temu.com/s/rdLaqKdBdg3t9Q
301 Moved Permanently 166 B URL HTTP/1.1 temu.com/s/rdLaqKdBdg3t9Q
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /s/rdLaqKdBdg3t9Q HTTP/1.1
Host: temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Nginx
Date: Wed, 29 Mar 2023 18:23:02 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://temu.com/s/rdLaqKdBdg3t9Q
x-yak-request-id: 1680114182333-681fee9f9627940bc0144281d07513bc
strict-transport-security: max-age=2592000
Set-Cookie: api_uid=CmzCXWQkggYMPABmBBLTAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=temu.com; path=/
cip: 91.90.42.154
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8077
Expires: Wed, 29 Mar 2023 20:37:39 GMT
Date: Wed, 29 Mar 2023 18:23:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9743
Expires: Wed, 29 Mar 2023 21:05:25 GMT
Date: Wed, 29 Mar 2023 18:23:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 18:15:58 GMT
content-type: application/json
age: 424
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4157
Expires: Wed, 29 Mar 2023 19:32:19 GMT
Date: Wed, 29 Mar 2023 18:23:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ej3QFebCM3clnwhLz7SOOQKpN/36qhBnoHQams8CMcSGgWYQjGZ/JQqSYt4y97SKwGSGRWBhn+o=
x-amz-request-id: 50ZESARJMCMQ0TK1
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 18:02:36 GMT
age: 1226
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 18:23:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash ba4b45945329956d5f4d92f626793d18
bb189df9aa5ce53dc86d34e605658ea56244871a
e4246116ff12a7fcfd8cf32ed22889775a3e5fdf65d44b357b07158d33929ce1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 29 Mar 2023 18:23:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 29 Mar 2023 14:45:01 GMT
Expires: Thu, 30 Mar 2023 14:45:01 GMT
ETag: "bb189df9aa5ce53dc86d34e605658ea56244871a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, ETag, Expires, Alert, Pragma, Content-Type, Retry-After, Last-Modified, Content-Length, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 18:14:36 GMT
age: 506
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
temu.com/s/rdLaqKdBdg3t9Q
302 Found 0 B URL HTTP/2 temu.com/s/rdLaqKdBdg3t9Q
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/rdLaqKdBdg3t9Q HTTP/1.1
Host: temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: Nginx
date: Wed, 29 Mar 2023 18:23:02 GMT
content-type: text/html;charset=UTF-8
content-length: 0
location: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&group_sn=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=Nikke1&gs_code_way=3&gs_comp_cr=37&gs_comp_is_credit=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz&refer_share_channel=copy_link&refer_share_suin=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=100188602&gs_og_title=%F0%9F%8E%89Up%20to%20CA%24200.00%20credit%21%20%F0%9F%8E%81You%20have%20a%20present%20from%20Temu%21&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%20to%20redeem%20your%20credit%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png
x-yak-request-id: 1680114182831-7e980a71101c0dfb9df1439defaab05c
strict-transport-security: max-age=2592000
set-cookie: region=211; Expires=Fri, 28-Apr-23 18:23:02 GMT; Path=/
language=en; Expires=Fri, 28-Apr-23 18:23:02 GMT; Path=/
currency=USD; Expires=Fri, 28-Apr-23 18:23:02 GMT; Path=/
api_uid=CmzCXWQkggYOCwBpBA98Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=temu.com; path=/
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
x-frame-options: SAMEORIGIN
cip: 91.90.42.154
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10434
Expires: Wed, 29 Mar 2023 21:16:56 GMT
Date: Wed, 29 Mar 2023 18:23:02 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GxWUqwvRIWUKy9HQ88vZJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lNHnLVPUV8l/9yRQ3k7y/93xj+A=
aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
200 OK 19 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
IP
File type PNG image data, 470 x 328, 8-bit colormap, non-interlaced\012- data
Hash 5bcec11d2b497f3f16822b36489ec5b6
1823e11f2efaf6590e09e8f8178e09971f792f1b
41f753cb40c792a19a625a2434f7ded86b43376ce1813ef3bf056a7f52c6157c
GET /upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.kwcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: image/png
content-length: 18595
cache-control: max-age=31536000
last-modified: Fri, 09 Dec 2022 05:54:31 GMT
request-id: 80d484941c11447ed478757d3bffb391
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
age: 9539091
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244ebd541c0e-OSL
X-Firefox-Spdy: h2
www.temu.com/favicon.ico
200 OK 49 kB IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 0f446fa3c00311fce9a4e599fd42ba63
76974be56dbbc3bf5f6195e5ac3451b63153154a
ffb62f0271d0752eda6167b081fc10373a046e64f2ab59c5848f2e322f4cd860
GET /favicon.ico HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&group_sn=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=Nikke1&gs_code_way=3&gs_comp_cr=37&gs_comp_is_credit=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz&refer_share_channel=copy_link&refer_share_suin=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=100188602&gs_og_title=%F0%9F%8E%89Up%20to%20CA%24200.00%20credit%21%20%F0%9F%8E%81You%20have%20a%20present%20from%20Temu%21&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%20to%20redeem%20your%20credit%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==; region=211; language=en; currency=USD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: image/x-icon
