?imageView2/2/w/1300/q/80/format/webp HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: image/webp
content-length: 10362
cache-control: max-age=31536000
last-modified: Wed, 28 Dec 2022 07:11:57 GMT
request-id: 565106681700a3f562db18b6eacad465
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c05d4bb4fd-OSL
X-Firefox-Spdy: h2
aimg.kwcdn.com/upload_aimg/social/29f53692-16de-4aeb-9b36-bd797983c0d5.png.slim.png?imageView2/2/w/1300/q/80/format/webp
200 OK 37 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/social/29f53692-16de-4aeb-9b36-bd797983c0d5.png.slim.png?imageView2/2/w/1300/q/80/format/webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8c8a346d8ea99cc2a1cb1aa6bc06736e
2a4bead50b94c1b5cfa731693b97ddc333404473
fc400063b354e97d61aa4ef6a46b0ce953555c07d30dca561f2ede009a253488
GET /upload_aimg/social/29f53692-16de-4aeb-9b36-bd797983c0d5.png.slim.png?imageView2/2/w/1300/q/80/format/webp HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: image/webp
content-length: 36684
cache-control: max-age=31536000
last-modified: Sun, 01 Jan 2023 06:20:58 GMT
request-id: 500a74f590cd89b103de92da383c36ad
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c05d51b4fd-OSL
X-Firefox-Spdy: h2
aimg.kwcdn.com/upload_aimg/landing/2dca81c8-dc05-46a4-80a9-8a74c6bafca6.png.slim.png?imageView2/2/w/1300/q/80/format/webp
200 OK 12 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/landing/2dca81c8-dc05-46a4-80a9-8a74c6bafca6.png.slim.png?imageView2/2/w/1300/q/80/format/webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 69c4614abcbcf90c41497b2283dea9ba
ae1b4993f3bc6b57077ce8468cf7f0131076d3c3
7dae45d18e3f09cd3378dc5f35d9beb8c67a66b4dae2ab07b58393ca6f0006e6
GET /upload_aimg/landing/2dca81c8-dc05-46a4-80a9-8a74c6bafca6.png.slim.png?imageView2/2/w/1300/q/80/format/webp HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: image/webp
content-length: 12086
cache-control: max-age=31536000
last-modified: Wed, 11 Jan 2023 15:34:34 GMT
request-id: fba130ebad259243c133dec92612a329
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c05d58b4fd-OSL
X-Firefox-Spdy: h2
aimg.kwcdn.com/upload_aimg/social/e2385aca-160b-47a9-bac2-67328bf9869b.png.slim.png?imageView2/2/w/1300/q/80/format/webp
200 OK 54 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/social/e2385aca-160b-47a9-bac2-67328bf9869b.png.slim.png?imageView2/2/w/1300/q/80/format/webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash f333189a304a6a6efe2850216f4bf16e
68ca40cf21a1579bdfd601fcc5214bf8b27199b3
7fc1307ba76b51eeaebc8a60d6a09ea713f9ca81fd07b6db99bd2a6b0f035b36
GET /upload_aimg/social/e2385aca-160b-47a9-bac2-67328bf9869b.png.slim.png?imageView2/2/w/1300/q/80/format/webp HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: image/webp
content-length: 53508
cache-control: max-age=31536000
last-modified: Tue, 24 Jan 2023 06:33:46 GMT
request-id: b10b3b8345c2f6e5b6f05f4df4f33566
x-avi-image-cache: hit
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c05d56b4fd-OSL
X-Firefox-Spdy: h2
aimg.kwcdn.com/upload_aimg/social/c3eb931a-6480-4d70-b2d5-aaea38b74ec3.png.slim.png?imageView2/2/w/1300/q/80/format/webp
200 OK 31 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/social/c3eb931a-6480-4d70-b2d5-aaea38b74ec3.png.slim.png?imageView2/2/w/1300/q/80/format/webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3932754f32927b4053077ad78f9f9958
b1e99ab924715810cdfe0c3bae41f46dd86015ad
3145f6b4ba077cbbde6dd74848a9124169a965c25fc7ee3746ad78fae780e08f
GET /upload_aimg/social/c3eb931a-6480-4d70-b2d5-aaea38b74ec3.png.slim.png?imageView2/2/w/1300/q/80/format/webp HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: image/webp
content-length: 30842
cache-control: max-age=31536000
last-modified: Sun, 01 Jan 2023 06:20:58 GMT
request-id: 7ab5f76df0c2c0c7fe909f0577319978
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c05d50b4fd-OSL
X-Firefox-Spdy: h2
aimg.kwcdn.com/upload_aimg/social/25e5c2f0-0233-43da-92cb-8fd64ed46503.jpg?imageView2/2/w/1300/q/80/format/webp
200 OK 19 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/social/25e5c2f0-0233-43da-92cb-8fd64ed46503.jpg?imageView2/2/w/1300/q/80/format/webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 567064e776707f12886eb0df3da937a7
