www.temu.com Open in urlscan Pro
20.105.12.146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://temu.com/u/e1nfP6KufQgEmNR
Effective URL:
https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWW...
Submission: On March 26 via manual (March 26th 2024, 2:37:07 pm UTC) from MA — Scanned from DE

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 2 domains to perform 45 HTTP transactions. The main IP is 20.105.12.146, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.temu.com. The Cisco Umbrella rank of the primary domain is 7381.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 13th 2023. Valid for: a year.

This is the only time www.temu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	20.15.0.25 20.15.0.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 10	20.105.12.146 20.105.12.146	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
20	2606:4700::68... 2606:4700::6812:b84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	4.207.234.37 4.207.234.37	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	104.18.11.132 104.18.11.132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	20.166.157.163 20.166.157.163	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
45	6

1 20.15.0.25 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 20.105.12.146 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700::6812:b84 (United States)

ASN13335 (CLOUDFLARENET, US)

static.kwcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aimg.kwcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 4.207.234.37 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eu.pftk.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.11.132 (None, )

ASN13335 (CLOUDFLARENET, US)

aimg.kwcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.kwcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 20.166.157.163 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eu.thtk.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	kwcdn.com static.kwcdn.com — Cisco Umbrella Rank: 12904 aimg.kwcdn.com — Cisco Umbrella Rank: 6294	1017 KB
23	temu.com 2 redirects temu.com — Cisco Umbrella Rank: 2950 www.temu.com — Cisco Umbrella Rank: 7381 eu.pftk.temu.com — Cisco Umbrella Rank: 10992 eu.thtk.temu.com — Cisco Umbrella Rank: 11147	122 KB
45	2

	Domain	Requested by
13	aimg.kwcdn.com	static.kwcdn.com www.temu.com
11	static.kwcdn.com	www.temu.com static.kwcdn.com
10	www.temu.com	1 redirects static.kwcdn.com
7	eu.thtk.temu.com	static.kwcdn.com
5	eu.pftk.temu.com	www.temu.com static.kwcdn.com
1	temu.com	1 redirects
45	6

This site contains no links.

Subject Issuer	Validity	Valid
*.temu.com Go Daddy Secure Certificate Authority - G2	`2023-07-13` - `2024-08-13`	a year	crt.sh
*.kwcdn.com Go Daddy Secure Certificate Authority - G2	`2023-07-09` - `2024-08-09`	a year	crt.sh
*.pftk.temu.com Go Daddy Secure Certificate Authority - G2	`2023-07-13` - `2024-08-13`	a year	crt.sh
*.thtk.temu.com Go Daddy Secure Certificate Authority - G2	`2023-07-13` - `2024-08-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
Frame ID: 91C703B4E349C520751FA3C309B757E8
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Farmland

Page URL History Show full URLs

https://temu.com/u/e1nfP6KufQgEmNR HTTP 301
https://www.temu.com/u/e1nfP6KufQgEmNR HTTP 302
https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWIS... Page URL

Page Statistics

45
Requests

100 %
HTTPS

17 %
IPv6

2
Domains

6
Subdomains

6
IPs

3
Countries

1137 kB
Transfer

3193 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://temu.com/u/e1nfP6KufQgEmNR HTTP 301
https://www.temu.com/u/e1nfP6KufQgEmNR HTTP 302
https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request niffler_farm.html Show response
www.temu.com/
Redirect Chain

https://temu.com/u/e1nfP6KufQgEmNR
https://www.temu.com/u/e1nfP6KufQgEmNR
https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_r...

