shr.temu.com/YuNShBaGvBjeREI
301 Moved Permanently 166 B URL HTTP/1.1 shr.temu.com/YuNShBaGvBjeREI
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /YuNShBaGvBjeREI HTTP/1.1
Host: shr.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Nginx
Date: Tue, 07 Feb 2023 23:45:26 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://shr.temu.com/YuNShBaGvBjeREI
x-yak-request-id: 1675813526090-fc93c74ebea16df253d520b39cc8182e
strict-transport-security: max-age=2592000
Set-Cookie: api_uid=Cmxt7mPi4pY37ABhr+IlAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6400
Expires: Wed, 08 Feb 2023 01:32:06 GMT
Date: Tue, 07 Feb 2023 23:45:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3256
Expires: Wed, 08 Feb 2023 00:39:42 GMT
Date: Tue, 07 Feb 2023 23:45:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 23:36:32 GMT
content-type: application/json
age: 534
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17216
Expires: Wed, 08 Feb 2023 04:32:22 GMT
Date: Tue, 07 Feb 2023 23:45:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Tqeml28bwMMErV/DUDyKeshjFogxjzWsaq77C9AVLiSxNpO2LzuYlj3xW1nsLaER/3WpXLLZB4o=
x-amz-request-id: Q81P1J213HEC3NKD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 22:45:44 GMT
age: 3582
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 23:45:26 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 9e29c58ca6631d6e0e7277495d1fa9c0
7680b65ac1fdd9302ba1838003b67b6a40ee0d23
84acf70568b93fd51a30cd02b394ef554e8e70d158622425827c7645032b6dd3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 23:45:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 Feb 2023 02:00:11 GMT
Expires: Wed, 08 Feb 2023 02:00:11 GMT
ETag: "7680b65ac1fdd9302ba1838003b67b6a40ee0d23"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 23:14:52 GMT
age: 1834
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
shr.temu.com/YuNShBaGvBjeREI
302 Found 0 B URL HTTP/2 shr.temu.com/YuNShBaGvBjeREI
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YuNShBaGvBjeREI HTTP/1.1
Host: shr.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: Nginx
date: Tue, 07 Feb 2023 23:45:26 GMT
content-type: text/html;charset=UTF-8
content-length: 0
location: https://www.temu.com/niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock%21%20Free%20items%20are%20waiting%20for%20you%21%20Accept%20my%20invitation%20and%20earn%20free%20items%21&gs_og_description=Come%20and%20join%20me%20now%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png
x-yak-request-id: 1675813526660-58c1e9b027b68d3219474c0fcb27431e
strict-transport-security: max-age=2592000
set-cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6570
Expires: Wed, 08 Feb 2023 01:34:56 GMT
Date: Tue, 07 Feb 2023 23:45:26 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Yc/cqeXQ/Vw+oeaf7kQuQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2Q736CEKVOxpwpCkqdP1aR+OYPc=
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 0f5c1847f70920dcbef36970d45cfff6
3c36f9282dbfd94e072fe7ef11757424f0dda3fc
efa7cc678d8c8a8b372d6947d31f29571cf5937dd5c9086339dee93a82bd8595
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 23:45:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 Feb 2023 21:38:15 GMT
Expires: Wed, 08 Feb 2023 21:38:15 GMT
ETag: "3c36f9282dbfd94e072fe7ef11757424f0dda3fc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 0f5c1847f70920dcbef36970d45cfff6
3c36f9282dbfd94e072fe7ef11757424f0dda3fc
efa7cc678d8c8a8b372d6947d31f29571cf5937dd5c9086339dee93a82bd8595
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 23:45:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 Feb 2023 21:38:15 GMT
Expires: Wed, 08 Feb 2023 21:38:15 GMT
ETag: "3c36f9282dbfd94e072fe7ef11757424f0dda3fc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 0f5c1847f70920dcbef36970d45cfff6
3c36f9282dbfd94e072fe7ef11757424f0dda3fc
efa7cc678d8c8a8b372d6947d31f29571cf5937dd5c9086339dee93a82bd8595
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 23:45:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 Feb 2023 21:38:15 GMT
Expires: Wed, 08 Feb 2023 21:38:15 GMT
ETag: "3c36f9282dbfd94e072fe7ef11757424f0dda3fc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 0f5c1847f70920dcbef36970d45cfff6
3c36f9282dbfd94e072fe7ef11757424f0dda3fc
efa7cc678d8c8a8b372d6947d31f29571cf5937dd5c9086339dee93a82bd8595
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 23:45:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 Feb 2023 21:38:15 GMT
Expires: Wed, 08 Feb 2023 21:38:15 GMT
ETag: "3c36f9282dbfd94e072fe7ef11757424f0dda3fc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 0f5c1847f70920dcbef36970d45cfff6
3c36f9282dbfd94e072fe7ef11757424f0dda3fc
efa7cc678d8c8a8b372d6947d31f29571cf5937dd5c9086339dee93a82bd8595
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 23:45:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 Feb 2023 21:38:15 GMT
Expires: Wed, 08 Feb 2023 21:38:15 GMT