ddf4fc0851b9f0f4816764c8bd6b2c51dc8e3e61
d267c73068dbe9955fc808b69404559f4c6c06f814a1bd055a21fd0841481835
GET /upload_aimg/social/25e5c2f0-0233-43da-92cb-8fd64ed46503.jpg?imageView2/2/w/1300/q/80/format/webp HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: image/webp
content-length: 18778
cache-control: max-age=31536000
last-modified: Wed, 28 Dec 2022 07:11:12 GMT
request-id: d7b2e9d5a3d2ef53aa0e8036ea5d6a2a
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c06d7fb4fd-OSL
X-Firefox-Spdy: h2
aimg.kwcdn.com/upload_aimg/landing/995929bc-a3b8-4d63-a931-753e7b31b94d.png.slim.png?imageView2/2/w/800/q/70/format/webp
200 OK 10 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/landing/995929bc-a3b8-4d63-a931-753e7b31b94d.png.slim.png?imageView2/2/w/800/q/70/format/webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1f53b05d0859b7d6d11f6044db9d9225
eae02f73d425368a05ee0512fa9b80472f294bef
4f02f4041dbb8b821535db10a4ce077fd4860d70f5e6741f97001f3f93e35e6b
GET /upload_aimg/landing/995929bc-a3b8-4d63-a931-753e7b31b94d.png.slim.png?imageView2/2/w/800/q/70/format/webp HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: image/webp
content-length: 10356
cache-control: max-age=31536000
last-modified: Wed, 25 Jan 2023 10:10:51 GMT
request-id: dc41225c99a2cd6b0ac03878b3c78032
x-avi-image-cache: hit
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c0be32b4fd-OSL
X-Firefox-Spdy: h2
aimg.kwcdn.com/upload_aimg/landing/5760ebf4-c266-4238-ac86-c8c2f7065deb.png.slim.png
200 OK 644 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/landing/5760ebf4-c266-4238-ac86-c8c2f7065deb.png.slim.png
IP
File type PNG image data, 3840 x 2160, 8-bit colormap, non-interlaced\012- data
Size 644 kB (643629 bytes)
Hash e3d5272607a691f369558d792880006c
04329c20a526433cac37f95ef63fecfa5248aeaa
eecfe9f571031a209e8f551ab250a2fd5c14e7a174390ef49de8fc4a4f9c5a1b
GET /upload_aimg/landing/5760ebf4-c266-4238-ac86-c8c2f7065deb.png.slim.png HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: image/png
content-length: 643629
cache-control: max-age=31536000
last-modified: Sun, 25 Dec 2022 15:40:05 GMT
request-id: 47fd281e036d75be6432fd954f886a84
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c08dc1b4fd-OSL
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/hat-trick-download_31ebf328f007c25a.js
200 OK 10 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/hat-trick-download_31ebf328f007c25a.js
IP
File type ASCII text, with very long lines (29912)
Hash e7027a0938492e974780275d93c23292
7b88192758d664df1782a45e24a3fb66e2078ec2
deccf731b0fe40de6a3ad686ab871ae79707afba788a1953b3ce203378d4100e
GET /m-assets/assets/js/hat-trick-download_31ebf328f007c25a.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: 8eMpwYFOPBN7V+NnVP63ww==
etag: W/"f1e329c1814e3c137b57e36754feb7c3"
last-modified: Thu, 26 Jan 2023 08:48:55 GMT
x-content-type-options: nosniff
x-pos-request-id: f2f84eee-c01e-002f-3c81-31cdd4000000
cf-cache-status: HIT
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c07c19b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
aimg.kwcdn.com/upload_aimg/landing/6d90d242-3e42-4f92-99d7-4607e92e20ae.ttf
200 OK 241 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/landing/6d90d242-3e42-4f92-99d7-4607e92e20ae.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data
Size 241 kB (241394 bytes)
Hash 4c4502fab1afa92cef76780499cc40a1
fe7791051d092df83d4badb3888e54b3672eac81
0e78e75ac473b83e8bacb6beced2d48bbe64b29ebac08cb7d4db7a3e6c5bc67f
GET /upload_aimg/landing/6d90d242-3e42-4f92-99d7-4607e92e20ae.ttf HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: aOpHNM+GvVRGUK7gUTfXuw==
etag: W/"68ea4734cf86bd544650aee05137d7bb"
last-modified: Tue, 20 Sep 2022 14:26:04 GMT
x-content-type-options: nosniff
x-pos-request-id: cdfa9580-c01e-0003-5357-fba8fe000000
cf-cache-status: HIT
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c06bd2b518-OSL
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/risk-control-anti_30a8de270aec123e.js
200 OK 32 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/risk-control-anti_30a8de270aec123e.js
IP