cache-control: max-age=3600
x-yak-request-id: 1680114183556-8421907290eecc62046fe907347d1dc2
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
x-frame-options: SAMEORIGIN
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NSR6SG3
200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NSR6SG3
IP
File type ASCII text, with very long lines (7937)
Hash f4a4a1f84f0a0c3559d272783c83c535
b94e0f254002cc394b4b2df734439f96c0aaa408
76d4116c6d78b98a7f664bb631d6d01a628248f0e136d2dde0aa177aa40c0451
GET /gtm.js?id=GTM-NSR6SG3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Mar 2023 18:23:03 GMT
expires: Wed, 29 Mar 2023 18:23:03 GMT
cache-control: private, max-age=900
last-modified: Wed, 29 Mar 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f6b3bb903e6f7394985c0ae662919208
ee3cb0fbd0017ed3a001ce195bc0cfa386979567
c6b84721f8ea52808c9884b612ffeaa16fe1e14345d9561135fbcf738a56dd2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:23:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.kwcdn.com/m-assets/assets/js/inno_exchange_lucky_09e354914a88be6b3b02.js
200 OK 109 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/inno_exchange_lucky_09e354914a88be6b3b02.js
IP
File type Unicode text, UTF-8 text, with very long lines (65531), with no line terminators
Size 109 kB (108742 bytes)
Hash fdc89696d3f202550d8e9705bea460d9
a2a8d46198b772804c9d018a741725bf7aa4caeb
d8cdaec4e94b79c1be2ef59a247c60b0622f67a5f1febe9d6d1baf592633e854
GET /m-assets/assets/js/inno_exchange_lucky_09e354914a88be6b3b02.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: Jw3zCrvQc+8S9X7DggZukg==
etag: W/"270df30abbd073ef12f57ec382066e92"
last-modified: Wed, 29 Mar 2023 09:22:38 GMT
x-content-type-options: nosniff
x-pos-request-id: 5e7f1762-d01e-005e-4922-6214d6000000
cf-cache-status: HIT
age: 17987
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244e0b91fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/996_19e7a77b8b63e6934e77.js
200 OK 14 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/996_19e7a77b8b63e6934e77.js
IP
File type Unicode text, UTF-8 text, with very long lines (38594)
Hash be8ea190ff81dd8786c3b7a0f3a0aaa7
a35fd0f38ad3826f9b4b309bfc43f9411659c722
1706629da6d5c292defabb8931e25896f17eeeb8df8593438ac1062714b57d2e
GET /m-assets/assets/js/996_19e7a77b8b63e6934e77.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: ECk6RKSLozwdlgKzg8uRuw==
etag: W/"10293a44a48ba33c1d9602b383cb91bb"
last-modified: Tue, 28 Mar 2023 12:36:56 GMT
x-content-type-options: nosniff
x-pos-request-id: f8beb353-401e-00a3-5372-616e98000000
cf-cache-status: HIT
age: 99488
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244e0b95fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash f06b352b06e8d74cb560ad8baca275fc
f7a32ef47e6ab3f2860aa9321d3c5b95e20b0f70
41aa550b7cf956155d17b815ca956e5d987a62f601873956df7365681e365fa1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 29 Mar 2023 18:23:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 28 Mar 2023 20:35:46 GMT
Expires: Wed, 29 Mar 2023 20:35:46 GMT
ETag: "f7a32ef47e6ab3f2860aa9321d3c5b95e20b0f70"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.temu.com/api/sec-csp/c/sec-gif
200 OK 0 B URL HTTP/2 www.temu.com/api/sec-csp/c/sec-gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/sec-csp/c/sec-gif HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2252
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 29 Mar 2023 18:23:04 GMT
content-length: 0
x-yak-request-id: 1680114184348-ab1d2012c3167c270e06eb87df34bff1
access-control-allow-origin: https://www.temu.com
vary: Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680114184348|1
set-cookie: api_uid=Cm3AVWQkgggIVgENibN2Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash af02c64e61ab82e21b5501f842e14193
e41721ee7ce80dcfb7e0b0a4e03ce3f1fe7cf9ba
d18fce2a448ae092127464ba995d331cc72f30fedf31bfd1e5d4992fe2f2fd39
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 29 Mar 2023 18:23:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 28 Mar 2023 20:55:41 GMT
Expires: Wed, 29 Mar 2023 20:55:41 GMT
ETag: "e41721ee7ce80dcfb7e0b0a4e03ce3f1fe7cf9ba"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16034
Expires: Wed, 29 Mar 2023 22:50:18 GMT
Date: Wed, 29 Mar 2023 18:23:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16034
Expires: Wed, 29 Mar 2023 22:50:18 GMT
Date: Wed, 29 Mar 2023 18:23:04 GMT
Connection: keep-alive
us.pftk.temu.com/pmm/api/pmm/api
200 OK 503 B URL HTTP/2 us.pftk.temu.com/pmm/api/pmm/api
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST /pmm/api/pmm/api HTTP/1.1
Host: us.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1801
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:04 GMT
content-type: application/octet-stream
expires: Wed, 29 Mar 2023 18:23:03 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16034
Expires: Wed, 29 Mar 2023 22:50:18 GMT
Date: Wed, 29 Mar 2023 18:23:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:35 GMT
age: 74309
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8afbc872d18847aaed67054dbfc2d31b
6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b
65c2b5fe2a3df654cfed7e7721b2d8f08665a72bb358b4d6e30e7cba853336e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5414