286 KB
95 KB

39ms
39ms

Document
text/html

20.105.12.146
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.105.12.146 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

775cba03a4ae5af08b3d825d780f0276c961996b2293c185675290ec8aa804e4

Security Headers

Name	Value
Content-Security-Policy	default-src temu: .temu.com .kwcdn.com wss://.temu.com .paypal.com .googleapis.com .gstatic.com .googletagmanager.com .google-analytics.com .analytics.google.com .doubleclick.net .google.com .googlesyndication.com .googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net .cash.app .forter.com www.paypalobjects.com .braintree-api.com .braintreegateway.com cash-f.squarecdn.com api.squareup.com api.lab.amplitude.com .paidy.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-unsafe-eval'; report-uri /api/sec-csp/110000006/enforce
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cip: 81.95.5.37
content-encoding: br
content-language: en
content-security-policy: default-src temu: *.temu.com *.kwcdn.com wss://*.temu.com *.paypal.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com www.paypalobjects.com *.braintree-api.com *.braintreegateway.com cash-f.squarecdn.com api.squareup.com api.lab.amplitude.com *.paidy.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-unsafe-eval'; report-uri /api/sec-csp/110000006/enforce
content-security-policy-report-only: default-src temu: *.temu.com *.kwcdn.com wss://*.temu.com *.paypal.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com www.paypalobjects.com *.braintree-api.com *.braintreegateway.com cash-f.squarecdn.com api.squareup.com api.lab.amplitude.com *.paidy.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-unsafe-eval'; report-uri /api/sec-csp/110000006/report
content-type: text/html; charset=UTF-8
date: Tue, 26 Mar 2024 14:37:02 GMT
expires: 0
pragma: no-cache
server: nginx
strict-transport-security: max-age=2592000
surrogate-control: no-store
vary: Accept-Encoding User-Agent
x-accel-buffering: no
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-yak-request-id: 1711463822429-de899b6a0e6eb79dbcb0da4e03640547

Redirect headers

cip: 81.95.5.37
content-length: 0
content-security-policy-report-only: default-src temu: *.temu.com *.kwcdn.com wss://*.temu.com *.paypal.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com www.paypalobjects.com *.braintree-api.com *.braintreegateway.com cash-f.squarecdn.com api.squareup.com api.lab.amplitude.com *.paidy.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-unsafe-eval'; report-uri /api/sec-csp/110000006/report
content-type: text/html;charset=UTF-8
date: Tue, 26 Mar 2024 14:37:02 GMT
location: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
server: nginx
strict-transport-security: max-age=2592000
vary: User-Agent
x-frame-options: SAMEORIGIN
x-yak-request-id: 1711463822385-8dee1a71a323342525446a4a49f7cf7f

GET
H2 200 biz_vendors-e73ce2861ca25c7e0817.css
static.kwcdn.com/m-assets/assets/css/ 64 KB
16 KB 131ms
33ms Stylesheet
text/css 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/css/biz_vendors-e73ce2861ca25c7e0817.css

Requested by

Host: www.temu.com
URL: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

982bd2b572e365a8002ef2c92bb73a4ca7d710b096f70814607ae42800378736

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 471
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: d/M9Swohm8AVGkBCycyKcQ==
age: 213363
x-cip: 2a01:4a0:2b::6
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 24 Mar 2024 02:41:30 GMT
server: cloudflare
etag: W/"0x8DC4BABE97A7685"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05b2cd41da2-FRA

GET
H2 200 niffler_farm-7a9cd794c7333d3c9260.css
static.kwcdn.com/m-assets/assets/css/ 390 KB
52 KB 135ms
37ms Stylesheet
text/css 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/css/niffler_farm-7a9cd794c7333d3c9260.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17c090d68b58c2a85ad06b57d52dafe3646d18257a23ec0e97755365523aed68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 471
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: hCteCcEInfFJMlJvWXPCCw==
age: 213381
x-cip: 2a01:4a0:2b::6
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 08:35:02 GMT
server: cloudflare
etag: W/"0x8DC4981CD3707D1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05b2cd01da2-FRA

POST
H2 200 defined Show response
eu.pftk.temu.com/pmm/api/pmm/ 0
328 B 133ms
37ms XHR
application/octet-stream 4.207.234.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.pftk.temu.com/pmm/api/pmm/defined
Requested by: Host: www.temu.com
URL: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.207.234.37 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

