temu.com/s/tbT3M5UERqbLP
20.83.139.214301 Moved Permanently 166 B IP 20.83.139.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /s/tbT3M5UERqbLP HTTP/1.1
Host: temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Nginx
Date: Thu, 09 Feb 2023 21:13:26 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://temu.com/s/tbT3M5UERqbLP
x-yak-request-id: 1675977206040-e4c38ad7c3f6fbcd1c71eaa2cf9fc99a
strict-transport-security: max-age=2592000
Set-Cookie: api_uid=CmzU+GPlYfYS8QEaBB2VAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=temu.com; path=/
cip: 91.90.42.154
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 408d1564e8f59e6626e41be4106ce2e6
4149a1f17e8f7c446e7aa4963f3a49b6a00b6164
46e2e79c7977854058dec9cde88f963dd498dd235c3bb15b39a9e5ce1027d7fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E2E79C7977854058DEC9CDE88F963DD498DD235C3BB15B39A9E5CE1027D7FE"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12626
Expires: Fri, 10 Feb 2023 00:43:52 GMT
Date: Thu, 09 Feb 2023 21:13:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84247d80b610d0c6da587141b21323ae
46461f8709d099f5295998f41aaafa5be4387ea6
bee5e9e0d7b4a24609950ceb40194bffb482c36152d376bb119e7cc3aba488dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEE5E9E0D7B4A24609950CEB40194BFFB482C36152D376BB119E7CC3ABA488DC"
Last-Modified: Thu, 09 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7383
Expires: Thu, 09 Feb 2023 23:16:29 GMT
Date: Thu, 09 Feb 2023 21:13:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 20:34:16 GMT
content-type: application/json
age: 2350
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 50a2f8cdbbd1059f5318753155bba7ef
405e63ea4683be44f876feae34b5cb645ff751f2
f6ac743a5a17d64d2858fec5791050d2dc8074ddd823826c93e67bffdb2f0868
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6AC743A5A17D64D2858FEC5791050D2DC8074DDD823826C93E67BFFDB2F0868"
Last-Modified: Thu, 09 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9147
Expires: Thu, 09 Feb 2023 23:45:53 GMT
Date: Thu, 09 Feb 2023 21:13:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jUvl3C2fvkDiOYZEl39bjUGOUbEitASMeotOPIw3JHCYaemRqG0OFkB0AH5nVmMJT702dsibU2jiHy1uID1JYg==
x-amz-request-id: CDDBY19B1S47FAEH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 20:36:30 GMT
age: 2216
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 21:13:26 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 9e5cceb3432323908a37c3fdfa77f9ca
9218daa0d4477e0a983a11905a83b8fe0e5f1c35
724b5b01e5589f424b4ff3e9fdbfc773620c9cec985444d09ba6a910260994e3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 21:13:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 09 Feb 2023 20:01:19 GMT
Expires: Fri, 10 Feb 2023 20:01:19 GMT
ETag: "9218daa0d4477e0a983a11905a83b8fe0e5f1c35"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 20:51:21 GMT
age: 1325
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
temu.com/s/tbT3M5UERqbLP
20.121.97.20302 Found 0 B IP 20.121.97.20:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/tbT3M5UERqbLP HTTP/1.1
Host: temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: Nginx
date: Thu, 09 Feb 2023 21:13:26 GMT
content-type: text/html;charset=UTF-8
content-length: 0
location: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&group_sn=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=zD***st&gs_code_way=3&gsex_isredeem=0&gsex_el=A&needs_login=1&login_scene=7&_p_login_channel=activity&_x_msgid=211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh&_x_src=push&_x_sid=apppush_invitation&refer_share_id=pqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8&refer_share_channel=copy_link&refer_share_suin=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=74701040&gs_og_title=%F0%9F%92%B0Redeem%20CASH%20up%20to%20%24200.00%21%F0%9F%92%B0%20&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png
x-yak-request-id: 1675977206674-b8f58d480217f326e30a5eacc9215646
set-cookie: region=211; Expires=Sat, 11-Mar-23 21:13:26 GMT; Path=/
language=en; Expires=Sat, 11-Mar-23 21:13:26 GMT; Path=/
currency=USD; Expires=Sat, 11-Mar-23 21:13:26 GMT; Path=/
api_uid=CmzU+GPlYfYbrgE2BCzjAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=temu.com; path=/
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
cip: 91.90.42.154
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7409
Expires: Thu, 09 Feb 2023 23:16:55 GMT
Date: Thu, 09 Feb 2023 21:13:26 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 9b07d4ed076337eb173979f84f195f40
a50a5f2ac3c6359ac9e4e57f5d2a242c2bacc556
22cc502c163782457f1b71be277af96e14ac0b34695b95522160e86328115673
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 21:13:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 09 Feb 2023 20:35:38 GMT
Expires: Fri, 10 Feb 2023 20:35:38 GMT
ETag: "a50a5f2ac3c6359ac9e4e57f5d2a242c2bacc556"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 9b07d4ed076337eb173979f84f195f40
a50a5f2ac3c6359ac9e4e57f5d2a242c2bacc556
22cc502c163782457f1b71be277af96e14ac0b34695b95522160e86328115673
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 21:13:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 09 Feb 2023 20:35:38 GMT
Expires: Fri, 10 Feb 2023 20:35:38 GMT
ETag: "a50a5f2ac3c6359ac9e4e57f5d2a242c2bacc556"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 9b07d4ed076337eb173979f84f195f40
a50a5f2ac3c6359ac9e4e57f5d2a242c2bacc556
22cc502c163782457f1b71be277af96e14ac0b34695b95522160e86328115673
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 21:13:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 09 Feb 2023 20:35:38 GMT
Expires: Fri, 10 Feb 2023 20:35:38 GMT
ETag: "a50a5f2ac3c6359ac9e4e57f5d2a242c2bacc556"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 9b07d4ed076337eb173979f84f195f40
a50a5f2ac3c6359ac9e4e57f5d2a242c2bacc556