File type Unicode text, UTF-8 text, with very long lines (65507), with no line terminators
Hash 040cc68584f7cc1e711dc3544f98d4bf
06043a4f322f76ea8060421d5f0881f16f874ba2
0697deff8f39cad40cb8e311baef229ec2c7417c29a1abb455c68e87a5852fd9
GET /m-assets/assets/js/risk-control-anti_30a8de270aec123e.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: PFg05ZAimI0vviFptaE9JA==
etag: W/"3c5834e59022988d2fbe2169b5a13d24"
last-modified: Fri, 16 Dec 2022 06:15:33 GMT
x-content-type-options: nosniff
x-pos-request-id: ccf9c2de-c01e-003f-7f17-117df6000000
cf-cache-status: HIT
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c20e85b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
aimg.kwcdn.com/upload_aimg/core-ui/spinner.png
200 OK 1.0 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/core-ui/spinner.png
IP
File type PNG image data, 51 x 51, 8-bit colormap, non-interlaced\012- data
Hash 5d6419068b5aa226b7ed53b273038228
1996b45043cb0f8a060d2dc402ff75b9190b4798
949246448d04be1589d864b07b5858c2d38b8d1a34c7f4bbc796b34ab49c540f
GET /upload_aimg/core-ui/spinner.png HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: image/png
content-length: 1045
cache-control: max-age=31536000
last-modified: Thu, 17 Nov 2022 17:44:50 GMT
request-id: ca662efecc858d87166464cb0f3a4300
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
age: 4706752
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c41af0b4fd-OSL
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 10f1669449befa6994cdd4e003e354c3
43dc25a5e95ed5fb0f2e6c9e599735f065b816ad
d2c3b0af6ba101e3e326e93ce85efbe1bc0645f6235616040c83f9803e74e84c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 17:30:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 21:37:23 GMT
Expires: Wed, 01 Feb 2023 21:37:23 GMT
ETag: "43dc25a5e95ed5fb0f2e6c9e599735f065b816ad"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.temu.com/api/server/_stm
200 OK 80 kB URL HTTP/2 www.temu.com/api/server/_stm
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash abce616a193939f0849d80843f8caef8
e7965877261cb4b23bfaa579d24c542aed1eba6f
cc23797411789ca5a99ba0a31d5c8ba8e70cec416401cc3f389959c6da09c5ff
GET /api/server/_stm HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/hat-trick-download.html?_p_rfs=1
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpE8npP8X5ExlpEqno_Aco1QJvarYZiAssEjmbx~
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: application/json
vary: Accept-Encoding
cip: 91.90.42.154
cache-control: no-cache, no-store
content-encoding: gzip
X-Firefox-Spdy: h2
www.temu.com/api/sec-csp/c/sec-gif
200 OK 0 B URL HTTP/2 www.temu.com/api/sec-csp/c/sec-gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/sec-csp/c/sec-gif HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1263
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 01 Feb 2023 17:30:07 GMT
content-length: 0
x-yak-request-id: 1675272607754-1c74e9102cb49abb03bf5eaa83448359
access-control-allow-origin: https://www.temu.com
vary: Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675272607754|2
set-cookie: api_uid=Cmy1NGPaoZ+kawBlPYb8Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 34a868a43718af8c385a57a6c6afcd31
c909d976ae01788e2d306ff5f12e33ae531bd401
363f7c25ec84ec6b3f0b8e3b7154e8cd39b4b0efcda5ecdd99e2933828d99c76
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 17:30:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 03:09:22 GMT
Expires: Thu, 02 Feb 2023 03:09:22 GMT
ETag: "c909d976ae01788e2d306ff5f12e33ae531bd401"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
aimg.kwcdn.com/upload_aimg/landing/52f34403-7496-44d0-8d8d-59267043e8d1.png.slim.png?imageView2/2/w/800/q/70/format/webp
200 OK 10 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/landing/52f34403-7496-44d0-8d8d-59267043e8d1.png.slim.png?imageView2/2/w/800/q/70/format/webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash a38dd59eba00c331a54e68d7331e13df
94f62d4405ad912158111ead9c266e584036d61d
c245b67fff53d02ee332ae7778963c30c337f41426f52ec0b506c0496cfc7824
GET /upload_aimg/landing/52f34403-7496-44d0-8d8d-59267043e8d1.png.slim.png?imageView2/2/w/800/q/70/format/webp HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: image/webp