ETag: "3c36f9282dbfd94e072fe7ef11757424f0dda3fc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
200 OK 19 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
IP
File type PNG image data, 470 x 328, 8-bit colormap, non-interlaced\012- data
Hash 5bcec11d2b497f3f16822b36489ec5b6
1823e11f2efaf6590e09e8f8178e09971f792f1b
41f753cb40c792a19a625a2434f7ded86b43376ce1813ef3bf056a7f52c6157c
GET /upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.kwcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: image/png
content-length: 18595
cache-control: max-age=31536000
last-modified: Fri, 09 Dec 2022 05:54:31 GMT
request-id: 80d484941c11447ed478757d3bffb391
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
age: 5238435
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 795fffd3bee91bfa-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.temu.com/favicon.ico
200 OK 90 kB IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 3c4eb4cca66ea032ead86084043c3b1d
c4c00b288e5f53b48f782a162fe22e38abe2be79
e53deeaf380d9754d4737965f2d21496d05a855a7b085f922c527697cb91d36a
GET /favicon.ico HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock%21%20Free%20items%20are%20waiting%20for%20you%21%20Accept%20my%20invitation%20and%20earn%20free%20items%21&gs_og_description=Come%20and%20join%20me%20now%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; region=211; language=en; currency=USD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: image/x-icon
cache-control: max-age=3600
x-yak-request-id: 1675813527701-2d7545fb4b96ae1aab0e3dbaf063b666
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/server/_stm
200 OK 522 B URL HTTP/2 www.temu.com/api/server/_stm
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 4d05bdf1de71d255fe47f8f7058287ea
9ec222af1f515d02abf267b00c5760cd4710cca3
5b415db3cbc65cb151c569fb6dfc0cb5e683dce387d095f6fba4620de2ee865f
GET /api/server/_stm HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock!%20Free%20items%20are%20waiting%20for%20you!%20Accept%20my%20invitation%20and%20earn%20free%20items!&gs_og_description=Come%20and%20join%20me%20now!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npCaXqd8lpdbXo_cnZu_txXzGK1yBITcvLcN; timezone=UTC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: application/json
vary: Accept-Encoding
cip: 91.90.42.154
cache-control: no-cache, no-store
content-encoding: gzip
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/7857_305fb5eb28728724153e.css
200 OK 14 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/css/7857_305fb5eb28728724153e.css
IP
File type Unicode text, UTF-8 text, with very long lines (14376)
Hash 7f1fc7d32277eca80c55c46b410133b9
2d39d11f56a0f93be1477e0ee26d2730a43081f4
4def7e782a1c91d30a0ad4e2b80d4d8853661d642e818dff279be7d6b5eab04f
GET /m-assets/assets/css/7857_305fb5eb28728724153e.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: hGj3D8JXV/6dYEQTzCtcyg==
etag: W/"8468f70fc25757fe9d604413cc2b5cca"
last-modified: Sat, 28 Jan 2023 10:12:04 GMT
x-content-type-options: nosniff
x-pos-request-id: e55e1922-e01e-00a9-130c-33608d000000
cf-cache-status: HIT
age: 746891
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 795fffd23e191bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 668fe397264802081a22509713763ceb
aa957f1e2ff2e043a4091d65c1e8d07e281894c8
907729a567edb1da3ce41110a680388e6924e83a386d38c484534bd6609b7bc1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 23:45:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 Feb 2023 21:44:42 GMT
Expires: Wed, 08 Feb 2023 21:44:42 GMT
ETag: "aa957f1e2ff2e043a4091d65c1e8d07e281894c8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 668fe397264802081a22509713763ceb
aa957f1e2ff2e043a4091d65c1e8d07e281894c8
907729a567edb1da3ce41110a680388e6924e83a386d38c484534bd6609b7bc1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 23:45:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 Feb 2023 21:44:42 GMT
Expires: Wed, 08 Feb 2023 21:44:42 GMT
ETag: "aa957f1e2ff2e043a4091d65c1e8d07e281894c8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
static.kwcdn.com/m-assets/assets/js/1714_4009cab1f89e791e5bd3.js
200 OK 12 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/1714_4009cab1f89e791e5bd3.js
IP
File type Unicode text, UTF-8 text, with very long lines (39633)
Hash 007ddcf68778c5df49e5cc6990c58f81
27cb8755cbcd616805b488302bfb12a99299bd03
e100b740f30345360dc9f8d744b42e5b6cd8ec9dbfb7c80c59212257efe24973
GET /m-assets/assets/js/1714_4009cab1f89e791e5bd3.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: K5gj/YB69SRTx9VsEh9lvg==
etag: W/"2b9823fd807af52453c7d56c121f65be"
last-modified: Fri, 20 Jan 2023 05:58:19 GMT
x-content-type-options: nosniff
x-pos-request-id: c206b906-301e-0028-5095-2c1cda000000
cf-cache-status: HIT
age: 1589580
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 795fffd239ffb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3080
Expires: Wed, 08 Feb 2023 00:36:48 GMT