22cc502c163782457f1b71be277af96e14ac0b34695b95522160e86328115673
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 21:13:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 09 Feb 2023 20:35:38 GMT
Expires: Fri, 10 Feb 2023 20:35:38 GMT
ETag: "a50a5f2ac3c6359ac9e4e57f5d2a242c2bacc556"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 9b07d4ed076337eb173979f84f195f40
a50a5f2ac3c6359ac9e4e57f5d2a242c2bacc556
22cc502c163782457f1b71be277af96e14ac0b34695b95522160e86328115673
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 21:13:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 09 Feb 2023 20:35:38 GMT
Expires: Fri, 10 Feb 2023 20:35:38 GMT
ETag: "a50a5f2ac3c6359ac9e4e57f5d2a242c2bacc556"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
push.services.mozilla.com/
52.41.153.123101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.153.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 67gJ2gAkOsENBdpKiBKk0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1H/d6lhGsA4fxHPjYySoGMg9AM0=
aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
104.18.29.69200 OK 19 kB URL HTTP/2 aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
IP 104.18.29.69:0
File type PNG image data, 470 x 328, 8-bit colormap, non-interlaced\012- data
Hash 5bcec11d2b497f3f16822b36489ec5b6
1823e11f2efaf6590e09e8f8178e09971f792f1b
41f753cb40c792a19a625a2434f7ded86b43376ce1813ef3bf056a7f52c6157c
GET /upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png HTTP/1.1
Host: aimg.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.kwcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: image/png
content-length: 18595
cache-control: max-age=31536000
last-modified: Fri, 09 Dec 2022 05:54:31 GMT
request-id: 80d484941c11447ed478757d3bffb391
x-content-type-options: nosniff
x-fop-destination-type: fop
x-imagine-success: true
cf-cache-status: HIT
age: 5402115
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be989bab51e-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c401431df81ddb15caa41c0dd46d1e89
1425acaf4f62be49ed25a6ed3ee9ea9f4b64cc27
728bea4c87ad7bdc5e5755af61323951bdd7604698a67360e38837131b20c426
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.temu.com/favicon.ico
20.121.97.20200 OK 90 kB IP 20.121.97.20:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 8a8ee57c7f0b5df86d5b6d6c65530c19
d820e2858f82fb590b3791862670fcbc26b79d88
126ba0559b0cf1d0fd1f717270847074c87f2161438710531b040e1c4c8b0010
GET /favicon.ico HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&group_sn=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=zD***st&gs_code_way=3&gsex_isredeem=0&gsex_el=A&needs_login=1&login_scene=7&_p_login_channel=activity&_x_msgid=211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh&_x_src=push&_x_sid=apppush_invitation&refer_share_id=pqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8&refer_share_channel=copy_link&refer_share_suin=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=74701040&gs_og_title=%F0%9F%92%B0Redeem%20CASH%20up%20to%20%24200.00%21%F0%9F%92%B0%20&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==; region=211; language=en; currency=USD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: image/x-icon
cache-control: max-age=3600
x-yak-request-id: 1675977207366-3e12ef976a6072d67fefa2e185c28627
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
vary: User-Agent
cip: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c401431df81ddb15caa41c0dd46d1e89
1425acaf4f62be49ed25a6ed3ee9ea9f4b64cc27
728bea4c87ad7bdc5e5755af61323951bdd7604698a67360e38837131b20c426
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 21f69dc1651a1c1e9be072b4d822ae5a
880ec86ddf31637ccb726bfe682c121bd7b7d8b9
f3cdca7a622f6fcf308dfd3d1484c58c669b5dabeb6727ec0d1bdb0601936b63
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 21:13:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 09 Feb 2023 20:41:54 GMT
Expires: Fri, 10 Feb 2023 20:41:54 GMT
ETag: "880ec86ddf31637ccb726bfe682c121bd7b7d8b9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.temu.com/api/phantom/xg/pfb/a4
20.121.97.20200 OK 1.9 kB URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP 20.121.97.20:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 5398a79b13dda4cc0c38d96cd1d66556
3348abf873f3dd2abce18a50d04f58915c133aa2
a6339ed131394859f85ed45e942615d5df6bc4f9e201b80e472a24a3ec789340
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1515
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&group_sn=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=zD***st&gs_code_way=3&gsex_isredeem=0&gsex_el=A&needs_login=1&login_scene=7&_p_login_channel=activity&_x_msgid=211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh&_x_src=push&_x_sid=apppush_invitation&refer_share_id=pqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8&refer_share_channel=copy_link&refer_share_suin=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=74701040&gs_og_title=%F0%9F%92%B0Redeem%20CASH%20up%20to%20%24200.00!%F0%9F%92%B0%20&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npU8nqPjl0dJX9_0rHqji_lQiqv34BlVq~ZM; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=i1pHlvVSIehf3yxEyf31V33aklLPNapJ; Max-Age=31536000; Expires=Fri, 09 Feb 2024 21:13:27 GMT; Path=/; Domain=.temu.com
njrpl=i1pHlvVSIehf3yxEyf31V33aklLPNapJ; Max-Age=31536000; Expires=Fri, 09 Feb 2024 21:13:27 GMT; Path=/; Domain=.temu.com
dilx=anYWhVNxZJ53UHSXloxkl; Max-Age=31536000; Expires=Fri, 09 Feb 2024 21:13:27 GMT; Path=/; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1675977207899-af2fde1ff96029424da50946ef5cf6fe
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675977207899|19
cip: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 21f69dc1651a1c1e9be072b4d822ae5a
880ec86ddf31637ccb726bfe682c121bd7b7d8b9