content-length: 10152
cache-control: max-age=31536000
last-modified: Wed, 28 Dec 2022 07:11:56 GMT
request-id: 90fcc5f9f90c27788b980ef8af891d95
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c62da0b4fd-OSL
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 34a868a43718af8c385a57a6c6afcd31
c909d976ae01788e2d306ff5f12e33ae531bd401
363f7c25ec84ec6b3f0b8e3b7154e8cd39b4b0efcda5ecdd99e2933828d99c76
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 17:30:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 03:09:22 GMT
Expires: Thu, 02 Feb 2023 03:09:22 GMT
ETag: "c909d976ae01788e2d306ff5f12e33ae531bd401"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 34a868a43718af8c385a57a6c6afcd31
c909d976ae01788e2d306ff5f12e33ae531bd401
363f7c25ec84ec6b3f0b8e3b7154e8cd39b4b0efcda5ecdd99e2933828d99c76
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 17:30:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 03:09:22 GMT
Expires: Thu, 02 Feb 2023 03:09:22 GMT
ETag: "c909d976ae01788e2d306ff5f12e33ae531bd401"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.pftk.temu.com/pmm/api/pmm/defined
200 OK 503 B URL HTTP/2 www.pftk.temu.com/pmm/api/pmm/defined
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST /pmm/api/pmm/defined HTTP/1.1
Host: www.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2824
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; _gcl_au=1.1.876279821.1675272630; _bee=YddeCgX7nm4IoQYMkhui5juR25A0rapP; njrpl=YddeCgX7nm4IoQYMkhui5juR25A0rapP; dilx=6mDqHJZo~M~RqJC2IFjZ2; _ga_R8YHFZCMMX=GS1.1.1675272630.1.0.1675272630.60.0.0; _ga=GA1.1.366655598.1675272630
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: application/octet-stream
expires: Wed, 01 Feb 2023 17:30:06 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a3
200 OK 928 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a3
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 5b0d5b0194f9e13f24c59420ca6ec14c
a1fa647277ebdfac6f23289cac0651fa11e03c15
c37e660167218d331e99a3b091716b6ad3e373e3866154838fc03067260ec8ac
GET /api/phantom/xg/pfb/a3 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/hat-trick-download.html?_p_rfs=1
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpE8npP8X5ExlpEqno_Aco1QJvarYZiAssEjmbx~
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1675272607380-fff5e84898d1153c0f4ce23feb1df51c
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675272607380|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2860
Expires: Wed, 01 Feb 2023 18:17:47 GMT
Date: Wed, 01 Feb 2023 17:30:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2860
Expires: Wed, 01 Feb 2023 18:17:47 GMT
Date: Wed, 01 Feb 2023 17:30:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 34618
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hjIm9dNf6UE9rpIlKWeLwWuF7Pm6yJeAZgbwchvJcuDy-zkXEr502w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
age: 70730
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78fe9a77211d6f9a462f625af0c6f9bc
ac0b58423d7578e7a1b60a62220c0a57924dda82
e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14041
x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRGFpIAMFbMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MeSOuCSjsjhK6FOS67rw6oF4rS08twjOACGbXJrNPH6vwZb8lZh9lw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82"
content-type: image/jpeg
age: 70730
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591a38fc-2daf-42e7-a48b-a02e54cb63e0.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591a38fc-2daf-42e7-a48b-a02e54cb63e0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c83dcdb618756ebbfeb69a8bff6d38c
5f909182ab6847690e7ebd100e3f0d2798e36192
2e29d0747fb973908228501178465ac09f6553ef8e50dd70ee617f3379eb733c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591a38fc-2daf-42e7-a48b-a02e54cb63e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7049
x-amzn-requestid: bc6522f2-eb6b-4e59-9912-0c03d145f021
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk31LGE2IAMF8rw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839ba-67477ed1260c27f67e28043d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q_aVbWJKMbX1_bjggzbdnWbgmfooGvXj76t55QGGXRr_y6ZgW2gctw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:52:24 GMT