x-amzn-requestid: b6795b2f-1460-4516-bac0-9148e9868fa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguaYF5jIAMFmiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ddb-42762e4f0aa5e6050f82d138;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:27 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 2uZtp6TgGSem59CZMyKKtawyKTmNiLyj5wu7RXTGq04n2tN_gefzsw==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:08 GMT
age: 74396
etag: "6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/6564_88f153ad7238bd4924d2.js
200 OK 32 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/6564_88f153ad7238bd4924d2.js
IP
File type Unicode text, UTF-8 text, with very long lines (65521), with no line terminators
Hash e647d26d6d1a7d5ebc9f444d87d6184f
7280fa4fadeff4a5f7c1cd48ad9f05e03677f0e3
86087134ba117554f2ab12d2bd76056b84bd6b8b175ec511ade490dce650c562
GET /m-assets/assets/js/6564_88f153ad7238bd4924d2.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: AZaug1tGotJYA6Nd7Zo+Ng==
etag: W/"0196ae835b46a2d25803a35ded9a3e36"
last-modified: Wed, 29 Mar 2023 09:22:40 GMT
x-content-type-options: nosniff
x-pos-request-id: 3428866d-901e-00a6-0d22-62e992000000
cf-cache-status: HIT
age: 17987
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244e0b9efac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/vendors_50bcb8c21d3d6756c3d6.js
200 OK 197 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/vendors_50bcb8c21d3d6756c3d6.js
IP
File type Unicode text, UTF-8 text, with very long lines (63979), with no line terminators
Size 197 kB (197318 bytes)
Hash 9b2601d953aaf1080139bcf50a3975e2
e879ba3333d15738ebb3b326b8ffdf6f5ba1618e
17e05068d4b3e1ea45ba2105d49f90009df68c5ee0918937bbb52cef369ff5b8
GET /m-assets/assets/js/vendors_50bcb8c21d3d6756c3d6.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: fcogjUhoW1RsnBg9sJCszw==
etag: W/"7dca208d48685b546c9c183db090accf"
last-modified: Sat, 11 Mar 2023 06:00:48 GMT
x-content-type-options: nosniff
x-pos-request-id: fdd47238-901e-0066-08e0-536dd6000000
cf-cache-status: HIT
age: 505137
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244dfb7dfac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0a85ec27ed4f7910e26b4ff023ab1fb
f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0
fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6722
x-amzn-requestid: a6de82bd-5b03-4ffd-90dd-9bd03331d123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GG2IAMFuzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-7cb1c8187fe3d2b0283fb3a0;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: lZBspmi0Dku2a7jY39WyiBC3wu5F4eAvbTwHF6_8pgHfw21XSW_NbA==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:58 GMT
age: 74346
etag: "f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 096bf7a8a2bfe48c19e6bf6887145e64
6193039864cae4ab0163f3a7d45613fb86e6be14
51625131b04aa5294e90062807ca728b7a41db79ea069cd238711f8ead5ecd8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7630
x-amzn-requestid: 5f162d03-0d82-4cd6-8812-4dac159bc2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY9HwhIAMFeOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-670279397929c69c0ee58b35;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 79RHJqi0dV_HFeUvGnzbChn8_54pc_ceWOEvLzrtxhr33rG6V42Buw==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:36 GMT
etag: "6193039864cae4ab0163f3a7d45613fb86e6be14"
content-type: image/jpeg
age: 74308
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 77328ed8e02ac9cae0792f75595372ef
460d27de6dbe3be07e58336653bdaffd00fb4cd5
da423027e66ef28680522c9e325852f1c0d05c1e18e26c2265a29e6bdf02ad00
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1106
Cache-Control: max-age=101681
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:23:04 GMT
Etag: "642367e7-1d7"
Expires: Thu, 30 Mar 2023 22:37:45 GMT
Last-Modified: Tue, 28 Mar 2023 22:19:19 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
static.kwcdn.com/m-assets/assets/css/biz_vendors_bfcc78c037e66530359a.css
200 OK 20 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/css/biz_vendors_bfcc78c037e66530359a.css
IP
File type Unicode text, UTF-8 text, with very long lines (10281)
Hash 4abd1817d832199764451eacf5d02795
7ec49a65726b17e2b1442a2f8fdba13a377554f5
c5efd2738613d004c35fa68ab516115a1ae624f5e41635882afca16f83167c0a
GET /m-assets/assets/css/biz_vendors_bfcc78c037e66530359a.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: NmPoJuiXnN9Mypy+4U7YIg==
etag: W/"3663e826e8979cdf4cca9cbee14ed822"
last-modified: Fri, 03 Mar 2023 09:55:56 GMT
x-content-type-options: nosniff
x-pos-request-id: ad0b656f-201e-0059-66c2-4ec5d8000000
cf-cache-status: HIT
age: 1755507
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244e0c011c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/354_f470173ad6bf2e093cbe.css
200 OK 22 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/css/354_f470173ad6bf2e093cbe.css
IP
File type ASCII text, with very long lines (7038)
Hash cfbecefe00665a0251392885913a0f00
704c237355e7fc67e357792332a4e530002e5417
647a465c0d40b264f560d038d318e6551fe430d76a3e02b7dbfcc2f3d362cd8f
GET /m-assets/assets/css/354_f470173ad6bf2e093cbe.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: +f1EkKxpWuwEQ3MYiq1c7g==
etag: W/"f9fd4490ac695aec044373188aad5cee"
last-modified: Wed, 29 Mar 2023 04:02:35 GMT
x-content-type-options: nosniff
x-pos-request-id: b01e242d-d01e-000a-4f03-62dbed000000
cf-cache-status: HIT
age: 23742