f3cdca7a622f6fcf308dfd3d1484c58c669b5dabeb6727ec0d1bdb0601936b63
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 21:13:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 09 Feb 2023 20:41:54 GMT
Expires: Fri, 10 Feb 2023 20:41:54 GMT
ETag: "880ec86ddf31637ccb726bfe682c121bd7b7d8b9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
locale.temu.com/api/bg/huygens/region/locate
20.237.10.133200 OK 20 B URL HTTP/2 locale.temu.com/api/bg/huygens/region/locate
IP 20.237.10.133:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
OPTIONS /api/bg/huygens/region/locate HTTP/1.1
Host: locale.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.temu.com/
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: Nginx
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/octet-stream
x-yak-request-id: 1675977207980-039d614b6ace75d04d09378e8ae090c2
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
yak-timeinfo: 1675977207980|0
set-cookie: api_uid=Cm2Bv2PlYfdbYQE3BkBDAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
content-encoding: gzip
cip: 91.90.42.154
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 0cb004330b7c9dc25908cb5a36a147c3
8f2a8cc89fefbb86206bc7736005b33b506fd7a5
303424d97752bfa7bca863a7c572e74233ae50bf6ac9bbd98ce0251bd3cf0e92
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 21:13:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 09 Feb 2023 03:17:21 GMT
Expires: Fri, 10 Feb 2023 03:17:21 GMT
ETag: "8f2a8cc89fefbb86206bc7736005b33b506fd7a5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 0cb004330b7c9dc25908cb5a36a147c3
8f2a8cc89fefbb86206bc7736005b33b506fd7a5
303424d97752bfa7bca863a7c572e74233ae50bf6ac9bbd98ce0251bd3cf0e92
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 21:13:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 09 Feb 2023 03:17:21 GMT
Expires: Fri, 10 Feb 2023 03:17:21 GMT
ETag: "8f2a8cc89fefbb86206bc7736005b33b506fd7a5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7638
Expires: Thu, 09 Feb 2023 23:20:46 GMT
Date: Thu, 09 Feb 2023 21:13:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7638
Expires: Thu, 09 Feb 2023 23:20:46 GMT
Date: Thu, 09 Feb 2023 21:13:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7638
Expires: Thu, 09 Feb 2023 23:20:46 GMT
Date: Thu, 09 Feb 2023 21:13:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10fd2f55fa0cfb8616ded6ddc2bb511a
996ed68f1b9770a19a97f6c8d359e338b8c8b3ca
e552d31a5e531386b9830bb58486f09bfcb3400676f726f93fdbea08336a09da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 658f8678-b67d-4f98-b728-cf9cbad3aa86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ABI38GUpIAMFY0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e38832-2ab19d0f2345fc7515775298;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 11:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBM94J-bP0KLv3VUKHBQcndevBxzLc1rQ27Mc4Z_C-CGOyCH_FlKDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:14:59 GMT
age: 82709
etag: "996ed68f1b9770a19a97f6c8d359e338b8c8b3ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 087325c404f5b0b8e1bc800c167d6213
da37e1568089cf3536a8fe8304623694b7897326
a21b9844ebaac9fb408fc4d557badfbff0715cee7b5f3c8b9c628cdd1286dbe6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4928
x-amzn-requestid: 6f2d290e-118c-47f8-9804-440b6fad05e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f86gZEhHIAMFX5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1d79b-3bac9dcf09ea66fc4f04abbe;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 04:46:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wctSz3UwyRPsJCr9NfQDidMAMn0Wl13VP2Jt0C1nfVFKqKqiDnu_nA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:20:58 GMT
age: 82350
etag: "da37e1568089cf3536a8fe8304623694b7897326"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 07:45:45 GMT
age: 48463
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.thtk.temu.com/c/th.gif
20.185.14.249200 OK 12 kB URL HTTP/2 www.thtk.temu.com/c/th.gif
IP 20.185.14.249:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9203cfb9f0c1c958dd008eac55a9d3c4
6bdd1047590dd3fb54c15d5d6d38e7c86274b203
09770229be5ff3037708543e3204c66de84253b3a858a83a0e1672a04c0e9cb1
POST /c/th.gif HTTP/1.1
Host: www.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 822
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:28 GMT
content-type: image/gif
expires: Thu, 09 Feb 2023 21:13:27 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
www.pftk.temu.com/pmm/api/pmm/api
20.185.14.73200 OK 7.5 kB URL HTTP/2 www.pftk.temu.com/pmm/api/pmm/api
IP 20.185.14.73:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc553a8677d9c0bf4835a0c29a7345c
ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8
e821faf86e44f2b9c9d5bd8cd3575c0a99acfc58774077034c413e345a7c0c0c
POST /pmm/api/pmm/api HTTP/1.1
Host: www.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1823
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==; _gcl_au=1.1.1082548311.1675977269
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:28 GMT
content-type: application/octet-stream
expires: Thu, 09 Feb 2023 21:13:27 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 403cadd5f6beb14f5d2a4dd9eafc68d3
4724b4929c1afcc134ead274238725e4ce729b26
13d7b7ca88de8341e3ec835a5a7d8c79bc50a136aff8eb90aa3c2267f3e8cc08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5241
x-amzn-requestid: 3ffb8a54-178e-4574-9662-8dc7696203fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiy0FOqIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e41811-26219fa14a85f6e81e4cf129;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:45:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8U_d5u2rtXAyLLBhRZ3BbQkFOc5gxZIPhnyL5XOvjGV6-8KqWyn8FQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:08:52 GMT
