www.temu.com
20.83.139.214

Go To Rescan
Add Verdict Report

Submitted URL:
https://temu.com/s/QALhmxuQLc1Nx1SD
Effective URL:
https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_...
Submission: On January 31 via manual (January 31st 2023, 6:50:54 am UTC) from NO — Scanned from NO

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 8 domains to perform 43 HTTP transactions. The main IP is 20.83.139.214, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.temu.com. The Cisco Umbrella rank of the primary domain is 27756.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 14th 2022. Valid for: a year.

This is the only time www.temu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	20.83.139.214 20.83.139.214	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	104.18.29.69 104.18.29.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	20.185.14.73 20.185.14.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
3	20.231.235.230 20.231.235.230	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.237.44 13.107.237.44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	142.251.208.130 142.251.208.130	15169 (GOOGLE) (GOOGLE)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	66.102.1.157 66.102.1.157	15169 (GOOGLE) (GOOGLE)
2	142.251.39.35 142.251.39.35	15169 (GOOGLE) (GOOGLE)
1	142.250.180.228 142.250.180.228	15169 (GOOGLE) (GOOGLE)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
43	14

11 20.83.139.214 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
locale.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.29.69 (None, )

ASN13335 (CLOUDFLARENET, US)

static.kwcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aimg.kwcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.185.14.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.pftk.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.231.235.230 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.thtk.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.237.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

us.matk.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.208.130 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.35 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f3.1e100.net

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.228 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	temu.com 1 redirects temu.com — Cisco Umbrella Rank: 14864 www.temu.com — Cisco Umbrella Rank: 27756 locale.temu.com — Cisco Umbrella Rank: 39440 www.pftk.temu.com — Cisco Umbrella Rank: 32415 www.thtk.temu.com — Cisco Umbrella Rank: 33939 us.matk.temu.com — Cisco Umbrella Rank: 36872	44 KB
11	kwcdn.com static.kwcdn.com — Cisco Umbrella Rank: 34899 aimg.kwcdn.com — Cisco Umbrella Rank: 29582	620 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4470 www.google.com — Cisco Umbrella Rank: 2	761 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	157 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	232 B
2	google.no www.google.no — Cisco Umbrella Rank: 32548	562 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	150 KB
43	8

	Domain	Requested by
10	static.kwcdn.com	www.temu.com static.kwcdn.com
8	www.temu.com	static.kwcdn.com www.temu.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.thtk.temu.com	static.kwcdn.com
3	www.pftk.temu.com	static.kwcdn.com
2	www.facebook.com	www.temu.com
2	www.google.no	www.temu.com
2	region1.analytics.google.com	www.googletagmanager.com
2	us.matk.temu.com	static.kwcdn.com
2	www.googletagmanager.com	www.temu.com www.googletagmanager.com
2	locale.temu.com	static.kwcdn.com
1	www.google.com	www.temu.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	aimg.kwcdn.com	static.kwcdn.com
1	temu.com	1 redirects
43	16

This site contains no links.

Subject Issuer	Validity	Valid
*.temu.com Go Daddy Secure Certificate Authority - G2	`2022-08-14` - `2023-08-14`	a year	crt.sh
*.kwcdn.com Go Daddy Secure Certificate Authority - G2	`2022-08-10` - `2023-08-10`	a year	crt.sh
*.pftk.temu.com Go Daddy Secure Certificate Authority - G2	`2022-08-14` - `2023-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.thtk.temu.com Go Daddy Secure Certificate Authority - G2	`2022-08-14` - `2023-08-14`	a year	crt.sh
*.matk.temu.com Go Daddy Secure Certificate Authority - G2	`2022-08-14` - `2023-08-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.no GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg
Frame ID: 1E0839BF72BE56AAE4735E5053900F5A
Requests: 43 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FB44861EF0F2ABFD3A5A9D884148FFA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://temu.com/s/QALhmxuQLc1Nx1SD HTTP 302
https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

43
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

16
Subdomains

14
IPs

3
Countries

973 kB
Transfer

3881 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://temu.com/s/QALhmxuQLc1Nx1SD HTTP 302
https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ruby_free_goods.html Show response
www.temu.com/
Redirect Chain

https://temu.com/s/QALhmxuQLc1Nx1SD
https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=...