Date: Tue, 07 Feb 2023 23:45:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3080
Expires: Wed, 08 Feb 2023 00:36:48 GMT
Date: Tue, 07 Feb 2023 23:45:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3080
Expires: Wed, 08 Feb 2023 00:36:48 GMT
Date: Tue, 07 Feb 2023 23:45:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 7287
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:15:46 GMT
age: 59382
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 5171
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 845e4e4051f1162b20d3df5f208e8d3e
076462f67531c60b31ec768a275c96317292306d
40996d8929ab92f342328fc018518d6131c6222b0ec23051775eda276a602026
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4168
x-amzn-requestid: 24814225-0063-49fb-86ff-e78869538b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjQFS_IAMFtLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-67307c42182089b3096e98b5;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f90qZAgSmdYFuW_BDTZVivBlk_c5SrirTSeJmvoysOmCcOjxtFZrbA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 7405
etag: "076462f67531c60b31ec768a275c96317292306d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bc4af7bd5bdcf67a4bac63e22b5d7ce8
5c457bf5021e9336d8582eed9e84e5279e08547c
0dac79971019d06657a1948f1cedaca02b3f9eca1eae52026ad9bdd0e4137b35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9731
x-amzn-requestid: 297af487-e8cf-4d0a-a30b-337cf1630f71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_RImGLjoAMFnDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c89d-3c4f6fa521885bd45e943d3b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:54:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QgszcGhVatkK5TB5DXK4WVXz6OtG00uMKZ50sRGuoDom0MSVrrtbkw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:59:21 GMT
etag: "5c457bf5021e9336d8582eed9e84e5279e08547c"
content-type: image/jpeg
age: 6367
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db6e81972b8835dc48a0dae751ffde5f
826e2195cc52905cfed0bc4f01646290261113b6
720e6105b2ccc9cbc8fd005d53873ced5467a852c7a5041ce2ef96785c0d92f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6060
x-amzn-requestid: 80cbc454-e1b4-4e53-a3b6-3a5ac11920c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPQEPNIAMFkqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c594-4539ebb17f27d88a47100a82;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 50lUvmFMZ01J2FrO3AId_U87zBmCWLFQSDsly_Cd9xF_hVIOWbf3JA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:14:43 GMT
age: 5445
etag: "826e2195cc52905cfed0bc4f01646290261113b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 6de0fc3ec5641a96380d4ec47f3ea52e
00e728e4be0e559619bdd0c4b0b6dae999eb5048
0041cbaa00fc8e341bd03173096c03804121853b012432af7adebbc7d8886c00
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 07 Feb 2023 23:45:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 Feb 2023 03:15:19 GMT
Expires: Wed, 08 Feb 2023 03:15:19 GMT
ETag: "00e728e4be0e559619bdd0c4b0b6dae999eb5048"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
200 OK 471 B IP
Hash c0251492cae08969a77cc1f8b4fa25e5
110161e230f81ac3a954dc1d5114c7401c1ecd93
6483e465b117e6af3950e659d8692acc4bb38f60c7dc312ec8c6824ac5f000ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6040
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:45:28 GMT
Last-Modified: Tue, 07 Feb 2023 22:04:48 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
www.thtk.temu.com/c/th.gif
200 OK 472 B URL HTTP/2 www.thtk.temu.com/c/th.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d
POST /c/th.gif HTTP/1.1
Host: www.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 764
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: image/gif
expires: Tue, 07 Feb 2023 23:45:27 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/biz_vendors_371663edee501d53736a.js
200 OK 106 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/biz_vendors_371663edee501d53736a.js
IP
File type Unicode text, UTF-8 text, with very long lines (65507), with no line terminators
Size 106 kB (106047 bytes)
Hash 7dd7ffe99359b3b654c10da395ebc0cf
c1d89abdfbb5f6bf604beb83d91756d2ee31e058
f8f55d05ebc672ead84cd21831d97b2ff7a6e8585ac6bf4468ba3f6920cd349e
GET /m-assets/assets/js/biz_vendors_371663edee501d53736a.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: z/0g3fmXTsi0kDP6gYaImQ==
etag: W/"cffd20ddf9974ec8b49033fa81868899"
last-modified: Tue, 07 Feb 2023 13:01:57 GMT
x-content-type-options: nosniff
x-pos-request-id: f9f8b0cd-b01e-0020-47f5-3a44cb000000
cf-cache-status: HIT
age: 30225
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 795fffd24a0cb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: h9C4lx7BG47Myt0W16hLHjVNmJ6ZGZie5/wITvdD35+zyOOV242d7IDyX0LWmbfRE2yBlrufywCcxb0MCXw/lQ==
content-length: 27843
x-fb-trip-id: 1904183273
date: Tue, 07 Feb 2023 23:45:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1675813579914&cv=11&fst=1675813579914&bg=ffffff&guid=ON&async=1>m=45He3260&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_&tiba=Farmland&auid=660497158.1675813580&data=event%3Dpage_view&rfmt=3&fmt=4