age: 70664
etag: "5f909182ab6847690e7ebd100e3f0d2798e36192"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:57:42 GMT
age: 70346
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 69985
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
us.matk.temu.com/web/wtm
200 OK 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web/wtm HTTP/1.1
Host: us.matk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 398
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; _gcl_au=1.1.876279821.1675272630
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
content-type: application/octet-stream
expires: Wed, 01 Feb 2023 17:30:07 GMT
vary: Accept-Encoding
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
x-cache: CONFIG_NOCACHE
x-azure-ref: 0n6HaYwAAAABTnLbm/iD5RZgZ0olNMsIAQ1BIMzBFREdFMDQxMQBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
date: Wed, 01 Feb 2023 17:30:07 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:30:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 692391704ca6e43f9fc0b364efcd1310
85bd8131554ed317aa7bd7fa212934a0806483fb
ee2a00a29af72d317319234728d9705853547e617ab998366742910b36242cb5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3837
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:30:08 GMT
Etag: "63d94ecf-1d7"
Last-Modified: Wed, 01 Feb 2023 16:26:11 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:30:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=366655598.1675272630>m=2oe1u0&aip=1&z=982794867
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=366655598.1675272630>m=2oe1u0&aip=1&z=982794867
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=366655598.1675272630>m=2oe1u0&aip=1&z=982794867 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 17:30:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: WLyy9i/VO7Ahh/7zo7Yi0EH/a5gXQZhEEu08AwWAUBCRFmj5QiTXmw9tT/Wa0S7WI4fgxBOjhcmNWaU+QBJN1g==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Wed, 01 Feb 2023 17:30:08 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1675272629935&cv=11&fst=1675272629935&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&tiba=Accept%20my%20invitation%20%26%20win%203%20freebies!&auid=876279821.1675272630&data=event%3Dpage_view&rfmt=3&fmt=4
200 OK 923 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1675272629935&cv=11&fst=1675272629935&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&tiba=Accept%20my%20invitation%20%26%20win%203%20freebies!&auid=876279821.1675272630&data=event%3Dpage_view&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1967), with no line terminators
Hash b59fe858e36d0f00aa290c4e3d494b95
94d84b70883ca6eb773d50f24cdcf871bdea5c51
d0af4ca1e1c4c90ef66ea2ac8c64dd06ec32f3be789934450b66aaf2b7d1483b
GET /pagead/viewthroughconversion/10974797857/?random=1675272629935&cv=11&fst=1675272629935&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&tiba=Accept%20my%20invitation%20%26%20win%203%20freebies!&auid=876279821.1675272630&data=event%3Dpage_view&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 17:30:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 923
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 01-Feb-2023 17:45:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 692391704ca6e43f9fc0b364efcd1310
85bd8131554ed317aa7bd7fa212934a0806483fb
ee2a00a29af72d317319234728d9705853547e617ab998366742910b36242cb5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3837
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:30:08 GMT
Etag: "63d94ecf-1d7"
Last-Modified: Wed, 01 Feb 2023 16:26:11 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.temu.com/api/server/_stm?t=1675272629495
200 OK 521 B URL HTTP/2 www.temu.com/api/server/_stm?t=1675272629495
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 98b13cedb08a19092378e989db90017a
fe5bb53cef612b826166bc90df717b699a4a1682
d75f92816b7ea3e6ecd0cecc6e3cce548829cd064e0cf4587a3ba834cd28d43e
GET /api/server/_stm?t=1675272629495 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/hat-trick-download.html?_p_rfs=1