GET
H2 200 784b7aa9-f6ba-48f7-bbd4-05f6a4dd2a4d.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 81 KB
81 KB 112ms
25ms Image
image/png 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/784b7aa9-f6ba-48f7-bbd4-05f6a4dd2a4d.png.slim.png

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/css/niffler_farm-7a9cd794c7333d3c9260.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8646c3a5944f23a772adfddba145e5f852379b76a35ebdd1157f7710b707637c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.kwcdn.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 472
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 1106614
x-cip: 2a01:4a0:2b::6
request-id: d070dcfe0fbc83f1a6dc46edf8685b12
alt-svc: h3=":443"; ma=86400
content-length: 82779
last-modified: Mon, 26 Feb 2024 00:03:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86a7e05c2b129bd6-FRA

GET
H2 200 5c0d1d4a-cd03-4b3b-8b17-96707261e413.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 78 KB
78 KB 119ms
32ms Image
image/png 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/5c0d1d4a-cd03-4b3b-8b17-96707261e413.png.slim.png

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/css/niffler_farm-7a9cd794c7333d3c9260.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1924062b211ef8a98883e6c75e158c7db3d2f4777483667e6f12b16d75f82532

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.kwcdn.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 472
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 1118784
x-cip: 2a01:4a0:2b::6
request-id: a2c07e31ab04a81f9495aaa2de5ca251
alt-svc: h3=":443"; ma=86400
content-length: 79868
x-avi-image-cache: hit
last-modified: Tue, 20 Feb 2024 09:34:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86a7e05c2b159bd6-FRA

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 2edc8d0c-68cc-484c-8452-566d3a072d6f.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 2 KB
2 KB 109ms
22ms Image
image/png 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/2edc8d0c-68cc-484c-8452-566d3a072d6f.png.slim.png

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/css/niffler_farm-7a9cd794c7333d3c9260.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef4e1a2d1239816b54c3adf19b486d27d77f12631d2c44c490c1fe417adf62c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.kwcdn.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 472
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 368241
x-cip: 2a01:4a0:2b::6
request-id: a82238ffd4ff132be52626073449ee80
alt-svc: h3=":443"; ma=86400
content-length: 1789
last-modified: Fri, 08 Mar 2024 23:32:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86a7e05c2b179bd6-FRA

GET
H2 200 82c32a44-5390-44e6-a997-7353fc44e368.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 2 KB
2 KB 111ms
23ms Image
image/png 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/82c32a44-5390-44e6-a997-7353fc44e368.png.slim.png

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/css/niffler_farm-7a9cd794c7333d3c9260.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68429cdbdc4974a6a75b5eb4e6ceb570cbdd208c06d05384fdeb86e2bace9a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.kwcdn.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 472
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 1106615
x-cip: 2a01:4a0:2b::6
request-id: 1eec04369377fe0f1724b42a1cab92b3
alt-svc: h3=":443"; ma=86400
content-length: 2107
last-modified: Sun, 25 Feb 2024 14:03:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86a7e05c2b109bd6-FRA

GET
H2 200 3b44377e-adb3-42c4-a0d8-563086b25607.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 2 KB
2 KB 120ms
33ms Image
image/png 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/3b44377e-adb3-42c4-a0d8-563086b25607.png.slim.png

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/css/niffler_farm-7a9cd794c7333d3c9260.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5070028294b6ef5a9654b55baf614281c90e72c90f34d70ebecc39ad8b89632

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.kwcdn.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 472
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 564548
x-cip: 2a01:4a0:2b::6
request-id: 075f25d21e4b6625ad5dd463abaee089
alt-svc: h3=":443"; ma=86400
content-length: 2201
last-modified: Sun, 25 Feb 2024 22:30:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86a7e05c2b0f9bd6-FRA