etag: "4724b4929c1afcc134ead274238725e4ce729b26"
content-type: image/jpeg
age: 83076
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c81b231b8160dcc57cb6b3f5c3e4beb8
8f489177ca2ef48a1e0026c9d0ccff2015a01dbc
370c76e922a83edf1f5159c9088417a8cac44eb7c1322082d487f6d540fce88f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a38248ac5d9614d846e981de5b7b85da
eadc10b05e5eb18bb27e1acaa3e7ddf396344e72
b1a279792426d316b4b938b5c5c90d2575c1aba4f486e6f59821a3226dfac7f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4163
Cache-Control: max-age=102427
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:28 GMT
Etag: "63e43ed0-1d7"
Expires: Sat, 11 Feb 2023 01:40:35 GMT
Last-Modified: Thu, 09 Feb 2023 00:31:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 6341cb7e3850f3907ee336eee2c332ff
d9cb58976c40a01ba5fdbf8eaded2aea57cda1c0
efb33e22fc9d30778baa60c5d1aa22bd7796f6d38910b84e1d00011604e39b61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1675977268658&cv=11&fst=1675977268658&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365&tiba=Redeem%20Coins&auid=1082548311.1675977269&data=event%3Dpage_view&rfmt=3&fmt=4
142.250.74.130200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1675977268658&cv=11&fst=1675977268658&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365&tiba=Redeem%20Coins&auid=1082548311.1675977269&data=event%3Dpage_view&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2951), with no line terminators
Hash 7f65428279b1f537a18ce7ace7112a24
3a107301a9b3ebc2ee49959cb46cfaa547516d4b
12a990e02272a872c3c30a3566155d1ee983a58fa8ff9cd873bfa46cb2a8e14a
GET /pagead/viewthroughconversion/10974797857/?random=1675977268658&cv=11&fst=1675977268658&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365&tiba=Redeem%20Coins&auid=1082548311.1675977269&data=event%3Dpage_view&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 21:13:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1190
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 21:28:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Nir4CAGKkpdTQQ3OXIEArxhIlcJ1Rux0P2o210bSMc0gn4+Ar/krARmy22DR4dv/IE5s8RaT0MyZRDvK7P2Ohw==
content-length: 27843
x-fb-trip-id: 1679558926
date: Thu, 09 Feb 2023 21:13:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=841151062.1675977269>m=45je3280&aip=1&z=1120986617
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=841151062.1675977269>m=45je3280&aip=1&z=1120986617
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=841151062.1675977269>m=45je3280&aip=1&z=1120986617 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 21:13:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c81b231b8160dcc57cb6b3f5c3e4beb8
8f489177ca2ef48a1e0026c9d0ccff2015a01dbc
370c76e922a83edf1f5159c9088417a8cac44eb7c1322082d487f6d540fce88f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 6341cb7e3850f3907ee336eee2c332ff
d9cb58976c40a01ba5fdbf8eaded2aea57cda1c0
efb33e22fc9d30778baa60c5d1aa22bd7796f6d38910b84e1d00011604e39b61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
us.matk.temu.com/web/wtm
13.107.237.53200 OK 0 B IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web/wtm HTTP/1.1
Host: us.matk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1582
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==; _gcl_au=1.1.1082548311.1675977269; _bee=i1pHlvVSIehf3yxEyf31V33aklLPNapJ; njrpl=i1pHlvVSIehf3yxEyf31V33aklLPNapJ; dilx=anYWhVNxZJ53UHSXloxkl; _ga_R8YHFZCMMX=GS1.1.1675977268.1.0.1675977268.60.0.0; _ga=GA1.1.841151062.1675977269
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
content-type: application/octet-stream
expires: Thu, 09 Feb 2023 21:13:27 GMT
vary: Accept-Encoding
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
x-cache: CONFIG_NOCACHE
x-azure-ref: 0+GHlYwAAAABCiyhpHX2DS4bwhhhdARLZQ1BIMzBFREdFMDQxMQBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
date: Thu, 09 Feb 2023 21:13:28 GMT
content-length: 0
X-Firefox-Spdy: h2
us.matk.temu.com/web/wtm
13.107.237.53200 OK 0 B IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web/wtm HTTP/1.1
Host: us.matk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1566
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==; _gcl_au=1.1.1082548311.1675977269
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
content-type: application/octet-stream
expires: Thu, 09 Feb 2023 21:13:27 GMT
vary: Accept-Encoding
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
x-cache: CONFIG_NOCACHE
x-azure-ref: 0+GHlYwAAAACb/wW8wCHDRpVHM11IQhxlQ1BIMzBFREdFMDQxMQBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
date: Thu, 09 Feb 2023 21:13:28 GMT
content-length: 0
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je3280&_p=160474224&_gaz=1&cid=841151062.1675977269&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675977268&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh%26_x_src%3Dpush%26_x_sid%3Dapppush_invitation%26refer_share_id%3DpqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D74701040%26gs_og_title%3D%25F0%259F%2592%25B0Redeem%2520CASH%2520up%2520to%2520%2524200.00!%25F0%259F%2592%25B0%2520%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png&dt=Redeem%20Coins&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX>m=45je3280&_p=160474224&_gaz=1&cid=841151062.1675977269&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675977268&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh%26_x_src%3Dpush%26_x_sid%3Dapppush_invitation%26refer_share_id%3DpqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D74701040%26gs_og_title%3D%25F0%259F%2592%25B0Redeem%2520CASH%2520up%2520to%2520%2524200.00!%25F0%259F%2592%25B0%2520%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png&dt=Redeem%20Coins&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX>m=45je3280&_p=160474224&_gaz=1&cid=841151062.1675977269&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675977268&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh%26_x_src%3Dpush%26_x_sid%3Dapppush_invitation%26refer_share_id%3DpqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D74701040%26gs_og_title%3D%25F0%259F%2592%25B0Redeem%2520CASH%2520up%2520to%2520%2524200.00!%25F0%259F%2592%25B0%2520%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png&dt=Redeem%20Coins&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Thu, 09 Feb 2023 21:13:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 68c9a5ca4f0925eb90e5104a6f5caf1c