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; region=211; language=en; currency=USD; timezone=UTC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: application/json
vary: Accept-Encoding
cip: 91.90.42.154
cache-control: no-cache, no-store
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:30:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=2oe1u0&_p=449943899&_gaz=1&cid=366655598.1675272630&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675272630&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&dt=Accept%20my%20invitation%20%26%20win%203%20freebies!&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=2oe1u0&_p=449943899&_gaz=1&cid=366655598.1675272630&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675272630&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&dt=Accept%20my%20invitation%20%26%20win%203%20freebies!&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX>m=2oe1u0&_p=449943899&_gaz=1&cid=366655598.1675272630&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675272630&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&dt=Accept%20my%20invitation%20%26%20win%203%20freebies!&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Wed, 01 Feb 2023 17:30:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=366655598.1675272630>m=2oe1u0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=366655598.1675272630>m=2oe1u0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX&cid=366655598.1675272630>m=2oe1u0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Wed, 01 Feb 2023 17:30:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.temu.com/favicon.ico
200 OK 17 kB IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash d26edcc90efcd957d6c0cecb09bba13b
398b0409df13c402e913d9caf5fce84eeeb0423a
9e50f7118d02f2fc45af374163bf05bb6467869ff0333751d2e0d9a0401e8b5e
GET /favicon.ico HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/hat-trick-download.html?_p_rfs=1
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpE8npP8X5ExlpEqno_Aco1QJvarYZiAssEjmbx~; _gcl_au=1.1.876279821.1675272630; _bee=YddeCgX7nm4IoQYMkhui5juR25A0rapP; njrpl=YddeCgX7nm4IoQYMkhui5juR25A0rapP; dilx=6mDqHJZo~M~RqJC2IFjZ2; shipping_city=211; _ga_R8YHFZCMMX=GS1.1.1675272630.1.0.1675272630.60.0.0; _ga=GA1.1.366655598.1675272630
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 01 Feb 2023 17:30:08 GMT
content-type: image/x-icon
cache-control: max-age=3600
x-yak-request-id: 1675272608212-158f7ae3ad9da39b5e7480a1d96bde98
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
cip: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:30:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/10974797857/?random=1675272629935&cv=11&fst=1675270800000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&tiba=Accept%20my%20invitation%20%26%20win%203%20freebies!&data=event%3Dpage_view&fmt=3&is_vtc=1&random=477840043&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10974797857/?random=1675272629935&cv=11&fst=1675270800000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&tiba=Accept%20my%20invitation%20%26%20win%203%20freebies!&data=event%3Dpage_view&fmt=3&is_vtc=1&random=477840043&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10974797857/?random=1675272629935&cv=11&fst=1675270800000&bg=ffffff&guid=ON&async=1>m=2wg1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&tiba=Accept%20my%20invitation%20%26%20win%203%20freebies!&data=event%3Dpage_view&fmt=3&is_vtc=1&random=477840043&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 17:30:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:30:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash bdb63020af0f5e3418fc8b820c33afa9
d1c0e3e8a35059184d59b56d4c4961ce63338753
ab6930c02926771649a6ef66ed9c2a265c65239207b59a83f489988d60f78e6b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 17:30:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 21:28:19 GMT
Expires: Wed, 01 Feb 2023 21:28:19 GMT