GET
H2 200 1c8bd5c2-90c7-49f5-a3e8-2748d083bc09.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 7 KB
7 KB 120ms
33ms Image
image/png 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/1c8bd5c2-90c7-49f5-a3e8-2748d083bc09.png.slim.png

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/css/niffler_farm-7a9cd794c7333d3c9260.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b69d80b7bf7f23cec2add7dd67cb3f50bf20cc3e3f1509e5019168b566e0de39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.kwcdn.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 472
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 1105296
x-cip: 2a01:4a0:2b::6
request-id: 43348a4a644c21cdae064489fd9e6933
alt-svc: h3=":443"; ma=86400
content-length: 7246
x-avi-image-cache: hit
last-modified: Mon, 19 Feb 2024 20:21:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86a7e05c2b139bd6-FRA

GET
H2 200 4ac5cfe4-9c34-4b94-b0c0-22d832b943f8.ttf
aimg.kwcdn.com/upload_aimg/dawn/ 26 KB
15 KB 71ms
28ms Font
font/ttf 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/4ac5cfe4-9c34-4b94-b0c0-22d832b943f8.ttf

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/css/niffler_farm-7a9cd794c7333d3c9260.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9de76e61dab369bafe68126c272fabd6d9fcbecab6d8eea2c4efc34dfa97ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.kwcdn.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 471
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: nUE1dQYgPdkvyuB1vvHJ5w==
age: 1106137
x-cip: 2a01:4a0:2b::6
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 09:04:29 GMT
server: cloudflare
etag: W/"0x8DBB5CAC4EEEAD1"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05bed861da2-FRA

GET
H2 200 bab4c552-e8ad-46e5-b1b0-4aa47e220429.ttf
aimg.kwcdn.com/upload_aimg/dawn/ 30 KB
20 KB 79ms
37ms Font
font/ttf 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/bab4c552-e8ad-46e5-b1b0-4aa47e220429.ttf

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/css/niffler_farm-7a9cd794c7333d3c9260.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e4b66c4be42c2d5a98639ed4638824efd6ee0b4972daad3929f93a8bc26debb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.kwcdn.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 471
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: 4CSKkP7kvPiChFMXNV4J9g==
age: 1115641
x-cip: 2a01:4a0:2b::6
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Apr 2023 09:00:25 GMT
server: cloudflare
etag: W/"0x8DB40B48407E73B"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05bed841da2-FRA

GET
H2 200 react_webpack_runtime_66086ccd9e8763b8c305.js Show response
static.kwcdn.com/m-assets/assets/js/ 60 KB
20 KB 28ms
27ms Script
application/javascript 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/react_webpack_runtime_66086ccd9e8763b8c305.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09ee45e0678054fa5ea00907b91d8063aad86a6d0cc4b958b4832b71384bd84c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 471
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: tBCKccORx3nRxKAFmHSLng==
age: 6619
x-cip: 2a01:4a0:2b::6
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 26 Mar 2024 12:44:05 GMT
server: cloudflare
etag: W/"0x8DC4D926C159D73"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05bad471da2-FRA

GET
H2 200 vendors_97d4b177c0eb25765440.js Show response
static.kwcdn.com/m-assets/assets/js/ 546 KB
171 KB 53ms
52ms Script
application/javascript 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/vendors_97d4b177c0eb25765440.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

518fe88bdd41a0cf20c0f6ea8514cfbb437c79bfb4704bfeec25cdd3c90b1672

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 471
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: RCUi0GAO06+ILIIeJedrNg==
age: 1115662
x-cip: 2a01:4a0:2b::6
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Mar 2024 09:43:40 GMT
server: cloudflare
etag: W/"0x8DC4278E5E4B889"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05bbd4b1da2-FRA