56ed4b24b93e7fd4df9acd185bcc5980fb072989
a89515715666eea663ececa5ecaff0ed83e8962b2369efadcbcb8e9502d9a147
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.temu.com/api/sec-csp/c/sec-gif
20.121.97.20200 OK 0 B URL HTTP/2 www.temu.com/api/sec-csp/c/sec-gif
IP 20.121.97.20:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/sec-csp/c/sec-gif HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3837
Origin: https://www.temu.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Thu, 09 Feb 2023 21:13:28 GMT
content-length: 0
x-yak-request-id: 1675977208661-5c77b1796f086839d0d1387fcc242095
access-control-allow-origin: https://www.temu.com
vary: Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675977208661|1
set-cookie: api_uid=CmzBvmPlYfhCngEsBkN6Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.temu.com; path=/
cip: 91.90.42.154
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=841151062.1675977269>m=45je3280&aip=1
64.233.165.156204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=841151062.1675977269>m=45je3280&aip=1
IP 64.233.165.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R8YHFZCMMX&cid=841151062.1675977269>m=45je3280&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.temu.com
date: Thu, 09 Feb 2023 21:13:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash b9648504305b375e3b70beea8b1adcfa
2ab5623280d1f19fbbd3b77e4b8c96f6abc4a9b6
1cb5caa1798f878d51c057b0ef9680245015399322b04b16d2eaeb2f392ae00b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 68c9a5ca4f0925eb90e5104a6f5caf1c
56ed4b24b93e7fd4df9acd185bcc5980fb072989
a89515715666eea663ececa5ecaff0ed83e8962b2369efadcbcb8e9502d9a147
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/10974797857/?random=1675977268658&cv=11&fst=1675976400000&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365&tiba=Redeem%20Coins&data=event%3Dpage_view&fmt=3&is_vtc=1&random=2173344581&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10974797857/?random=1675977268658&cv=11&fst=1675976400000&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365&tiba=Redeem%20Coins&data=event%3Dpage_view&fmt=3&is_vtc=1&random=2173344581&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10974797857/?random=1675977268658&cv=11&fst=1675976400000&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365&tiba=Redeem%20Coins&data=event%3Dpage_view&fmt=3&is_vtc=1&random=2173344581&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 21:13:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash b29d1d6101400be7f1c8666902224c04
1ff072a0b8d316b61862ffbce03a69adda1d8833
c90e0e9e51ce1bdb4fcf2204d135e158736f84d943bd1810461c755d58b764e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh%26_x_src%3Dpush%26_x_sid%3Dapppush_invitation%26refer_share_id%3DpqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D74701040%26gs_og_title%3D%25F0%259F%2592%25B0Redeem%2520CASH%2520up%2520to%2520%2524200.00!%25F0%259F%2592%25B0%2520%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png&rl=&if=false&ts=1675977269713&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675977269712.632212431&it=1675977269402&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh%26_x_src%3Dpush%26_x_sid%3Dapppush_invitation%26refer_share_id%3DpqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D74701040%26gs_og_title%3D%25F0%259F%2592%25B0Redeem%2520CASH%2520up%2520to%2520%2524200.00!%25F0%259F%2592%25B0%2520%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png&rl=&if=false&ts=1675977269713&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675977269712.632212431&it=1675977269402&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Finno_exchange_lucky.html%3F_bg_fs%3D1%26_p_rfs%3D1%26lucky_ucode%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26group_sn%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_nickname%3DzD***st%26gs_code_way%3D3%26gsex_isredeem%3D0%26gsex_el%3DA%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_msgid%3D211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh%26_x_src%3Dpush%26_x_sid%3Dapppush_invitation%26refer_share_id%3DpqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_exchange%26_ex_sid%3Dexchange_share%26gs_invite_code%3D74701040%26gs_og_title%3D%25F0%259F%2592%25B0Redeem%2520CASH%2520up%2520to%2520%2524200.00!%25F0%259F%2592%25B0%2520%26gs_og_description%3DClick%2520and%2520accept%2520my%2520invitation%2520on%2520Temu!%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png&rl=&if=false&ts=1675977269713&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675977269712.632212431&it=1675977269402&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 09 Feb 2023 21:13:29 GMT
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/2452_e0b12642f754ebdb9b20.css
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/css/2452_e0b12642f754ebdb9b20.css
IP 104.18.29.69:0
GET /m-assets/assets/css/2452_e0b12642f754ebdb9b20.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: lQ6O9wi8clS40DWMEVWEXg==
etag: W/"950e8ef708bc7254b8d0358c1155845e"
last-modified: Wed, 08 Feb 2023 01:54:18 GMT
x-content-type-options: nosniff
x-pos-request-id: 2a8203f1-001e-000f-1d61-3b5ce7000000