92 KB
36 KB

197ms
143ms

Document
text/html

20.83.139.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.83.139.214 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nginx /

Resource Hash

ecc95be14b0ff0094ba402202c85a262babc6fd34b36fa4463d0c30d0c36fd51

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cip: 178.255.148.172
content-encoding: gzip
content-language: en
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 06:50:55 GMT
expires: 0
pragma: no-cache
server: Nginx
strict-transport-security: max-age=2592000
surrogate-control: no-store
vary: Accept-Encoding iris-context-client-language User-Agent
x-accel-buffering: no
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-yak-request-id: 1675147855146-7f0271000591cf70e826318ebb98dc41

Redirect headers

cip: 178.255.148.172
content-length: 0
content-security-policy-report-only: default-src *.temu.com *.kwcdn.com *.pddpic.com wss://*.temu.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'; report-uri /api/sec-csp/c/sec-gif
content-type: text/html;charset=UTF-8
date: Tue, 31 Jan 2023 06:50:54 GMT
location: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg
server: Nginx
strict-transport-security: max-age=2592000
vary: User-Agent
x-yak-request-id: 1675147854945-21a7a27b61ff65086db1fb39c714c956

GET
H2 200 5775_fb2563a08e0a62de21f0.css
static.kwcdn.com/m-assets/assets/css/ 224 KB
16 KB 481ms
47ms Stylesheet
text/css 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/css/5775_fb2563a08e0a62de21f0.css

Requested by

Host: www.temu.com
URL: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d37f55e5e833a97360812caba0ca0921b34c55a66e2102ed8a9df4fc8fcd16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:55 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: 6j0ZWrtIxQn723zd0E3NNQ==
age: 52274
x-cip: 178.255.148.172
x-pos-request-id: bbaad249-701e-0054-178a-341ac3000000
last-modified: Mon, 30 Jan 2023 09:05:38 GMT
server: cloudflare
etag: W/"ea3d195abb48c509fbdb7cddd04dcd35"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 79208411fcb5b509-OSL

GET
H2 200 1030_1e91c1fb6b369d1be773.css
static.kwcdn.com/m-assets/assets/css/ 732 KB
77 KB 487ms
54ms Stylesheet
text/css 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/css/1030_1e91c1fb6b369d1be773.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

167a0157446a88f35839a41be11290e934d459019099699bb713e04f1ad1cbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:55 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: Zp9psNKVTz1rQHOx8bHMoA==
age: 52274
x-cip: 178.255.148.172
x-pos-request-id: 9dbeccce-301e-0090-648d-34328f000000
last-modified: Mon, 30 Jan 2023 09:26:38 GMT
server: cloudflare
etag: W/"669f69b0d2954f3d6b4073b1f1b1cca0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 79208411fcb7b509-OSL

GET
H2 200 vendors_172e30e81f7abb651c8c.js Show response
static.kwcdn.com/m-assets/assets/js/ 495 KB
153 KB 524ms
91ms Script
application/javascript 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/vendors_172e30e81f7abb651c8c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b68e725ee4461d15eaaff371c805c468b5550da903689373928d8e37d2360a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:55 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: r7R5DJNsgWDVIJdhRHiXZg==
age: 1517965
x-cip: 178.255.148.172
x-pos-request-id: a7ef5b8a-001e-009b-0215-271798000000
last-modified: Fri, 13 Jan 2023 06:11:35 GMT
server: cloudflare
etag: W/"afb4790c936c8160d520976144789766"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 79208411f9540afa-OSL

GET
H2 200 biz_vendors_d4a216fbd31a2ee1c4d0.js Show response
static.kwcdn.com/m-assets/assets/js/ 345 KB
98 KB 523ms
91ms Script
application/javascript 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/biz_vendors_d4a216fbd31a2ee1c4d0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe49cefc0d3e0ad6d7eb6767ef5078c265efea6038da62a0e89f4f9993f0283e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:55 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: +AuhLi3WZc86fMIZz3XqWg==
age: 53935
x-cip: 178.255.148.172
x-pos-request-id: 9f8136fe-801e-0083-23a4-34ffab000000
last-modified: Mon, 30 Jan 2023 12:09:02 GMT
server: cloudflare
etag: W/"f80ba12e2dd665cf3a7cc219cf75ea5a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 79208411f9550afa-OSL

GET
H2 200 2092_5735abe5ac63847d1f2a.js Show response
static.kwcdn.com/m-assets/assets/js/ 82 KB
22 KB 480ms
49ms Script
application/javascript 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/2092_5735abe5ac63847d1f2a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c800c0fc71b133a1b7ed179d5b98fb1068543c112c9d8857fe368d426bacdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:55 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: zn21JdX/FCvKDnGTfGqlsQ==
age: 1006538
x-cip: 178.255.148.172
x-pos-request-id: 63fc0e32-001e-00a7-3f23-2bc290000000
last-modified: Wed, 18 Jan 2023 09:52:39 GMT
server: cloudflare
etag: W/"ce7db525d5ff142bca0e71937c6aa5b1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 79208411f9560afa-OSL

GET
H2 200 1959_8df45199df0633ae7655.js Show response
static.kwcdn.com/m-assets/assets/js/ 127 KB
39 KB 488ms
56ms Script
application/javascript 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/1959_8df45199df0633ae7655.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7864772c937ee3f70a09d6529a32e22ce815d5e72f96be372e48f6a08984799c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:55 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: bzzXpVPnXftiD7xZusCcBQ==
age: 128317
x-cip: 178.255.148.172
x-pos-request-id: aeacc1b9-f01e-0070-11cc-3327f8000000
last-modified: Sun, 29 Jan 2023 09:58:25 GMT
server: cloudflare
etag: W/"6f3cd7a553e75dfb620fbc59bac09c05"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 79208411f9570afa-OSL