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244e0bef1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/risk-finger-h5_99843f8694e525384719.js
200 OK 61 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/risk-finger-h5_99843f8694e525384719.js
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 8161787ed0a12dd3bc04074178942a02
c659f25901b605ae55969500f09dcd29a11a0dd3
320df406060be9ffff9a19085591d174cd040e1233d0aed9493451fd76e2b8b5
GET /m-assets/assets/js/risk-finger-h5_99843f8694e525384719.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: FTWzG6hmLIzzU+zH8r1ipQ==
etag: W/"1535b31ba8662c8cf353ecc7f2bd62a5"
last-modified: Wed, 11 Jan 2023 02:55:35 GMT
x-content-type-options: nosniff
x-pos-request-id: 1adc0d0f-f01e-0024-166b-25e8c3000000
cf-cache-status: HIT
age: 6658159
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa2450d9901c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/4482_addbf276be3e08c7fda5.js
200 OK 13 kB URL HTTP/2 static.kwcdn.com/m-assets/assets/js/4482_addbf276be3e08c7fda5.js
IP
File type Unicode text, UTF-8 text, with very long lines (44005)
Hash a483408dbd668e169fa97660c89f8ab3
82ca4d6e9c3182da7e35b8d64af784ecb2c23e4e
af364d1756404b2a9a71a31ec96c23821d763acc3ee096ef704d5cafec0d4cb8
GET /m-assets/assets/js/4482_addbf276be3e08c7fda5.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: JDhHX/xphoUmp+xEIezTIw==
etag: W/"2438475ffc69868526a7ec4421ecd323"
last-modified: Mon, 27 Mar 2023 01:20:39 GMT
x-content-type-options: nosniff
x-pos-request-id: 2c771c16-e01e-0001-7d4b-60fefa000000
cf-cache-status: HIT
age: 196034
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244e0b98fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1680114207764&cv=11&fst=1680114207764&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07&hn=www.googleadservices.com&frm=0&tiba=Redeem%20Coins&auid=818702165.1680114208&data=event%3Dpage_view&rfmt=3&fmt=4
200 OK 1.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1680114207764&cv=11&fst=1680114207764&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07&hn=www.googleadservices.com&frm=0&tiba=Redeem%20Coins&auid=818702165.1680114208&data=event%3Dpage_view&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (3635), with no line terminators
Hash 1f44f9829725bc8a13a58eae5cc783d1
6bc7ed8d22513734fc1c0a53ef26fe9d3f2bcd47
a06c831f3ab19f76f6e6e1ba48b173512c01899037dd13873a7717e1b1cdc15e
GET /pagead/viewthroughconversion/10974797857/?random=1680114207764&cv=11&fst=1680114207764&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07&hn=www.googleadservices.com&frm=0&tiba=Redeem%20Coins&auid=818702165.1680114208&data=event%3Dpage_view&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 18:23:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1517
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 29-Mar-2023 18:38:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 77328ed8e02ac9cae0792f75595372ef
460d27de6dbe3be07e58336653bdaffd00fb4cd5
da423027e66ef28680522c9e325852f1c0d05c1e18e26c2265a29e6bdf02ad00
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1214
Cache-Control: max-age=101789
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:23:04 GMT
Etag: "642367e7-1d7"
Expires: Thu, 30 Mar 2023 22:39:33 GMT
Last-Modified: Tue, 28 Mar 2023 22:19:19 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6674c1bff1cd533fa4a8992632d6d4e3
a2ca2162800e1401ac9a13d854faaa022997d823
c8a170da75fab65dd94c351514fc9304c9ea3b3682334607b65700b91f895201
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:23:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f161a33a46c303fe6941d93b84aa0db4
44f5db5883e92d3ced3250ef1af279ca6cd21ef6
106c024af015f65e48565d3dccc95942ce222f4a7e02de0966751ad6ff129129
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:23:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.temu.com/api/sec-csp/c/sec-gif
200 OK 0 B URL HTTP/2 www.temu.com/api/sec-csp/c/sec-gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/sec-csp/c/sec-gif HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3786
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 29 Mar 2023 18:23:04 GMT
content-length: 0
x-yak-request-id: 1680114184833-c13fe7bcca5ca8f3dcdcc94b7a789d1c
access-control-allow-origin: https://www.temu.com
vary: Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680114184833|1
set-cookie: api_uid=Cm2GpWQkgghV3gEHiKdZAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
X-Firefox-Spdy: h2
us.matk.temu.com/web/wtm
200 OK 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web/wtm HTTP/1.1
Host: us.matk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1575
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==; _gcl_au=1.1.818702165.1680114208; _bee=nBJTwMFhgaqmzRx3VRXtMY8JvqE0yap1; njrpl=nBJTwMFhgaqmzRx3VRXtMY8JvqE0yap1; dilx=ZTd1Z~iK3qBms8~GNI4aW; _ga_R8YHFZCMMX=GS1.1.1680114207.1.0.1680114207.60.0.0; _ga=GA1.1.1974605883.1680114208
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
content-type: application/octet-stream
expires: Wed, 29 Mar 2023 18:23:03 GMT
vary: Accept-Encoding
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
x-cache: CONFIG_NOCACHE
x-azure-ref: 0CIIkZAAAAACETq48R2YuSZMARyd9tiO0U1ZHMjBFREdFMDYxNgBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
date: Wed, 29 Mar 2023 18:23:04 GMT
content-length: 0