cf-cache-status: HIT
age: 51947
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be8c8a4b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/2242_9955bce3ef77d92c536e.css
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/css/2242_9955bce3ef77d92c536e.css
IP 104.18.29.69:0
GET /m-assets/assets/css/2242_9955bce3ef77d92c536e.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: L7eQtk7aq7+EZIOZn741AA==
etag: W/"2fb790b64edaabbf846483999fbe3500"
last-modified: Wed, 08 Feb 2023 01:54:18 GMT
x-content-type-options: nosniff
x-pos-request-id: 8b6296fc-601e-0035-2567-3b73e3000000
cf-cache-status: HIT
age: 51947
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be8c8abb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.thtk.temu.com/c/th.gif
20.185.14.249200 OK 0 B URL HTTP/2 www.thtk.temu.com/c/th.gif
IP 20.185.14.249:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /c/th.gif HTTP/1.1
Host: www.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 822
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:28 GMT
content-type: image/gif
expires: Thu, 09 Feb 2023 21:13:27 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&group_sn=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=zD***st&gs_code_way=3&gsex_isredeem=0&gsex_el=A&needs_login=1&login_scene=7&_p_login_channel=activity&_x_msgid=211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh&_x_src=push&_x_sid=apppush_invitation&refer_share_id=pqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8&refer_share_channel=copy_link&refer_share_suin=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=74701040&gs_og_title=%F0%9F%92%B0Redeem%20CASH%20up%20to%20%24200.00%21%F0%9F%92%B0%20&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png
20.121.97.20200 OK 0 B URL HTTP/2 www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&group_sn=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=zD***st&gs_code_way=3&gsex_isredeem=0&gsex_el=A&needs_login=1&login_scene=7&_p_login_channel=activity&_x_msgid=211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh&_x_src=push&_x_sid=apppush_invitation&refer_share_id=pqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8&refer_share_channel=copy_link&refer_share_suin=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=74701040&gs_og_title=%F0%9F%92%B0Redeem%20CASH%20up%20to%20%24200.00%21%F0%9F%92%B0%20&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png
IP 20.121.97.20:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&group_sn=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=zD***st&gs_code_way=3&gsex_isredeem=0&gsex_el=A&needs_login=1&login_scene=7&_p_login_channel=activity&_x_msgid=211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh&_x_src=push&_x_sid=apppush_invitation&refer_share_id=pqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8&refer_share_channel=copy_link&refer_share_suin=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=74701040&gs_og_title=%F0%9F%92%B0Redeem%20CASH%20up%20to%20%24200.00%21%F0%9F%92%B0%20&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Thu, 09 Feb 2023 21:13:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, iris-context-client-language, User-Agent
content-language: en
set-cookie: AccessToken=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
PDDAccessToken=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
user_uin=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
pdd_user_uin=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
pdd_user_id=; Domain=.temu.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
region=211; Expires=Sat, 11-Mar-23 21:13:26 GMT; Path=/
language=en; Expires=Sat, 11-Mar-23 21:13:26 GMT; Path=/
currency=USD; Expires=Sat, 11-Mar-23 21:13:26 GMT; Path=/
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-accel-buffering: no
content-encoding: gzip
x-yak-request-id: 1675977206869-4d7343b2e8a2a35ca3d7c1883d5084a4
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.temu.com/api/server/_stm
20.121.97.20200 OK 0 B URL HTTP/2 www.temu.com/api/server/_stm
IP 20.121.97.20:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/server/_stm HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&group_sn=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=zD***st&gs_code_way=3&gsex_isredeem=0&gsex_el=A&needs_login=1&login_scene=7&_p_login_channel=activity&_x_msgid=211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh&_x_src=push&_x_sid=apppush_invitation&refer_share_id=pqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8&refer_share_channel=copy_link&refer_share_suin=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=74701040&gs_og_title=%F0%9F%92%B0Redeem%20CASH%20up%20to%20%24200.00!%F0%9F%92%B0%20&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npU8nqPjl0dJX9_0rHqji_lQiqv34BlVq~ZM; timezone=UTC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/json
vary: Accept-Encoding
cip: 91.90.42.154
cache-control: no-cache, no-store
content-encoding: gzip
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a3
20.121.97.20200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a3
IP 20.121.97.20:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/phantom/xg/pfb/a3 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&group_sn=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=zD***st&gs_code_way=3&gsex_isredeem=0&gsex_el=A&needs_login=1&login_scene=7&_p_login_channel=activity&_x_msgid=211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh&_x_src=push&_x_sid=apppush_invitation&refer_share_id=pqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8&refer_share_channel=copy_link&refer_share_suin=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=74701040&gs_og_title=%F0%9F%92%B0Redeem%20CASH%20up%20to%20%24200.00!%F0%9F%92%B0%20&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npU8nqPjl0dJX9_0rHqji_lQiqv34BlVq~ZM; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-yak-request-id: 1675977207803-a47ba3ce15f05fa75361f9c86f803e6e