GET
H2 200 1030_1bea883818e463bf3271.js Show response
static.kwcdn.com/m-assets/assets/js/ 652 KB
151 KB 393ms
91ms Script
application/javascript 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/1030_1bea883818e463bf3271.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a054679239e597bc6831223d457f793e5250f4083221df0c5f7f01b0a5269f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:55 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: FxsjhAcsWQBAwE7DNWNK6Q==
age: 52274
x-cip: 178.255.148.172
x-pos-request-id: b1615ebd-d01e-000a-4a9f-34dbed000000
last-modified: Mon, 30 Jan 2023 09:34:57 GMT
server: cloudflare
etag: W/"171b2384072c590040c04ec335634ae9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 79208411f9590afa-OSL

GET
H2 200 ruby_free_goods_f136786e8dd81dcb67b2.js Show response
static.kwcdn.com/m-assets/assets/js/ 25 KB
9 KB 347ms
46ms Script
application/javascript 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/ruby_free_goods_f136786e8dd81dcb67b2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fecb16095bae8132c16ea06b86564d89ea489561c797fd314fcf5e3a5dd66ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:55 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: BjIm7/8MVzTby34sgorN9Q==
age: 52274
x-cip: 178.255.148.172
x-pos-request-id: b1615e9e-d01e-000a-2f9f-34dbed000000
last-modified: Mon, 30 Jan 2023 09:34:54 GMT
server: cloudflare
etag: W/"063226efff0c5734dbcb7e2c828acdf5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 79208411f9580afa-OSL

GET
H2 200 5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 18 KB
18 KB 93ms
48ms Image
image/png 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/5ea8a749-5879-4749-8a81-0e69cd361303.png.slim.png

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/css/1030_1e91c1fb6b369d1be773.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41f753cb40c792a19a625a2434f7ded86b43376ce1813ef3bf056a7f52c6157c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://static.kwcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:55 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 4572763
x-cip: 178.255.148.172
request-id: 80d484941c11447ed478757d3bffb391
content-length: 18595
last-modified: Fri, 09 Dec 2022 05:54:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 792084130d89b509-OSL

GET
H2 200 tz_determine_494b3fe554d635f57c82.js Show response
static.kwcdn.com/m-assets/assets/js/ 12 KB
4 KB 160ms
159ms Script
application/javascript 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/tz_determine_494b3fe554d635f57c82.js

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/ruby_free_goods_f136786e8dd81dcb67b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203150dd6d28dd8d666348ba36bbb241424cba6895eafcc7c5a673aa7f16a024

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: OFjvLaJ//sk7y8BNcCmUkw==
x-cip: 178.255.148.172
x-pos-request-id: 7c86edaa-101e-0092-08c4-26648b000000
last-modified: Thu, 12 Jan 2023 12:52:21 GMT
server: cloudflare
etag: W/"3858ef2da27ffec93bcbc04d70299493"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 792084143e94b509-OSL

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3882201d0d5580ea687ef0a63eeb9ad94f1d32c7ca0661e75deab3daa1628161

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 _stm Show response
www.temu.com/api/server/ 30 B
183 B 134ms
134ms XHR
application/json 20.83.139.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.temu.com/api/server/_stm
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_172e30e81f7abb651c8c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.83.139.214 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Nginx /
Resource Hash: bc4b81fe56933c069a6ee1acef00a784e7ef54ad5f85fefebf424217524b237c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
cache-control: no-cache, no-store
content-encoding: gzip
server: Nginx
cip: 178.255.148.172
vary: Accept-Encoding
content-type: application/json

GET
H2 200 risk-finger-h5_d892d4151817fb7dd185.js Show response
static.kwcdn.com/m-assets/assets/js/ 93 KB
33 KB 48ms
48ms Script
application/javascript 104.18.29.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/risk-finger-h5_d892d4151817fb7dd185.js

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/ruby_free_goods_f136786e8dd81dcb67b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22c17bccf3402168b3555e22ceecbff4abc0ec60109e8a4f78c6535fa90816a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
coloid: 83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: QrBR33U4IAx4sfZbVSgaBA==
age: 1896910
x-cip: 178.255.148.172
x-pos-request-id: e95738f9-501e-0012-06f0-2333de000000
last-modified: Mon, 09 Jan 2023 06:06:41 GMT
server: cloudflare
etag: W/"42b051df7538200c78b1f65b55281a04"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 792084144ea6b509-OSL

GET
H2 200 _stm Show response
www.temu.com/api/server/ 30 B
183 B 133ms
133ms XHR
application/json 20.83.139.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.temu.com/api/server/_stm
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_172e30e81f7abb651c8c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.83.139.214 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Nginx /
Resource Hash: abe67fc8f3cd0be6266a52382505699fc16387d0f8051ec451cc4c7dc3758080