ETag: "d1c0e3e8a35059184d59b56d4c4961ce63338753"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&rl=&if=false&ts=1675272631398&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1675272631397.2070634359&it=1675272630672&coo=false&tm=1&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&rl=&if=false&ts=1675272631398&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1675272631397.2070634359&it=1675272630672&coo=false&tm=1&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fhat-trick-download.html%3F_p_rfs%3D1&rl=&if=false&ts=1675272631398&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1675272631397.2070634359&it=1675272630672&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 01 Feb 2023 17:30:09 GMT
X-Firefox-Spdy: h2
www.thtk.temu.com/c/th.gif
200 OK 1.8 kB URL HTTP/2 www.thtk.temu.com/c/th.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 34a868a43718af8c385a57a6c6afcd31
c909d976ae01788e2d306ff5f12e33ae531bd401
363f7c25ec84ec6b3f0b8e3b7154e8cd39b4b0efcda5ecdd99e2933828d99c76
POST /c/th.gif HTTP/1.1
Host: www.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 479
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: image/gif
expires: Wed, 01 Feb 2023 17:30:06 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:15:18 GMT
age: 36896
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.temu.com/link-app?originalUrl=&redirectUrl=https://www.temu.com/hat-trick-download.html?_p_rfs=1&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb&page_url=/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&scheme=temu://com.einnovation.temu/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb
302 Found 0 B URL HTTP/2 www.temu.com/link-app?originalUrl=&redirectUrl=https://www.temu.com/hat-trick-download.html?_p_rfs=1&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb&page_url=/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&scheme=temu://com.einnovation.temu/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /link-app?originalUrl=&redirectUrl=https://www.temu.com/hat-trick-download.html?_p_rfs=1&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb&page_url=/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&scheme=temu://com.einnovation.temu/mbs_hat_trick.html?social_src=share_ws&_bg_fs=1&_p_rfs=1&share_suin=BD5CBIYXBKYMVJRQGBQ54CPOBIND2JZJN3VLIGHBFNOHK&_x_src=social&_x_campaign=mbs_hat_trick&_x_cid=share_ws&_x_sid=share&adg_dnld=social_fb HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: Nginx
date: Wed, 01 Feb 2023 17:30:06 GMT
x-powered-by: Express
content-language: en
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
location: https://www.temu.com/hat-trick-download.html?_p_rfs=1
x-yak-request-id: 1675272606295-15a1eedb23201f7b1344deab49ccb19e
set-cookie: region=211; Expires=Fri, 03-Mar-23 17:30:06 GMT; Path=/
language=en; Expires=Fri, 03-Mar-23 17:30:06 GMT; Path=/
currency=USD; Expires=Fri, 03-Mar-23 17:30:06 GMT; Path=/
api_uid=CmyiwGPaoZ6HFACEMChUAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.pftk.temu.com/pmm/api/pmm/defined
200 OK 0 B URL HTTP/2 www.pftk.temu.com/pmm/api/pmm/defined
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /pmm/api/pmm/defined HTTP/1.1
Host: www.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2700
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; _gcl_au=1.1.876279821.1675272630; _bee=YddeCgX7nm4IoQYMkhui5juR25A0rapP; njrpl=YddeCgX7nm4IoQYMkhui5juR25A0rapP; dilx=6mDqHJZo~M~RqJC2IFjZ2; _ga_R8YHFZCMMX=GS1.1.1675272630.1.0.1675272630.60.0.0; _ga=GA1.1.366655598.1675272630
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:08 GMT
content-type: application/octet-stream
expires: Wed, 01 Feb 2023 17:30:07 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/biz_vendors_f62b7dc9a918facc.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/biz_vendors_f62b7dc9a918facc.js
IP
GET /m-assets/assets/js/biz_vendors_f62b7dc9a918facc.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: +YT/QxWhcgi53rXqfEZVwA==
etag: W/"f984ff4315a17208b9deb5ea7c4655c0"
last-modified: Wed, 01 Feb 2023 02:14:59 GMT
x-content-type-options: nosniff
x-pos-request-id: 07f6e824-201e-0089-1423-36f1be000000
cf-cache-status: HIT
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c06bf6b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pftk.temu.com/pmm/api/pmm/defined
200 OK 0 B URL HTTP/2 www.pftk.temu.com/pmm/api/pmm/defined