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33r0&_p=1526450989&_gaz=1&cid=1974605883.1680114208&ul=en-us&sr=1280x1024&_s=1&sid=1680114207&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D100188602%26gs_og_title%3D%25F0%259F%258E%2589Up%2520to%2520CA%2524200.00%2520credit!%2520%25F0%259F%258E%2581You%2520have%2520a%2520present%2520from%2520Temu!%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu%2520to%2520redeem%2520your%2520credit!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png&dt=Redeem%20Coins&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33r0&_p=1526450989&_gaz=1&cid=1974605883.1680114208&ul=en-us&sr=1280x1024&_s=1&sid=1680114207&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D100188602%26gs_og_title%3D%25F0%259F%258E%2589Up%2520to%2520CA%2524200.00%2520credit!%2520%25F0%259F%258E%2581You%2520have%2520a%2520present%2520from%2520Temu!%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu%2520to%2520redeem%2520your%2520credit!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png&dt=Redeem%20Coins&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33r0&_p=1526450989&_gaz=1&cid=1974605883.1680114208&ul=en-us&sr=1280x1024&_s=1&sid=1680114207&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D100188602%26gs_og_title%3D%25F0%259F%258E%2589Up%2520to%2520CA%2524200.00%2520credit!%2520%25F0%259F%258E%2581You%2520have%2520a%2520present%2520from%2520Temu!%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu%2520to%2520redeem%2520your%2520credit!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png&dt=Redeem%20Coins&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Wed, 29 Mar 2023 18:23:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9f52e1a56e3580c1bf81562a9df645f8
7c0b65f04f7c1ce3cc65f0ab3207d8d18ba5350b
28f16d1df407bb8bf6b28d978c94a40ea1f151dbc9e4e73493c999d881c3dc25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:23:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1dae5c4411aebbdbe55cc5627e9e14eb
b2f7c6416ab8ccbbab2ba595b1d73a261b15662b
25232ccee86630750360241c79083208b8cc72c492c018015e63ef535b86aa8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:23:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33r0&_p=1526450989&cid=1974605883.1680114208&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1680114207&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D100188602%26gs_og_title%3D%25F0%259F%258E%2589Up%2520to%2520CA%2524200.00%2520credit!%2520%25F0%259F%258E%2581You%2520have%2520a%2520present%2520from%2520Temu!%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu%2520to%2520redeem%2520your%2520credit!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png&dt=Redeem%20Coins&en=scroll&epn.percent_scrolled=90&_et=9
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33r0&_p=1526450989&cid=1974605883.1680114208&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1680114207&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D100188602%26gs_og_title%3D%25F0%259F%258E%2589Up%2520to%2520CA%2524200.00%2520credit!%2520%25F0%259F%258E%2581You%2520have%2520a%2520present%2520from%2520Temu!%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu%2520to%2520redeem%2520your%2520credit!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png&dt=Redeem%20Coins&en=scroll&epn.percent_scrolled=90&_et=9
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX>m=45je33r0&_p=1526450989&cid=1974605883.1680114208&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1680114207&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D100188602%26gs_og_title%3D%25F0%259F%258E%2589Up%2520to%2520CA%2524200.00%2520credit!%2520%25F0%259F%258E%2581You%2520have%2520a%2520present%2520from%2520Temu!%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu%2520to%2520redeem%2520your%2520credit!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png&dt=Redeem%20Coins&en=scroll&epn.percent_scrolled=90&_et=9 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Wed, 29 Mar 2023 18:23:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
us.matk.temu.com/web/wtm
200 OK 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web/wtm HTTP/1.1
Host: us.matk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1559
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==; _gcl_au=1.1.818702165.1680114208
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
content-type: application/octet-stream
expires: Wed, 29 Mar 2023 18:23:03 GMT
vary: Accept-Encoding
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
x-cache: CONFIG_NOCACHE
x-azure-ref: 0CIIkZAAAAACVM61KtB0ATrnoRARvqHT/U1ZHMjBFREdFMDYxNgBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
date: Wed, 29 Mar 2023 18:23:04 GMT
content-length: 0
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/10974797857/?random=1680114207764&cv=11&fst=1680112800000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07&frm=0&tiba=Redeem%20Coins&data=event%3Dpage_view&fmt=3&is_vtc=1&random=501915810&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10974797857/?random=1680114207764&cv=11&fst=1680112800000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07&frm=0&tiba=Redeem%20Coins&data=event%3Dpage_view&fmt=3&is_vtc=1&random=501915810&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10974797857/?random=1680114207764&cv=11&fst=1680112800000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07&frm=0&tiba=Redeem%20Coins&data=event%3Dpage_view&fmt=3&is_vtc=1&random=501915810&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 18:23:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=1974605883.1680114208>m=45je33r0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=1974605883.1680114208>m=45je33r0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX&cid=1974605883.1680114208>m=45je33r0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Wed, 29 Mar 2023 18:23:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash dc0cf0275c44e5495e8f323c00b9d588