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675977207803|1
cip: 91.90.42.154
X-Firefox-Spdy: h2
www.thtk.temu.com/c/th.gif
20.185.14.249200 OK 0 B URL HTTP/2 www.thtk.temu.com/c/th.gif
IP 20.185.14.249:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /c/th.gif HTTP/1.1
Host: www.thtk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2147
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:28 GMT
content-type: image/gif
expires: Thu, 09 Feb 2023 21:13:27 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/9293_dc617000ed0545445def.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/9293_dc617000ed0545445def.js
IP 104.18.29.69:0
GET /m-assets/assets/js/9293_dc617000ed0545445def.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: GMiY4kHYsBmPnLA/g20Htg==
etag: W/"18c898e241d8b0198f9cb03f836d07b6"
last-modified: Thu, 02 Feb 2023 07:08:03 GMT
x-content-type-options: nosniff
x-pos-request-id: f7600c9b-501e-00aa-5dd7-361d8b000000
cf-cache-status: HIT
age: 543982
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be8ef05b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/2242_eb2286ccd181afde5c27.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/2242_eb2286ccd181afde5c27.js
IP 104.18.29.69:0
GET /m-assets/assets/js/2242_eb2286ccd181afde5c27.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: t6SXVSvfdydVVEqLAiNrjQ==
etag: W/"b7a497552bdf772755544a8b02236b8d"
last-modified: Wed, 08 Feb 2023 09:23:42 GMT
x-content-type-options: nosniff
x-pos-request-id: eb65df52-d01e-0072-47b0-3b71fc000000
cf-cache-status: HIT
age: 51947
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be8def9b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/5084_39d1e6c667c47e29d6b2.css
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/css/5084_39d1e6c667c47e29d6b2.css
IP 104.18.29.69:0
GET /m-assets/assets/css/5084_39d1e6c667c47e29d6b2.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: a2xfYvM/c11bceu03c4i6g==
etag: W/"6b6c5f62f33f735d5b71ebb4ddce22ea"
last-modified: Thu, 02 Feb 2023 07:08:04 GMT
x-content-type-options: nosniff
x-pos-request-id: f488cc63-101e-007e-48d6-3685e5000000
cf-cache-status: HIT
age: 586257
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be908f4b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/inno_exchange_lucky_18a30f699a38233400ef.css
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/css/inno_exchange_lucky_18a30f699a38233400ef.css
IP 104.18.29.69:0
GET /m-assets/assets/css/inno_exchange_lucky_18a30f699a38233400ef.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: 5k7aXx1YaD4WRN3SPXdm7g==
etag: W/"e64eda5f1d58683e1644ddd23d7766ee"
last-modified: Wed, 08 Feb 2023 02:49:04 GMT
x-content-type-options: nosniff
x-pos-request-id: 8b67cbd2-601e-0035-5668-3b73e3000000
cf-cache-status: HIT
age: 51947
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be8f8efb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/vendors_e1e5f8cc57c381faef21.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/vendors_e1e5f8cc57c381faef21.js
IP 104.18.29.69:0
GET /m-assets/assets/js/vendors_e1e5f8cc57c381faef21.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: YeO0B/30ddG13qulcyJKrQ==
etag: W/"61e3b407fdf475d1b5deaba573224aad"
last-modified: Tue, 07 Feb 2023 07:48:20 GMT
x-content-type-options: nosniff
x-pos-request-id: b4045245-001e-00a7-06ca-3ac290000000
cf-cache-status: HIT
age: 205342
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be8ff28b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/biz_vendors_407415addc1358d13334.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/biz_vendors_407415addc1358d13334.js
IP 104.18.29.69:0
GET /m-assets/assets/js/biz_vendors_407415addc1358d13334.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: PQ2r3lj+Y6My+uodM2r4wg==
etag: W/"3d0dabde58fe63a332faea1d336af8c2"
last-modified: Thu, 09 Feb 2023 03:19:35 GMT
x-content-type-options: nosniff
x-pos-request-id: aa30293a-301e-0090-1235-3c328f000000
cf-cache-status: HIT
age: 51947
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be90f39b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/api/phantom/xg/pfb/a4
20.121.97.20200 OK 0 B URL HTTP/2 www.temu.com/api/phantom/xg/pfb/a4
IP 20.121.97.20:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /api/phantom/xg/pfb/a4 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1516
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&group_sn=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=zD***st&gs_code_way=3&gsex_isredeem=0&gsex_el=A&needs_login=1&login_scene=7&_p_login_channel=activity&_x_msgid=211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh&_x_src=push&_x_sid=apppush_invitation&refer_share_id=pqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8&refer_share_channel=copy_link&refer_share_suin=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=74701040&gs_og_title=%F0%9F%92%B0Redeem%20CASH%20up%20to%20%24200.00!%F0%9F%92%B0%20&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npU8nqPjl0dJX9_0rHqji_lQiqv34BlVq~ZM; timezone=UTC; webp=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/json;charset=UTF-8
set-cookie: _bee=i1pHlvVSIehf3yxEyf31V33aklLPNapJ; Max-Age=31536000; Expires=Fri, 09 Feb 2024 21:13:27 GMT; Path=/; Domain=.temu.com
njrpl=i1pHlvVSIehf3yxEyf31V33aklLPNapJ; Max-Age=31536000; Expires=Fri, 09 Feb 2024 21:13:27 GMT; Path=/; Domain=.temu.com
dilx=anYWhVNxZJ53UHSXloxkl; Max-Age=31536000; Expires=Fri, 09 Feb 2024 21:13:27 GMT; Path=/; Domain=.temu.com
content-encoding: gzip
x-yak-request-id: 1675977207880-c7fca855c2704c4485f75f34efb5b1fb