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /pmm/api/pmm/defined HTTP/1.1
Host: www.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 632
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:08 GMT
content-type: application/octet-stream
expires: Wed, 01 Feb 2023 17:30:07 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/228_f4fe0d0734399447.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/228_f4fe0d0734399447.js
IP
GET /m-assets/assets/js/228_f4fe0d0734399447.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: d0AG65BvNC32rgBHsDDVbA==
etag: W/"774006eb906f342df6ae0047b030d56c"
last-modified: Mon, 30 Jan 2023 08:09:51 GMT
x-content-type-options: nosniff
x-pos-request-id: 5c8b1217-501e-007a-0783-3429ed000000
cf-cache-status: HIT
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c06c0fb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/vendors_e858e1e809eff380.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/vendors_e858e1e809eff380.js
IP
GET /m-assets/assets/js/vendors_e858e1e809eff380.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:06 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: LEkBvIZN0Lmt39+CdONIiQ==
etag: W/"2c4901bc864dd0b9addfdf8274e34889"
last-modified: Wed, 18 Jan 2023 10:27:56 GMT
x-content-type-options: nosniff
x-pos-request-id: 48f286e7-101e-0092-5527-2b648b000000
cf-cache-status: HIT
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 792c69c06bf9b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/l1
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/l1
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/l1 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/hat-trick-download.html?_p_rfs=1
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpE8npP8X5ExlpEqno_Aco1QJvarYZiAssEjmbx~
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1675272607477-4695c170fecce1566b789e9953b9bbd8
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675272607477|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/l1
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/l1
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/l1 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/hat-trick-download.html?_p_rfs=1
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpE8npP8X5ExlpEqno_Aco1QJvarYZiAssEjmbx~
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1675272607573-aa3cae0a0aac30c32eff438922a97e3c
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675272607573|2
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a4
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 4888
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/hat-trick-download.html?_p_rfs=1
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpE8npP8X5ExlpEqno_Aco1QJvarYZiAssEjmbx~
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 01 Feb 2023 17:30:07 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=YddeCgX7nm4IoQYMkhui5juR25A0rapP; Max-Age=31536000; Expires=Thu, 01 Feb 2024 17:30:07 GMT; Path=/; Domain=.temu.com
njrpl=YddeCgX7nm4IoQYMkhui5juR25A0rapP; Max-Age=31536000; Expires=Thu, 01 Feb 2024 17:30:07 GMT; Path=/; Domain=.temu.com
dilx=6mDqHJZo~M~RqJC2IFjZ2; Max-Age=31536000; Expires=Thu, 01 Feb 2024 17:30:07 GMT; Path=/; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1675272607574-d17cce91ae440df2bb00da995ab6e758
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675272607574|20
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.pftk.temu.com/pmm/api/pmm/api
200 OK 0 B URL HTTP/2 www.pftk.temu.com/pmm/api/pmm/api
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /pmm/api/pmm/api HTTP/1.1
Host: www.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 822
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmyiwGPaoZ6HFACEMChUAg==; _gcl_au=1.1.876279821.1675272630; _bee=YddeCgX7nm4IoQYMkhui5juR25A0rapP; njrpl=YddeCgX7nm4IoQYMkhui5juR25A0rapP; dilx=6mDqHJZo~M~RqJC2IFjZ2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:30:08 GMT
content-type: application/octet-stream
expires: Wed, 01 Feb 2023 17:30:07 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
20.83.139.214
104.18.29.69
93.184.220.29
157.240.205.11
184.51.252.197
77.72.169.213
212.227.67.33