200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1675813579914&cv=11&fst=1675813579914&bg=ffffff&guid=ON&async=1>m=45He3260&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_&tiba=Farmland&auid=660497158.1675813580&data=event%3Dpage_view&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2955), with no line terminators
Hash cfd4fd6d9f92746dbeb04ef3824b7d3b
9da58d3dcc5982bebc7a74d2a2f5955af2a96a74
248e8d6560fd84df4c3bddcbe9a91a8bb1a1cc50306c12317375cdd39469c634
GET /pagead/viewthroughconversion/10974797857/?random=1675813579914&cv=11&fst=1675813579914&bg=ffffff&guid=ON&async=1>m=45He3260&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_&tiba=Farmland&auid=660497158.1675813580&data=event%3Dpage_view&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 23:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1188
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 00:00:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=2062971789.1675813580>m=45je3260&aip=1&z=2091102414
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=2062971789.1675813580>m=45je3260&aip=1&z=2091102414
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=2062971789.1675813580>m=45je3260&aip=1&z=2091102414 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 23:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c0251492cae08969a77cc1f8b4fa25e5
110161e230f81ac3a954dc1d5114c7401c1ecd93
6483e465b117e6af3950e659d8692acc4bb38f60c7dc312ec8c6824ac5f000ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6040
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:45:28 GMT
Last-Modified: Tue, 07 Feb 2023 22:04:48 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.temu.com/api/sec-csp/c/sec-gif
200 OK 0 B URL HTTP/2 www.temu.com/api/sec-csp/c/sec-gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/sec-csp/c/sec-gif HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 4004
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:28 GMT
content-length: 0
x-yak-request-id: 1675813528697-d4faf5bb997a6f33cb3eddcada98bdc6
access-control-allow-origin: https://www.temu.com
vary: Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675813528697|1
set-cookie: api_uid=Cm3EVmPi4phZFwCBDJB9Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
X-Firefox-Spdy: h2
us.matk.temu.com/web/wtm
200 OK 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web/wtm HTTP/1.1
Host: us.matk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1766
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; _gcl_au=1.1.660497158.1675813580; _bee=D3MNpjgwVk12jpae12OYrRbYn4zsPap4; njrpl=D3MNpjgwVk12jpae12OYrRbYn4zsPap4; dilx=hYUqhlsPRt7dAg4vMkOcW; _ga_R8YHFZCMMX=GS1.1.1675813580.1.0.1675813580.60.0.0; _ga=GA1.1.2062971789.1675813580
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
content-type: application/octet-stream
expires: Tue, 07 Feb 2023 23:45:27 GMT
vary: Accept-Encoding
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
x-cache: CONFIG_NOCACHE
x-azure-ref: 0mOLiYwAAAAD6m9fLXr2vSJu/+DjQ6vGPQ1BIMzBFREdFMDQxNgBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
date: Tue, 07 Feb 2023 23:45:27 GMT
content-length: 0
X-Firefox-Spdy: h2
us.matk.temu.com/web/wtm
200 OK 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web/wtm HTTP/1.1
Host: us.matk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1750
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; _gcl_au=1.1.660497158.1675813580
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
content-type: application/octet-stream
expires: Tue, 07 Feb 2023 23:45:27 GMT
vary: Accept-Encoding
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
x-cache: CONFIG_NOCACHE
x-azure-ref: 0mOLiYwAAAACgyCvTvZwOSotH7QskxVhJQ1BIMzBFREdFMDQxNgBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
date: Tue, 07 Feb 2023 23:45:27 GMT
content-length: 0
X-Firefox-Spdy: h2
www.thtk.temu.com/c/th.gif
200 OK 471 B URL HTTP/2 www.thtk.temu.com/c/th.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 5bcb9125c18e4ed3562ceb950dc6eaad
a6c6944804b772de3a487723e3e866c0219de230
94947430d745a6648a2e87f163bf474b4fd4513519360bf4bfecfabc141e5ff1
POST /c/th.gif HTTP/1.1
Host: www.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2275
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: image/gif