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
cache-control: no-cache, no-store
content-encoding: gzip
server: Nginx
cip: 178.255.148.172
vary: Accept-Encoding
content-type: application/json

POST
H2 200 locate Show response
locale.temu.com/api/bg/huygens/region/ 642 B
839 B 136ms
135ms XHR
application/json 20.83.139.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://locale.temu.com/api/bg/huygens/region/locate

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_172e30e81f7abb651c8c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.83.139.214 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nginx /

Resource Hash

0fbec672e9c03a124de3a8a63b90f522f79e723310bf1a11ff184a122a6376cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.temu.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Nginx
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
x-yak-request-id: 1675147856527-8b008f18cc4cf47d38a05fcb3f4c1288
access-control-allow-origin: https://www.temu.com
yak-timeinfo: 1675147856527|1
access-control-allow-credentials: true
cip: 178.255.148.172
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content

OPTIONS
H2 200 locate
locale.temu.com/api/bg/huygens/region/ Frame 0
0 431ms
133ms Preflight
application/octet-stream 20.83.139.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://locale.temu.com/api/bg/huygens/region/locate

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.83.139.214 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.temu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin: https://www.temu.com
cip: 178.255.148.172
content-encoding: gzip
content-type: application/octet-stream
date: Tue, 31 Jan 2023 06:50:56 GMT
server: Nginx
strict-transport-security: max-age=2592000
vary: Accept-Encoding Origin
x-yak-request-id: 1675147856391-d6054894e3bbbbeec2e6234e07f834bf
yak-timeinfo: 1675147856391|0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949246448d04be1589d864b07b5858c2d38b8d1a34c7f4bbc796b34ab49c540f

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 a3 Show response
www.temu.com/api/phantom/xg/pfb/ 65 B
401 B 135ms
135ms XHR
application/json 20.83.139.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/phantom/xg/pfb/a3

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_172e30e81f7abb651c8c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.83.139.214 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nginx /

Resource Hash

cf7b2f8657bff12b5f8bc9c183ef9c96c1cd6533f27fba4cc5843f7a51eecfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Nginx
vary: Accept-Encoding
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
content-type: application/json;charset=UTF-8
x-yak-request-id: 1675147856160-133635a39324b619aa7d197f4f695226
yak-timeinfo: 1675147856160|1
cip: 178.255.148.172

POST
H2 200 a4 Show response
www.temu.com/api/phantom/xg/pfb/ 176 B
1 KB 157ms
156ms XHR
application/json 20.83.139.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/phantom/xg/pfb/a4

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_172e30e81f7abb651c8c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.83.139.214 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nginx /

Resource Hash

2a6195ed153f9188a25b9a2a2b2deb8322157008185c12eb74cd05ed07b54df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Nginx
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
x-yak-request-id: 1675147856207-10da66031c329c6223d00ec9e8c38f91
access-control-allow-origin: https://www.temu.com
yak-timeinfo: 1675147856207|19
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
access-control-allow-credentials: true
cip: 178.255.148.172
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content

GET
H2 200 l1 Show response
www.temu.com/api/phantom/xg/pfb/ 114 B
440 B 137ms
137ms XHR
application/json 20.83.139.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/phantom/xg/pfb/l1

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_172e30e81f7abb651c8c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.83.139.214 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nginx /

Resource Hash

3e1bb342c7ecf58b5d350767875b6370a0686f42a5f9f73a2734110075ab3fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Nginx
vary: Accept-Encoding
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
content-type: application/json;charset=UTF-8
x-yak-request-id: 1675147856207-34f0bbd2ed863b615b08a751381364e8
yak-timeinfo: 1675147856207|1
cip: 178.255.148.172

POST
H2 200 api Show response
www.pftk.temu.com/pmm/api/pmm/ 0
328 B 445ms
133ms XHR
application/octet-stream 20.185.14.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pftk.temu.com/pmm/api/pmm/api
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_d4a216fbd31a2ee1c4d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.185.14.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.temu.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 31 Jan 2023 06:50:55 GMT

POST
H2 200 api Show response
www.pftk.temu.com/pmm/api/pmm/ 0
327 B 443ms
134ms XHR
application/octet-stream 20.185.14.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pftk.temu.com/pmm/api/pmm/api
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_d4a216fbd31a2ee1c4d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.185.14.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.temu.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 31 Jan 2023 06:50:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
71 KB 546ms
87ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSR6SG3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

37b499fab6a6d489599ff6920e0a6bf7e7cd186409a872f72ba2d692527d3093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72751
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Jan 2023 06:50:56 GMT

POST
H2 200 th.gif
www.thtk.temu.com/c/ 0
318 B 449ms
136ms Ping
image/gif 20.231.235.230
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thtk.temu.com/c/th.gif
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_d4a216fbd31a2ee1c4d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.235.230 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.temu.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 31 Jan 2023 06:50:55 GMT