f7f19e521a439f85915f7582797a060629b879c6
abc856a823e0d89a87f6a4d3b2a48f5dcb99cdd94ce5d3b8cb8d51e665a74c4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1dae5c4411aebbdbe55cc5627e9e14eb
b2f7c6416ab8ccbbab2ba595b1d73a261b15662b
25232ccee86630750360241c79083208b8cc72c492c018015e63ef535b86aa8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D100188602%26gs_og_title%3D%25F0%259F%258E%2589Up%2520to%2520CA%2524200.00%2520credit!%2520%25F0%259F%258E%2581You%2520have%2520a%2520present%2520from%2520Temu!%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu%2520to%2520redeem%2520your%2520credit!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png&rl=&if=false&ts=1680114208664&sw=1280&sh=1024&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1680114208661.1812901337&it=1680114208439&coo=false&tm=1&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D100188602%26gs_og_title%3D%25F0%259F%258E%2589Up%2520to%2520CA%2524200.00%2520credit!%2520%25F0%259F%258E%2581You%2520have%2520a%2520present%2520from%2520Temu!%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu%2520to%2520redeem%2520your%2520credit!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png&rl=&if=false&ts=1680114208664&sw=1280&sh=1024&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1680114208661.1812901337&it=1680114208439&coo=false&tm=1&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26group_sn%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMzc%252FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DNikke1%26gs_code_way%3D3%26gs_comp_cr%3D37%26gs_comp_is_credit%3D1%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dpersonal%26refer_share_id%3D07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D100188602%26gs_og_title%3D%25F0%259F%258E%2589Up%2520to%2520CA%2524200.00%2520credit!%2520%25F0%259F%258E%2581You%2520have%2520a%2520present%2520from%2520Temu!%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu%2520to%2520redeem%2520your%2520credit!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png&rl=&if=false&ts=1680114208664&sw=1280&sh=1024&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1680114208661.1812901337&it=1680114208439&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 29 Mar 2023 18:23:05 GMT
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/6006_3c9550843dae2dc061bf.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/6006_3c9550843dae2dc061bf.js
IP
GET /m-assets/assets/js/6006_3c9550843dae2dc061bf.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: p6w/VrRUnD81zAj5d0yrIg==
etag: W/"a7ac3f56b4549c3f35cc08f9774cab22"
last-modified: Mon, 27 Mar 2023 07:16:25 GMT
x-content-type-options: nosniff
x-pos-request-id: a4ba6147-701e-0084-6c8e-602ea5000000
cf-cache-status: HIT
age: 196034
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244e1ba0fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/l1
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/l1
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/l1 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&group_sn=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=Nikke1&gs_code_way=3&gs_comp_cr=37&gs_comp_is_credit=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz&refer_share_channel=copy_link&refer_share_suin=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=100188602&gs_og_title=%F0%9F%8E%89Up%20to%20CA%24200.00%20credit!%20%F0%9F%8E%81You%20have%20a%20present%20from%20Temu!&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%20to%20redeem%20your%20credit!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0gan0PonqdqnC_4VpUrjvP8MUgka7UoAnmv
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 29 Mar 2023 18:23:04 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1680114184110-f2f9a9d0f529c2f1f4e650c3d507a81c
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680114184110|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
us.thtk.temu.com/c/th.gif
200 OK 0 B URL HTTP/2 us.thtk.temu.com/c/th.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /c/th.gif HTTP/1.1
Host: us.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 628
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:04 GMT
content-type: image/gif
expires: Wed, 29 Mar 2023 18:23:03 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
www.temu.com/api/server/_stm
200 OK 0 B URL HTTP/2 www.temu.com/api/server/_stm
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/server/_stm HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&group_sn=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=Nikke1&gs_code_way=3&gs_comp_cr=37&gs_comp_is_credit=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz&refer_share_channel=copy_link&refer_share_suin=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=100188602&gs_og_title=%F0%9F%8E%89Up%20to%20CA%24200.00%20credit!%20%F0%9F%8E%81You%20have%20a%20present%20from%20Temu!&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%20to%20redeem%20your%20credit!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0gan0PonqdqnC_4VpUrjvP8MUgka7UoAnmv