access-control-allow-origin: https://www.temu.com
vary: Accept-Encoding, Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
yak-timeinfo: 1675977207880|20
cip: 91.90.42.154
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/inno_exchange_lucky_b3689cf74d64f3207e60.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/inno_exchange_lucky_b3689cf74d64f3207e60.js
IP 104.18.29.69:0
GET /m-assets/assets/js/inno_exchange_lucky_b3689cf74d64f3207e60.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: Zge8mQPamZnSPv38jOoetA==
etag: W/"6607bc9903da9999d23efdfc8cea1eb4"
last-modified: Wed, 08 Feb 2023 12:50:24 GMT
x-content-type-options: nosniff
x-pos-request-id: 52eb5d0c-b01e-0020-3dbc-3b44cb000000
cf-cache-status: HIT
age: 51947
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be8cef1b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pftk.temu.com/pmm/api/pmm/api
20.185.14.73200 OK 0 B URL HTTP/2 www.pftk.temu.com/pmm/api/pmm/api
IP 20.185.14.73:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /pmm/api/pmm/api HTTP/1.1
Host: www.pftk.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1831
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:28 GMT
content-type: application/octet-stream
expires: Thu, 09 Feb 2023 21:13:27 GMT
cache-control: no-cache
access-control-allow-origin: https://www.temu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/3103_e5c2e89a37d81fd38ce3.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/3103_e5c2e89a37d81fd38ce3.js
IP 104.18.29.69:0
GET /m-assets/assets/js/3103_e5c2e89a37d81fd38ce3.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: k+On8tipFZ3JHhgSpz4P0g==
etag: W/"93e3a7f2d8a9159dc91e1812a73e0fd2"
last-modified: Thu, 09 Feb 2023 03:19:36 GMT
x-content-type-options: nosniff
x-pos-request-id: 109a71dc-e01e-002d-5435-3c9bd0000000
cf-cache-status: HIT
age: 51947
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be8ceefb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/2452_24a2fd44492317c91ac8.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/2452_24a2fd44492317c91ac8.js
IP 104.18.29.69:0
GET /m-assets/assets/js/2452_24a2fd44492317c91ac8.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.temu.com
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: cgiFnIkWjLzaV2JsyvB1+g==
etag: W/"7208859c89168cbcda57626ccaf075fa"
last-modified: Thu, 09 Feb 2023 03:19:35 GMT
x-content-type-options: nosniff
x-pos-request-id: 288591d8-901e-000e-7b35-3c77e5000000
cf-cache-status: HIT
age: 51947
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be8ef15b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/js/risk-finger-h5_99843f8694e525384719.js
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/js/risk-finger-h5_99843f8694e525384719.js
IP 104.18.29.69:0
GET /m-assets/assets/js/risk-finger-h5_99843f8694e525384719.js HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: FTWzG6hmLIzzU+zH8r1ipQ==
etag: W/"1535b31ba8662c8cf353ecc7f2bd62a5"
last-modified: Wed, 11 Jan 2023 02:55:35 GMT
x-content-type-options: nosniff
x-pos-request-id: 1adc0d0f-f01e-0024-166b-25e8c3000000
cf-cache-status: HIT
age: 2521183
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9bec0e1fb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.temu.com/api/server/_stm
20.121.97.20200 OK 0 B URL HTTP/2 www.temu.com/api/server/_stm
IP 20.121.97.20:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/server/_stm HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/inno_exchange_lucky.html?_bg_fs=1&_p_rfs=1&lucky_ucode=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&group_sn=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK3DAF98F7CFF73170&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaELQxYkYPMUAs_Rm9jZtEkAAwAg-1675974268%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_nickname=zD***st&gs_code_way=3&gsex_isredeem=0&gsex_el=A&needs_login=1&login_scene=7&_p_login_channel=activity&_x_msgid=211-20230210-05-O-566005702365089792-117-Vke77UIA-apple_notice-VOIBmh&_x_src=push&_x_sid=apppush_invitation&refer_share_id=pqHgv2EMszboZ1k5Y3EgQ30oH4XrqPb8&refer_share_channel=copy_link&refer_share_suin=BC6S5J43EYAREUJQGAZQKJSIC7DFJPNBMW63QWSMMALMK&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_exchange&_ex_sid=exchange_share&gs_invite_code=74701040&gs_og_title=%F0%9F%92%B0Redeem%20CASH%20up%20to%20%24200.00!%F0%9F%92%B0%20&gs_og_description=Click%20and%20accept%20my%20invitation%20on%20Temu!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fdc30dfaf-ab61-409a-ab88-285b9230d442.png.slim.png
Cookie: api_uid=CmzU+GPlYfYbrgE2BCzjAg==; region=211; language=en; currency=USD; _nano_fp=XpE8npU8nqPjl0dJX9_0rHqji_lQiqv34BlVq~ZM; timezone=UTC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Nginx
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: application/json
vary: Accept-Encoding
cip: 91.90.42.154
cache-control: no-cache, no-store
content-encoding: gzip
X-Firefox-Spdy: h2
static.kwcdn.com/m-assets/assets/css/biz_vendors_11aef1caefe4255e175e.css
104.18.29.69200 OK 0 B URL HTTP/2 static.kwcdn.com/m-assets/assets/css/biz_vendors_11aef1caefe4255e175e.css
IP 104.18.29.69:0
GET /m-assets/assets/css/biz_vendors_11aef1caefe4255e175e.css HTTP/1.1
Host: static.kwcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.temu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 21:13:27 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
content-md5: T7mpFdy2OFOlx1dyEi2CkA==
etag: W/"4fb9a915dcb63853a5c75772122d8290"
last-modified: Sat, 28 Jan 2023 06:51:37 GMT
x-content-type-options: nosniff
x-pos-request-id: cd505bf3-701e-003c-08e6-3200f0000000
cf-cache-status: HIT
age: 1070324
access-control-allow-origin: *
coloid: 83
timing-allow-origin: *
x-cip: 91.90.42.154
server: cloudflare
cf-ray: 796f9be8c8a6b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2