POST
H2 200 th.gif
www.thtk.temu.com/c/ 0
319 B 437ms
136ms Ping
image/gif 20.231.235.230
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thtk.temu.com/c/th.gif
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_d4a216fbd31a2ee1c4d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.235.230 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.temu.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 31 Jan 2023 06:50:55 GMT

POST
H2 200 th.gif
www.thtk.temu.com/c/ 0
318 B 436ms
137ms Ping
image/gif 20.231.235.230
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thtk.temu.com/c/th.gif
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_d4a216fbd31a2ee1c4d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.235.230 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.temu.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 31 Jan 2023 06:50:55 GMT

POST
H2 200 api Show response
www.pftk.temu.com/pmm/api/pmm/ 0
327 B 134ms
130ms XHR
application/octet-stream 20.185.14.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pftk.temu.com/pmm/api/pmm/api
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_d4a216fbd31a2ee1c4d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.185.14.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.temu.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 31 Jan 2023 06:50:55 GMT

POST
H2 200 wtm
us.matk.temu.com/web/ 0
141 B 1139ms
544ms Ping
application/octet-stream 13.107.237.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://us.matk.temu.com/web/wtm
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_d4a216fbd31a2ee1c4d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.237.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.temu.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 06:50:57 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.temu.com
x-cache: CONFIG_NOCACHE
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
access-control-allow-credentials: true
x-azure-ref: 0UbrYYwAAAAD/EeqL7h8OQpz+uxmdMQm5Q1BIMzBFREdFMDQxMwBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
content-length: 0
expires: Tue, 31 Jan 2023 06:50:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 514ms
64ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSR6SG3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Jan 2023 06:50:57 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: a+swlOPgaNHsxyLzmTs5Z8FioyLkvzxE55gMc7Yce23joDhXYQ8RAUuDxBfmOcbz7gMRu4uKxTddCDiJfQQKVA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/ 3 KB
2 KB 605ms
111ms Script
text/javascript 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10974797857/?random=1675147856929&cv=11&fst=1675147856929&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26h5_turntable%3D0%26fg_copy_board_tip%3D1%26outside_pool_type%3D1%26button_add_finger%3D1%26download_show_reviews%3D0%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099513303635%26h5_simplify_version%3D1%26gs_comp_type%3D8%26gs_comp_nickname%3DMi***bi%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1675226374%26needs_log&tiba=Get%20Free%20Gifts&auid=1902340138.1675147857&uamb=0&uaw=0&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSR6SG3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

7a4bcb6da32aee5b76b56f990400c20a07d58abd741298811e0e1e49f82943ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1199
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 228 KB
78 KB 89ms
89ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-R8YHFZCMMX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSR6SG3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d4547c48a0b5508e2e870bf4b1a2237ab16728e4fc2a277f0b5c8255d329c79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:50:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Jan 2023 06:50:56 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 476ms
54ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX&gtm=2oe1p0&_p=782839157&_gaz=1&cid=384757438.1675147857&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675147857&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26h5_turntable%3D0%26fg_copy_board_tip%3D1%26outside_pool_type%3D1%26button_add_finger%3D1%26download_show_reviews%3D0%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099513303635%26h5_simplify_version%3D1%26gs_comp_type%3D8%26gs_comp_nickname%3DMi***bi%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1675226374%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dfree_goods_invite%26_x_campaign%3Dmkt_activity%26_x_share_id%3DthAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS%26_x_cid%3Dmkt_activity_goods%26refer_share_id%3DxhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC%26group_sn%3D230131-AB54A2F59CDCAC0F0191%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D61912257%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg&dt=Get%20Free%20Gifts&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-R8YHFZCMMX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:50:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.temu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 513ms
65ms Ping
text/plain 66.102.1.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R8YHFZCMMX&cid=384757438.1675147857&gtm=2oe1p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-R8YHFZCMMX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.102.1.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wb-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:50:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.temu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 sec-gif
www.temu.com/api/sec-csp/c/ 0
515 B 136ms
135ms Other
text/plain 20.83.139.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/sec-csp/c/sec-gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.83.139.214 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 31 Jan 2023 06:50:57 GMT
strict-transport-security: max-age=2592000
server: Nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
x-yak-request-id: 1675147857184-78b6383328c4159d78f164bccfa5b919
access-control-allow-origin: https://www.temu.com
yak-timeinfo: 1675147857184|1
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
access-control-allow-credentials: true
cip: 178.255.148.172
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
content-length: 0

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
107 B 599ms
106ms Image
image/gif 142.251.39.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=384757438.1675147857&gtm=2oe1p0&aip=1&z=46910069