expires: Tue, 07 Feb 2023 23:45:27 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/10974797857/?random=1675813579914&cv=11&fst=1675810800000&bg=ffffff&guid=ON&async=1>m=45He3260&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_&tiba=Farmland&data=event%3Dpage_view&fmt=3&is_vtc=1&random=2266037741&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10974797857/?random=1675813579914&cv=11&fst=1675810800000&bg=ffffff&guid=ON&async=1>m=45He3260&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_&tiba=Farmland&data=event%3Dpage_view&fmt=3&is_vtc=1&random=2266037741&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10974797857/?random=1675813579914&cv=11&fst=1675810800000&bg=ffffff&guid=ON&async=1>m=45He3260&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_&tiba=Farmland&data=event%3Dpage_view&fmt=3&is_vtc=1&random=2266037741&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 23:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je3260&_p=1066711639&_gaz=1&cid=2062971789.1675813580&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675813580&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_x_campaign%3Dmkt_activity%26_x_cid%3Dmkt_activity_house%26refer_share_id%3DH45omdtcNgdvDDdYsGFAkdr8y55Ukjc5%26refer_share_channel%3Dsystem_share%26refer_share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26group_sn%3D92ACB30D4E253CC8AE532E10C6D5CA2D%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_house%26_ex_sid%3Dfarm_share%26gs_invite_code%3D66083860%26gs_og_title%3DKnock%252C%2520knock!%2520Free%2520items%2520are%2520waiting%2520for%2520you!%2520Accept%2520my%2520invitation%2520and%2520earn%2520free%2520items!%26gs_og_description%3DCome%2520and%2520join%2520me%2520now!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png%26gs_og_ios_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png&dt=Farmland&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je3260&_p=1066711639&_gaz=1&cid=2062971789.1675813580&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675813580&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_x_campaign%3Dmkt_activity%26_x_cid%3Dmkt_activity_house%26refer_share_id%3DH45omdtcNgdvDDdYsGFAkdr8y55Ukjc5%26refer_share_channel%3Dsystem_share%26refer_share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26group_sn%3D92ACB30D4E253CC8AE532E10C6D5CA2D%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_house%26_ex_sid%3Dfarm_share%26gs_invite_code%3D66083860%26gs_og_title%3DKnock%252C%2520knock!%2520Free%2520items%2520are%2520waiting%2520for%2520you!%2520Accept%2520my%2520invitation%2520and%2520earn%2520free%2520items!%26gs_og_description%3DCome%2520and%2520join%2520me%2520now!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png%26gs_og_ios_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png&dt=Farmland&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX>m=45je3260&_p=1066711639&_gaz=1&cid=2062971789.1675813580&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675813580&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_x_campaign%3Dmkt_activity%26_x_cid%3Dmkt_activity_house%26refer_share_id%3DH45omdtcNgdvDDdYsGFAkdr8y55Ukjc5%26refer_share_channel%3Dsystem_share%26refer_share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26group_sn%3D92ACB30D4E253CC8AE532E10C6D5CA2D%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_house%26_ex_sid%3Dfarm_share%26gs_invite_code%3D66083860%26gs_og_title%3DKnock%252C%2520knock!%2520Free%2520items%2520are%2520waiting%2520for%2520you!%2520Accept%2520my%2520invitation%2520and%2520earn%2520free%2520items!%26gs_og_description%3DCome%2520and%2520join%2520me%2520now!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png%26gs_og_ios_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png&dt=Farmland&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Tue, 07 Feb 2023 23:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 111 kB IP
File type gzip compressed data, from Unix\012- data
Size 111 kB (110848 bytes)
Hash 1ed468b6a4bc1a4689439e23fbcf948f
7d9c16c622a2fb49918a55c764f6b7b6151d7638
72b6118808f261d695ee0fe183367c5ed4bc33501e173394194830233dda5e73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.pftk.temu.com/pmm/api/pmm/api
200 OK 0 B URL HTTP/2 www.pftk.temu.com/pmm/api/pmm/api
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pmm/api/pmm/api HTTP/1.1
Host: www.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1984
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; _gcl_au=1.1.660497158.1675813580
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: application/octet-stream
expires: Tue, 07 Feb 2023 23:45:27 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_x_campaign%3Dmkt_activity%26_x_cid%3Dmkt_activity_house%26refer_share_id%3DH45omdtcNgdvDDdYsGFAkdr8y55Ukjc5%26refer_share_channel%3Dsystem_share%26refer_share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26group_sn%3D92ACB30D4E253CC8AE532E10C6D5CA2D%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_house%26_ex_sid%3Dfarm_share%26gs_invite_code%3D66083860%26gs_og_title%3DKnock%252C%2520knock!%2520Free%2520items%2520are%2520waiting%2520for%2520you!%2520Accept%2520my%2520invitation%2520and%2520earn%2520free%2520items!%26gs_og_description%3DCome%2520and%2520join%2520me%2520now!