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/json
vary: Accept-Encoding
cip: 91.90.42.154
cache-control: no-cache, no-store
content-encoding: gzip
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a4
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1511
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&group_sn=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=Nikke1&gs_code_way=3&gs_comp_cr=37&gs_comp_is_credit=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz&refer_share_channel=copy_link&refer_share_suin=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=100188602&gs_og_title=%F0%9F%8E%89Up%20to%20CA%24200.00%20credit!%20%F0%9F%8E%81You%20have%20a%20present%20from%20Temu!&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%20to%20redeem%20your%20credit!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0gan0PonqdqnC_4VpUrjvP8MUgka7UoAnmv
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 29 Mar 2023 18:23:04 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=W0yytw7ZcHxhP8OHBwpdHA84isvYxapD; Max-Age=31536000; Expires=Thu, 28 Mar 2024 18:23:04 GMT; Path=/; Domain=.temu.com
njrpl=W0yytw7ZcHxhP8OHBwpdHA84isvYxapD; Max-Age=31536000; Expires=Thu, 28 Mar 2024 18:23:04 GMT; Path=/; Domain=.temu.com
dilx=ZTd1Z~iK3qBms8~GNI4aW; Max-Age=31536000; Expires=Thu, 28 Mar 2024 18:23:04 GMT; Path=/; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1680114184091-24dbf7de86b132ee3f83bd537719971b
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680114184091|21
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a4
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1509
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&group_sn=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=Nikke1&gs_code_way=3&gs_comp_cr=37&gs_comp_is_credit=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz&refer_share_channel=copy_link&refer_share_suin=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=100188602&gs_og_title=%F0%9F%8E%89Up%20to%20CA%24200.00%20credit!%20%F0%9F%8E%81You%20have%20a%20present%20from%20Temu!&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%20to%20redeem%20your%20credit!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0gan0PonqdqnC_4VpUrjvP8MUgka7UoAnmv
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 29 Mar 2023 18:23:04 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=nBJTwMFhgaqmzRx3VRXtMY8JvqE0yap1; Max-Age=31536000; Expires=Thu, 28 Mar 2024 18:23:04 GMT; Path=/; Domain=.temu.com
njrpl=nBJTwMFhgaqmzRx3VRXtMY8JvqE0yap1; Max-Age=31536000; Expires=Thu, 28 Mar 2024 18:23:04 GMT; Path=/; Domain=.temu.com
dilx=ZTd1Z~iK3qBms8~GNI4aW; Max-Age=31536000; Expires=Thu, 28 Mar 2024 18:23:04 GMT; Path=/; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1680114184095-18070b6852c76c16bef7850702aedbbf
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680114184095|21
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&group_sn=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=Nikke1&gs_code_way=3&gs_comp_cr=37&gs_comp_is_credit=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz&refer_share_channel=copy_link&refer_share_suin=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=100188602&gs_og_title=%F0%9F%8E%89Up%20to%20CA%24200.00%20credit%21%20%F0%9F%8E%81You%20have%20a%20present%20from%20Temu%21&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%20to%20redeem%20your%20credit%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png
200 OK 0 B URL HTTP/2 www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&group_sn=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=Nikke1&gs_code_way=3&gs_comp_cr=37&gs_comp_is_credit=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz&refer_share_channel=copy_link&refer_share_suin=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=100188602&gs_og_title=%F0%9F%8E%89Up%20to%20CA%24200.00%20credit%21%20%F0%9F%8E%81You%20have%20a%20present%20from%20Temu%21&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%20to%20redeem%20your%20credit%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&group_sn=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=Nikke1&gs_code_way=3&gs_comp_cr=37&gs_comp_is_credit=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz&refer_share_channel=copy_link&refer_share_suin=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=100188602&gs_og_title=%F0%9F%8E%89Up%20to%20CA%24200.00%20credit%21%20%F0%9F%8E%81You%20have%20a%20present%20from%20Temu%21&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%20to%20redeem%20your%20credit%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, iris-context-client-language, User-Agent
content-language: en
set-cookie: AccessToken=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
PDDAccessToken=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
user_uin=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
pdd_user_uin=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
pdd_user_id=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
region=211; Expires=Fri, 28-Apr-23 18:23:03 GMT; Path=/
language=en; Expires=Fri, 28-Apr-23 18:23:03 GMT; Path=/
currency=USD; Expires=Fri, 28-Apr-23 18:23:03 GMT; Path=/