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:50:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wtm
us.matk.temu.com/web/ 0
480 B 884ms
493ms Ping
application/octet-stream 13.107.237.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://us.matk.temu.com/web/wtm
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_d4a216fbd31a2ee1c4d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.237.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.temu.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 06:50:57 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.temu.com
x-cache: CONFIG_NOCACHE
cache-control: no-cache,private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
access-control-allow-credentials: true
x-azure-ref: 0UbrYYwAAAABvRXZr8nHtRoMnhAmG9g3IQ1BIMzBFREdFMDQxMwBhMDc1YzM2Zi1iMDVjLTQ3NDktYjMyNS1iMWJmNmJlNzVjODM=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken
content-length: 0
expires: Tue, 31 Jan 2023 06:50:56 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 63ms
62ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Jan 2023 06:50:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Cs68qz6ExoiLBRmA6adGrw9Ju9v26Yqa8p2Y1GC3F7V68ZgDvvOgG63KFWYaEaQZfq6S5Thq7L+MM1P+CzLvvQ==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1117165839153461 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 87ms
86ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1117165839153461?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

75080fded3488589e093a3275551cc7709007c7c5595f85598d6abbe9ec5be7a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Jan 2023 06:50:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110372
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NojDKnXPhpdnJB+DvFrdRQUM62H/8KQEXRpc/LpE9fCaln04Rj1nF2zajqyNzCCs6pAtpxE+58Ujk5tXiTpD0Q==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10974797857/ 42 B
455 B 588ms
105ms Image
image/gif 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10974797857/?random=1675147856929&cv=11&fst=1675144800000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26h5_turntable%3D0%26fg_copy_board_tip%3D1%26outside_pool_type%3D1%26button_add_finger%3D1%26download_show_reviews%3D0%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099513303635%26h5_simplify_version%3D1%26gs_comp_type%3D8%26gs_comp_nickname%3DMi***bi%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1675226374%26needs_log&tiba=Get%20Free%20Gifts&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3560168418&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 sec-gif
www.temu.com/api/sec-csp/c/ 0
514 B 136ms
135ms Other
text/plain 20.83.139.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/sec-csp/c/sec-gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.83.139.214 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi***bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 31 Jan 2023 06:50:57 GMT
strict-transport-security: max-age=2592000
server: Nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
x-yak-request-id: 1675147857631-e24387341b81fe0931dfc40f44dc4b87
access-control-allow-origin: https://www.temu.com
yak-timeinfo: 1675147857631|2
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/c-api/sec-gif
access-control-allow-credentials: true
cip: 178.255.148.172
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
content-length: 0

GET
H2 200 /
www.google.no/pagead/1p-user-list/10974797857/ 42 B
455 B 151ms
105ms Image
image/gif 142.251.39.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/pagead/1p-user-list/10974797857/?random=1675147856929&cv=11&fst=1675144800000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26h5_turntable%3D0%26fg_copy_board_tip%3D1%26outside_pool_type%3D1%26button_add_finger%3D1%26download_show_reviews%3D0%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099513303635%26h5_simplify_version%3D1%26gs_comp_type%3D8%26gs_comp_nickname%3DMi***bi%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1675226374%26needs_log&tiba=Get%20Free%20Gifts&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3560168418&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:50:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 508ms
65ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1117165839153461&ev=PageView&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26h5_turntable%3D0%26fg_copy_board_tip%3D1%26outside_pool_type%3D1%26button_add_finger%3D1%26download_show_reviews%3D0%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099513303635%26h5_simplify_version%3D1%26gs_comp_type%3D8%26gs_comp_nickname%3DMi***bi%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1675226374%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dfree_goods_invite%26_x_campaign%3Dmkt_activity%26_x_share_id%3DthAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS%26_x_cid%3Dmkt_activity_goods%26refer_share_id%3DxhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC%26group_sn%3D230131-AB54A2F59CDCAC0F0191%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D61912257%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg&rl=&if=false&ts=1675147857770&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1675147857769.1180727300&it=1675147857556&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.temu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Jan 2023 06:50:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 / Show response
www.facebook.com/tr/ Frame FB44 0
47 B 63ms
62ms Document
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.temu.com
Referer: https://www.temu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.temu.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:50:58 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 55ms
55ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R8YHFZCMMX&gtm=2oe1p0&_p=782839157&cid=384757438.1675147857&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1675147857&sct=1&seg=0&dl=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26h5_turntable%3D0%26fg_copy_board_tip%3D1%26outside_pool_type%3D1%26button_add_finger%3D1%26download_show_reviews%3D0%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099513303635%26h5_simplify_version%3D1%26gs_comp_type%3D8%26gs_comp_nickname%3DMi***bi%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1675226374%26needs_login%3D1%26login_scene%3D7%26_p_login_channel%3Dactivity%26_x_sid%3Dfree_goods_invite%26_x_campaign%3Dmkt_activity%26_x_share_id%3DthAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS%26_x_cid%3Dmkt_activity_goods%26refer_share_id%3DxhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR%26refer_share_channel%3Dcopy_link%26refer_share_suin%3DBDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC%26group_sn%3D230131-AB54A2F59CDCAC0F0191%26_ex_campaign%3Dmkt_activity%26_ex_cid%3Dmkt_activity_goods%26_ex_sid%3Dfree_goods_invite%26gs_invite_code%3D61912257%26gs_og_title%3DCan%2520you%2520accept%2520my%2520invitation%2520so%2520that%2520I%2520can%2520get%2520a%2520free%2520gift%253F%26gs_og_description%3DClick%2520the%2520link%2520now%2520and%2520participate%2520in%2520this%2520event.%26gs_og_image%3Dhttps%253A%252F%252Faimg.kwcdn.com%252Fupload_aimg%252Fdawn%252Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg&dt=Get%20Free%20Gifts&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-R8YHFZCMMX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.temu.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:51:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.temu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
temu.com/	1970-01-20 10:02:19	Name: region Value: 211
temu.com/	1970-01-20 10:02:19	Name: language Value: en
temu.com/	1970-01-20 10:02:19	Name: currency Value: USD
.temu.com/	1970-01-20 18:55:07	Name: api_uid Value: Cmy1OGPYuk6cWQBiISDYAg==
www.temu.com/	1970-01-20 10:02:19	Name: region Value: 211
www.temu.com/	1970-01-20 10:02:19	Name: language Value: en
www.temu.com/	1970-01-20 10:02:19	Name: currency Value: USD
www.temu.com/	1970-01-20 18:55:07	Name: _nano_fp Value: XpE8npgYnqCynpXbn9_D1iU7L~QJCxQR1pBIkbOu
www.temu.com/	1970-01-20 10:02:19	Name: webp Value: 1
www.temu.com/	1970-01-20 10:02:19	Name: timezone Value: UTC
.temu.com/	1970-01-20 18:04:43	Name: _bee Value: h4rqv6KL0PFmdV4ufDAvivd4DmsuUap3
.temu.com/	1970-01-20 18:04:43	Name: njrpl Value: h4rqv6KL0PFmdV4ufDAvivd4DmsuUap3
.temu.com/	1970-01-20 18:04:43	Name: dilx Value: MJ6Bl7dteoC9KvPdu9v3I
www.temu.com/	1970-01-20 09:20:34	Name: shipping_city Value: 211
.temu.com/	1970-01-20 11:28:43	Name: _gcl_au Value: 1.1.1902340138.1675147857
www.temu.com/	1969-12-31 23:59:59	Name: gtm_logger_session Value: odhsy2zzbeqoej1jpex4w
.temu.com/	1970-01-20 18:55:07	Name: _ga_R8YHFZCMMX Value: GS1.1.1675147857.1.0.1675147857.60.0.0
.temu.com/	1970-01-20 18:55:07	Name: _ga Value: GA1.1.384757438.1675147857
.doubleclick.net/	1970-01-20 09:19:08	Name: test_cookie Value: CheckForPermission
.temu.com/	1970-01-20 11:28:43	Name: _fbp Value: fb.1.1675147857769.1180727300