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png%26gs_og_ios_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png&rl=&if=false&ts=1675813580785&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675813580784.364574023&it=1675813580490&coo=false&tm=1&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_x_campaign%3Dmkt_activity%26_x_cid%3Dmkt_activity_house%26refer_share_id%3DH45omdtcNgdvDDdYsGFAkdr8y55Ukjc5%26refer_share_channel%3Dsystem_share%26refer_share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26group_sn%3D92ACB30D4E253CC8AE532E10C6D5CA2D%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_house%26_ex_sid%3Dfarm_share%26gs_invite_code%3D66083860%26gs_og_title%3DKnock%252C%2520knock!%2520Free%2520items%2520are%2520waiting%2520for%2520you!%2520Accept%2520my%2520invitation%2520and%2520earn%2520free%2520items!%26gs_og_description%3DCome%2520and%2520join%2520me%2520now!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png%26gs_og_ios_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png&rl=&if=false&ts=1675813580785&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675813580784.364574023&it=1675813580490&coo=false&tm=1&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fniffler_farm.html%3F_bg_fs%3D1%26share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26_p_rfs%3D1%26gs_code_way%3D3%26gs_use_retention%3D0%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Favatar%252Fdefault%252F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png%26gs_comp_nickname%3Dke***82%26gs_comp_expired%3D1677700161%26gs_comp_thumbnail%3Dhttps%253A%252F%252Fimg.kwcdn.com%252Fproduct%252F1d14c6c0b84%252F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dsearch%26_x_campaign%3Dmkt_activity%26_x_cid%3Dmkt_activity_house%26refer_share_id%3DH45omdtcNgdvDDdYsGFAkdr8y55Ukjc5%26refer_share_channel%3Dsystem_share%26refer_share_suin%3DBAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY%26group_sn%3D92ACB30D4E253CC8AE532E10C6D5CA2D%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_house%26_ex_sid%3Dfarm_share%26gs_invite_code%3D66083860%26gs_og_title%3DKnock%252C%2520knock!%2520Free%2520items%2520are%2520waiting%2520for%2520you!%2520Accept%2520my%2520invitation%2520and%2520earn%2520free%2520items!%26gs_og_description%3DCome%2520and%2520join%2520me%2520now!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png%26gs_og_ios_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png&rl=&if=false&ts=1675813580785&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675813580784.364574023&it=1675813580490&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 07 Feb 2023 23:45:29 GMT
X-Firefox-Spdy: h2
www.temu.com/niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock%21%20Free%20items%20are%20waiting%20for%20you%21%20Accept%20my%20invitation%20and%20earn%20free%20items%21&gs_og_description=Come%20and%20join%20me%20now%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png
200 OK 0 B URL HTTP/2 www.temu.com/niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock%21%20Free%20items%20are%20waiting%20for%20you%21%20Accept%20my%20invitation%20and%20earn%20free%20items%21&gs_og_description=Come%20and%20join%20me%20now%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock%21%20Free%20items%20are%20waiting%20for%20you%21%20Accept%20my%20invitation%20and%20earn%20free%20items%21&gs_og_description=Come%20and%20join%20me%20now%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, iris-context-client-language, User-Agent
content-language: en
set-cookie: AccessToken=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
PDDAccessToken=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
user_uin=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
pdd_user_uin=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
pdd_user_id=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
region=211; Expires=Thu, 09-Mar-23 23:45:27 GMT; Path=/
language=en; Expires=Thu, 09-Mar-23 23:45:27 GMT; Path=/
currency=USD; Expires=Thu, 09-Mar-23 23:45:27 GMT; Path=/
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-accel-buffering: no
content-encoding: gzip
x-yak-request-id: 1675813527041-f17bea37680e02ffcd79bf1bfa4650ce
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
cip: 91.90.42.154
X-Firefox-Spdy: h2
locale.temu.com/api/bg/huygens/region/locate
200 OK 0 B URL HTTP/2 locale.temu.com/api/bg/huygens/region/locate
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/bg/huygens/region/locate HTTP/1.1
Host: locale.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 2
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
x-yak-request-id: 1675813528290-8819db9cedac0fcde7ed2ed83f732b61
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
yak-timeinfo: 1675813528290|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a4
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1511