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-accel-buffering: no
content-encoding: gzip
x-yak-request-id: 1680114183086-deef831d537d1105b9c530ff7d667349
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
x-frame-options: SAMEORIGIN
cip: 91.90.42.154
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/inno_exchange_lucky_96657fc2a2ff3afc841f.css
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/css/inno_exchange_lucky_96657fc2a2ff3afc841f.css
IP
GET /m-assets/assets/css/inno_exchange_lucky_96657fc2a2ff3afc841f.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: /c4KVExr4N/gmobgF9v0Ag==
etag: W/"fdce0a544c6be0dfe09a86e017dbf402"
last-modified: Wed, 29 Mar 2023 07:36:26 GMT
x-content-type-options: nosniff
x-pos-request-id: 729a609f-101e-0092-4d11-62648b000000
cf-cache-status: HIT
age: 23742
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244e0bf91c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/biz_vendors_7b686df7780a533662fe.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/biz_vendors_7b686df7780a533662fe.js
IP
GET /m-assets/assets/js/biz_vendors_7b686df7780a533662fe.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: 62+Z8gEBNCFLVuC2L//sOQ==
etag: W/"eb6f99f2010134214b56e0b62fffec39"
last-modified: Wed, 29 Mar 2023 09:22:40 GMT
x-content-type-options: nosniff
x-pos-request-id: 9d364ebf-a01e-007d-7e22-62f8e3000000
cf-cache-status: HIT
age: 17987
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244e0b93fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
locale.temu.com/api/bg/huygens/region/locate
200 OK 0 B URL HTTP/2 locale.temu.com/api/bg/huygens/region/locate
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
OPTIONS /api/bg/huygens/region/locate HTTP/1.1
Host: locale.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.temu.com/
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: Nginx
date: Wed, 29 Mar 2023 18:23:04 GMT
content-type: application/octet-stream
x-yak-request-id: 1680114184114-8322425f90f45abe830c952cc46fd0be
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
yak-timeinfo: 1680114184114|0
set-cookie: api_uid=CmzGrWQkggiCJQBpiSkDAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
content-encoding: gzip
cip: 91.90.42.154
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/354_036034727b26eea9b39a.js
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/354_036034727b26eea9b39a.js
IP
GET /m-assets/assets/js/354_036034727b26eea9b39a.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: YvBvhD7zSQ+S5BGphie9Cw==
etag: W/"62f06f843ef3490f92e411a98627bd0b"
last-modified: Wed, 29 Mar 2023 09:22:40 GMT
x-content-type-options: nosniff
x-pos-request-id: f859183d-e01e-0069-2b22-62e4c9000000
cf-cache-status: HIT
age: 17987
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244dfb7ffac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
us.thtk.temu.com/c/th.gif
200 OK 0 B URL HTTP/2 us.thtk.temu.com/c/th.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /c/th.gif HTTP/1.1
Host: us.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1961
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:04 GMT
content-type: image/gif
expires: Wed, 29 Mar 2023 18:23:03 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/6564_a722f594fdba9e1fbd25.css
200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/css/6564_a722f594fdba9e1fbd25.css
IP
GET /m-assets/assets/css/6564_a722f594fdba9e1fbd25.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: niutHTW3FnUmD/L1Q0Xixw==
etag: W/"9e2bad1d35b71675260ff2f54345e2c7"
last-modified: Tue, 28 Mar 2023 08:03:59 GMT
x-content-type-options: nosniff
x-pos-request-id: 634092fd-601e-0009-344d-61a6eb000000
cf-cache-status: HIT
age: 118734
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 7afa244e1c031c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a3
200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a3
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/a3 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&group_sn=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQABD590E2FF5BB6092&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMzc%2FCgI2WRIITFY5bFRzOUQaEH_5wUX5kpOdTWwXFDsePaAwAg-1678465053%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=Nikke1&gs_code_way=3&gs_comp_cr=37&gs_comp_is_credit=1&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=personal&refer_share_id=07MwJdEVDAzIqBhkZMuGa6ijlDf1rVuz&refer_share_channel=copy_link&refer_share_suin=BAEU77YOTGC66PJQGAZQRXSWXHMVAPOXLOQZ3NNWKAKQA&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=100188602&gs_og_title=%F0%9F%8E%89Up%20to%20CA%24200.00%20credit!%20%F0%9F%8E%81You%20have%20a%20present%20from%20Temu!&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%20to%20redeem%20your%20credit!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fa7b5e6ac-f439-4cc2-988b-873bd8041da1.png.slim.png
Cookie: api_uid=CmzCXWQkggYOCwBpBA98Ag==; region=211; language=en; currency=USD; timezone=UTC; webp=1; _nano_fp=XpEJX0gan0PonqdqnC_4VpUrjvP8MUgka7UoAnmv
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Wed, 29 Mar 2023 18:23:03 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1680114183994-c97c1bb526791d53f4feda07ae4f39f0
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1680114183994|2
cip: 91.90.42.154
X-Firefox-Spdy: h2
20.124.48.109
23.36.77.32
104.18.28.69
31.13.72.36
77.72.169.211
62.71.2.168
212.227.67.33