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi*bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg Message*: [Report Only] Refused to load the image 'https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8YHFZCMMX&cid=384757438.1675147857&gtm=2oe1p0&aip=1&z=46910069' because it violates the following Content Security Policy directive: "default-src .temu.com .kwcdn.com .pddpic.com wss://.temu.com .googleapis.com .gstatic.com .googletagmanager.com .google-analytics.com .analytics.google.com .doubleclick.net .google.com .googlesyndication.com .googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net .cash.app .forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.temu.com/ruby_free_goods.html?_bg_fs=1&_p_rfs=1&gs_code_way=3&h5_turntable=0&fg_copy_board_tip=1&outside_pool_type=1&button_add_finger=1&download_show_reviews=0&download_page_threshold=2&progress_gray=1&landing_page_goods_id=601099513303635&h5_simplify_version=1&gs_comp_type=8&gs_comp_nickname=Mi*bi&gs_comp_avatar=https%3A%2F%2Favatar-us.kwcdn.com%2Favatar%2Fb%2FMjEx%2FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%3FimageMogr2%2Fthumbnail%2F100x&gs_comp_expired=1675226374&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=free_goods_invite&_x_campaign=mkt_activity&_x_share_id=thAKCOSrZQPOOkFxu0jLZ1gXdV0ul4sS&_x_cid=mkt_activity_goods&refer_share_id=xhS4msSoOxYdzYjrJbg1Dkiy02CSAeWR&refer_share_channel=copy_link&refer_share_suin=BDYZO6WQO4R6THRQGAZ4EZWRJAQ7ADKFTUAD6HEN3NSJC&group_sn=230131-AB54A2F59CDCAC0F0191&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_goods&_ex_sid=free_goods_invite&gs_invite_code=61912257&gs_og_title=Can%20you%20accept%20my%20invitation%20so%20that%20I%20can%20get%20a%20free%20gift%3F&gs_og_description=Click%20the%20link%20now%20and%20participate%20in%20this%20event.&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2Fab83be6b-a436-4b76-b3a9-2669cc2294a0.jpg.slim.jpeg Message: [Report Only] Refused to load the image 'https://www.google.no/pagead/1p-user-list/10974797857/?random=1675147856929&cv=11&fst=1675144800000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.temu.com%2Fruby_free_goods.html%3F_bg_fs%3D1%26_p_rfs%3D1%26gs_code_way%3D3%26h5_turntable%3D0%26fg_copy_board_tip%3D1%26outside_pool_type%3D1%26button_add_finger%3D1%26download_show_reviews%3D0%26download_page_threshold%3D2%26progress_gray%3D1%26landing_page_goods_id%3D601099513303635%26h5_simplify_version%3D1%26gs_comp_type%3D8%26gs_comp_nickname%3DMibi%26gs_comp_avatar%3Dhttps%253A%252F%252Favatar-us.kwcdn.com%252Favatar%252Fb%252FMjEx%252FCgI2WRIITFY5bFRzOUQaENDDo0w-4jPr2gs9ZjJorbcwAg-1675017565%253FimageMogr2%252Fthumbnail%252F100x%26gs_comp_expired%3D1675226374%26needs_log&tiba=Get%20Free%20Gifts&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3560168418&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "default-src .temu.com .kwcdn.com .pddpic.com wss://.temu.com .googleapis.com .gstatic.com .googletagmanager.com .google-analytics.com .analytics.google.com .doubleclick.net .google.com .googlesyndication.com .googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.co.in www.google.co.jp www.google.co.id www.google.co.kr connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net .cash.app .forter.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-eval'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aimg.kwcdn.com
connect.facebook.net
googleads.g.doubleclick.net
locale.temu.com
region1.analytics.google.com
static.kwcdn.com
stats.g.doubleclick.net
temu.com
us.matk.temu.com
www.facebook.com
www.google.com
www.google.no
www.googletagmanager.com
www.pftk.temu.com
www.temu.com
www.thtk.temu.com
104.18.29.69
13.107.237.44
142.250.180.228
142.250.186.168
142.251.208.130
142.251.39.35
157.240.253.1
157.240.253.35
20.185.14.73
20.231.235.230
20.83.139.214
216.239.34.36
66.102.1.157
0d37f55e5e833a97360812caba0ca0921b34c55a66e2102ed8a9df4fc8fcd16d
0fbec672e9c03a124de3a8a63b90f522f79e723310bf1a11ff184a122a6376cd
167a0157446a88f35839a41be11290e934d459019099699bb713e04f1ad1cbb7
203150dd6d28dd8d666348ba36bbb241424cba6895eafcc7c5a673aa7f16a024
22c17bccf3402168b3555e22ceecbff4abc0ec60109e8a4f78c6535fa90816a9
2a6195ed153f9188a25b9a2a2b2deb8322157008185c12eb74cd05ed07b54df4
37b499fab6a6d489599ff6920e0a6bf7e7cd186409a872f72ba2d692527d3093
3882201d0d5580ea687ef0a63eeb9ad94f1d32c7ca0661e75deab3daa1628161
3e1bb342c7ecf58b5d350767875b6370a0686f42a5f9f73a2734110075ab3fb8
41f753cb40c792a19a625a2434f7ded86b43376ce1813ef3bf056a7f52c6157c
75080fded3488589e093a3275551cc7709007c7c5595f85598d6abbe9ec5be7a
7864772c937ee3f70a09d6529a32e22ce815d5e72f96be372e48f6a08984799c
7a4bcb6da32aee5b76b56f990400c20a07d58abd741298811e0e1e49f82943ef
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
949246448d04be1589d864b07b5858c2d38b8d1a34c7f4bbc796b34ab49c540f
9c800c0fc71b133a1b7ed179d5b98fb1068543c112c9d8857fe368d426bacdc3
a054679239e597bc6831223d457f793e5250f4083221df0c5f7f01b0a5269f7c
abe67fc8f3cd0be6266a52382505699fc16387d0f8051ec451cc4c7dc3758080
b68e725ee4461d15eaaff371c805c468b5550da903689373928d8e37d2360a96
bc4b81fe56933c069a6ee1acef00a784e7ef54ad5f85fefebf424217524b237c
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
cf7b2f8657bff12b5f8bc9c183ef9c96c1cd6533f27fba4cc5843f7a51eecfd4
d4547c48a0b5508e2e870bf4b1a2237ab16728e4fc2a277f0b5c8255d329c79b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc95be14b0ff0094ba402202c85a262babc6fd34b36fa4463d0c30d0c36fd51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe49cefc0d3e0ad6d7eb6767ef5078c265efea6038da62a0e89f4f9993f0283e
fecb16095bae8132c16ea06b86564d89ea489561c797fd314fcf5e3a5dd66ef0

www.temu.com Open in urlscan Pro 20.83.139.214

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

0 %IPv6

8 Domains

16 Subdomains

14 IPs

3 Countries

973 kBTransfer

3881 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.temu.com
20.83.139.214

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

16
Subdomains

14
IPs

3
Countries

973 kB
Transfer

3881 kB
Size

20
Cookies

43 HTTP transactions
2 data transactions