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock!%20Free%20items%20are%20waiting%20for%20you!%20Accept%20my%20invitation%20and%20earn%20free%20items!&gs_og_description=Come%20and%20join%20me%20now!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npCaXqd8lpdbXo_cnZu_txXzGK1yBITcvLcN; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=ueeyTzwxhTbMgyh7tD2gX4fMhMymAapy; Max-Age=31536000; Expires=Wed, 07 Feb 2024 23:45:28 GMT; Path=/; Domain=.temu.com
njrpl=ueeyTzwxhTbMgyh7tD2gX4fMhMymAapy; Max-Age=31536000; Expires=Wed, 07 Feb 2024 23:45:28 GMT; Path=/; Domain=.temu.com
dilx=hYUqhlsPRt7dAg4vMkOcW; Max-Age=31536000; Expires=Wed, 07 Feb 2024 23:45:28 GMT; Path=/; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1675813528066-39f3c016ba5d9a61fd5db050ecf93de8
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675813528066|20
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.thtk.temu.com/c/th.gif
200 OK 0 B URL HTTP/2 www.thtk.temu.com/c/th.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /c/th.gif HTTP/1.1
Host: www.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 766
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: image/gif
expires: Tue, 07 Feb 2023 23:45:27 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a3
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a3
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/a3 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock!%20Free%20items%20are%20waiting%20for%20you!%20Accept%20my%20invitation%20and%20earn%20free%20items!&gs_og_description=Come%20and%20join%20me%20now!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npCaXqd8lpdbXo_cnZu_txXzGK1yBITcvLcN; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1675813527999-fdbbe4968ab47351d30031a2a03732ac
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675813527999|0
cip: 91.90.42.154
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/niffler_farm_698253e58801da28c2af.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/niffler_farm_698253e58801da28c2af.js
IP
GET /m-assets/assets/js/niffler_farm_698253e58801da28c2af.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: lVJvXtX2ocRAhntidQh+tg==
etag: W/"95526f5ed5f6a1c440867b6275087eb6"
last-modified: Tue, 07 Feb 2023 13:01:58 GMT
x-content-type-options: nosniff
x-pos-request-id: ba6645a9-001e-0033-4bf5-3a89ef000000
cf-cache-status: HIT
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 795fffd229fbb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a4
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1511
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock!%20Free%20items%20are%20waiting%20for%20you!%20Accept%20my%20invitation%20and%20earn%20free%20items!&gs_og_description=Come%20and%20join%20me%20now!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npCaXqd8lpdbXo_cnZu_txXzGK1yBITcvLcN; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=D3MNpjgwVk12jpae12OYrRbYn4zsPap4; Max-Age=31536000; Expires=Wed, 07 Feb 2024 23:45:28 GMT; Path=/; Domain=.temu.com
njrpl=D3MNpjgwVk12jpae12OYrRbYn4zsPap4; Max-Age=31536000; Expires=Wed, 07 Feb 2024 23:45:28 GMT; Path=/; Domain=.temu.com
dilx=hYUqhlsPRt7dAg4vMkOcW; Max-Age=31536000; Expires=Wed, 07 Feb 2024 23:45:28 GMT; Path=/; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1675813528072-2daad95686c6779dc101732b90410cd0
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675813528072|21
cip: 91.90.42.154
X-Firefox-Spdy: h2
locale.temu.com/api/bg/huygens/region/locate
200 OK 0 B URL HTTP/2 locale.temu.com/api/bg/huygens/region/locate
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
OPTIONS /api/bg/huygens/region/locate HTTP/1.1
Host: locale.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.temu.com/
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: application/octet-stream
x-yak-request-id: 1675813528193-0302280a650a8743781a619ac5e79d77
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
yak-timeinfo: 1675813528193|0
set-cookie: api_uid=Cm0QVmPi4pgqkwEADNAJAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
content-encoding: gzip
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/l1
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/l1
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/l1 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock!%20Free%20items%20are%20waiting%20for%20you!%20Accept%20my%20invitation%20and%20earn%20free%20items!&gs_og_description=Come%20and%20join%20me%20now!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npCaXqd8lpdbXo_cnZu_txXzGK1yBITcvLcN; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1675813528073-62c44fae405eb89892b76476cb8fe955
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675813528073|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/7857_c89e9339320c814abfb8.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/7857_c89e9339320c814abfb8.js
IP
GET /m-assets/assets/js/7857_c89e9339320c814abfb8.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: zIUYSuLOPTp35fO3pA8f4w==
etag: W/"cc85184ae2ce3d3a77e5f3b7a40f1fe3"
last-modified: Fri, 03 Feb 2023 07:14:35 GMT
x-content-type-options: nosniff
x-pos-request-id: 8bfcb608-c01e-0057-669f-3767c5000000
cf-cache-status: HIT
age: 392621
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 795fffd23a02b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/vendors_a7786ef0f638cb1971b5.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/vendors_a7786ef0f638cb1971b5.js
IP
GET /m-assets/assets/js/vendors_a7786ef0f638cb1971b5.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: jMX3JGLMpqTna/YHcS77XA==
etag: W/"8cc5f72462cca6a4e76bf607712efb5c"
last-modified: Tue, 07 Feb 2023 11:30:10 GMT
x-content-type-options: nosniff
x-pos-request-id: 2b57093f-f01e-0034-6ce7-3a58e1000000
cf-cache-status: HIT
age: 39963
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 795fffd24a11b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/1031_4125d48b00fd65999d93.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/1031_4125d48b00fd65999d93.js
IP
GET /m-assets/assets/js/1031_4125d48b00fd65999d93.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: w5Ne0qAAcvnQ8N7o1qabPg==
etag: W/"c3935ed2a00072f9d0f0dee8d6a69b3e"
last-modified: Mon, 06 Feb 2023 08:50:58 GMT
x-content-type-options: nosniff
x-pos-request-id: 143b3323-401e-0037-0308-3a25e7000000
cf-cache-status: HIT
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 795fffd229f9b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/3255_cb93c139d4a774bbe4a2.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/3255_cb93c139d4a774bbe4a2.js
IP
GET /m-assets/assets/js/3255_cb93c139d4a774bbe4a2.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: VLhm2J2tzqKJA8ALvlU0+g==
etag: W/"54b866d89dadcea28903c00bbe5534fa"
last-modified: Sun, 29 Jan 2023 10:08:04 GMT
x-content-type-options: nosniff
x-pos-request-id: 523f6127-901e-009a-73e1-333c9a000000
cf-cache-status: HIT
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 795fffd24a0fb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/risk-finger-h5_687664a86ef0d129804a.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/risk-finger-h5_687664a86ef0d129804a.js
IP
GET /m-assets/assets/js/risk-finger-h5_687664a86ef0d129804a.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: QuS5nsPm7cyAJ8LLhrqLog==
etag: W/"42e4b99ec3e6edcc8027c2cb86ba8ba2"
last-modified: Wed, 11 Jan 2023 06:23:19 GMT
x-content-type-options: nosniff
x-pos-request-id: 7fa78a85-501e-0086-3a86-2578a1000000
cf-cache-status: HIT
age: 1054240
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 795fffd54fa31bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/l1
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/l1
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/l1 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/niffler_farm.html?_bg_fs=1&share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&_p_rfs=1&gs_code_way=3&gs_use_retention=0&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Favatar%2Fdefault%2F7d96f863-b4c1-43d6-8f03-ebd1c4e23e25.png&gs_comp_nickname=ke***82&gs_comp_expired=1677700161&gs_comp_thumbnail=https%3A%2F%2Fimg.kwcdn.com%2Fproduct%2F1d14c6c0b84%2F34db6f06-431f-42c0-8eec-5a8769f96ccb_1980x1980.jpeg&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&refer_share_id=H45omdtcNgdvDDdYsGFAkdr8y55Ukjc5&refer_share_channel=system_share&refer_share_suin=BAKSIV2ATE2TKMRQGAZ66SQRV4UXHCEOJYR5E44VGB7LY&group_sn=92ACB30D4E253CC8AE532E10C6D5CA2D&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&gs_invite_code=66083860&gs_og_title=Knock%2C%20knock!%20Free%20items%20are%20waiting%20for%20you!%20Accept%20my%20invitation%20and%20earn%20free%20items!&gs_og_description=Come%20and%20join%20me%20now!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F5482da50-c4fe-4c4a-9063-5001f3b86621.png.slim.png&gs_og_ios_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F7d5f97b2-3162-4db2-b63c-c8929f236ee0.png.slim.png
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npCaXqd8lpdbXo_cnZu_txXzGK1yBITcvLcN; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1675813528072-980d1d5d94fcf5dd5d4cc24b1412a613
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675813528072|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.pftk.temu.com/pmm/api/pmm/api
200 OK 0 B URL HTTP/2 www.pftk.temu.com/pmm/api/pmm/api
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /pmm/api/pmm/api HTTP/1.1
Host: www.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2035
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmxtImPi4pYslwBkr+NZAg==; _gcl_au=1.1.660497158.1675813580; _bee=D3MNpjgwVk12jpae12OYrRbYn4zsPap4; njrpl=D3MNpjgwVk12jpae12OYrRbYn4zsPap4; dilx=hYUqhlsPRt7dAg4vMkOcW; _ga_R8YHFZCMMX=GS1.1.1675813580.1.0.1675813580.60.0.0; _ga=GA1.1.2062971789.1675813580
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:45:28 GMT
content-type: application/octet-stream
expires: Tue, 07 Feb 2023 23:45:27 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
20.124.49.175
31.13.72.12
104.18.29.69
93.184.220.29
95.101.11.115
77.72.169.211
185.53.178.50
62.71.2.168