GET
H2 200 biz_vendors_13f3cceb9c0b7a5f00cb.js Show response
static.kwcdn.com/m-assets/assets/js/ 600 KB
158 KB 36ms
35ms Script
application/javascript 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52010b5839bcdc283d0e3c550b504b3887ca40c913ff4a7191fb9b7c9c8de95d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 471
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: Cr0zJZ69oBuYBA2ekfdoGQ==
age: 47378
x-cip: 2a01:4a0:2b::6
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 24 Mar 2024 02:41:29 GMT
server: cloudflare
etag: W/"0x8DC4BABE8DBDCB4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05bbd4d1da2-FRA

GET
H2 200 4612_9939ab9b9c2ac275bdf7.js Show response
static.kwcdn.com/m-assets/assets/js/ 31 KB
10 KB 24ms
23ms Script
application/javascript 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/4612_9939ab9b9c2ac275bdf7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa6e38c8ff14c3c48640dd95c947fe92fdb55ab9d54ec8419366cea43b12752

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 471
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: lPGyxwYW2qDBlwjKVxHtNA==
age: 19082
x-cip: 2a01:4a0:2b::6
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 26 Mar 2024 09:16:53 GMT
server: cloudflare
etag: W/"0x8DC4D757A3A8E61"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05bbd4f1da2-FRA

GET
H2 200 811_6852074f3704902cba96.js Show response
static.kwcdn.com/m-assets/assets/js/ 31 KB
13 KB 26ms
25ms Script
application/javascript 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/811_6852074f3704902cba96.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ea7e071608590571f9cdf53812b61442fe18c2d8419160265c00c39d967a650

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 471
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: ujHOHMTV6w1UU70pUwdawg==
age: 630056
x-cip: 2a01:4a0:2b::6
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 04:00:32 GMT
server: cloudflare
etag: W/"0x8DC47C91F64CC4E"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05bbd501da2-FRA

GET
H2 200 niffler_farm_3ae46a21839c9ee25024.js Show response
static.kwcdn.com/m-assets/assets/js/ 565 KB
123 KB 47ms
47ms Script
application/javascript 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/niffler_farm_3ae46a21839c9ee25024.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b25acd1913e83a532b22e6cf3c4991c95999dd5d7c0faa19c1116ce97b8c9c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 471
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: eSVis8xTb1eUHuuQPNjIGA==
age: 19076
x-cip: 2a01:4a0:2b::6
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 26 Mar 2024 09:16:52 GMT
server: cloudflare
etag: W/"0x8DC4D75796F1EAD"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05bbd531da2-FRA

GET
H3 200 12f53c06-2818-4285-83c2-8dfacbebb37b.ttf
aimg.kwcdn.com/upload_aimg/dawn/ 31 KB
20 KB 20ms
19ms Font
font/ttf 104.18.11.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/12f53c06-2818-4285-83c2-8dfacbebb37b.ttf

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/css/niffler_farm-7a9cd794c7333d3c9260.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dbc708bd214c0ac24edde6523d540b124d8de22abbe87923f4f923545cef940

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.kwcdn.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 637
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: vc3dZJAQ+PUM3cZsfSCM+Q==
age: 1115661
x-cip: 81.95.5.37
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 May 2023 07:21:27 GMT
server: cloudflare
etag: W/"0x8DB52B97FF9E371"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05c3dbc35f6-FRA

GET
H3 200 9761_0b90b313791df2eeef35.js Show response
static.kwcdn.com/m-assets/assets/js/ 83 KB
31 KB 24ms
23ms Script
application/javascript 104.18.11.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/9761_0b90b313791df2eeef35.js

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/react_webpack_runtime_66086ccd9e8763b8c305.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65c3d4e6114fc99ee604a1e0233c2c1e3d9d442ff16a87746e3a17e554722eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 637
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: w7R68tCdQRVAQRNpGKgmsg==
age: 213215
x-cip: 81.95.5.37
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Mar 2024 09:17:20 GMT
server: cloudflare
etag: W/"0x8DC4A50E092A49C"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05c6de035f6-FRA

POST
H2 200 defined Show response
eu.pftk.temu.com/pmm/api/pmm/ 0
327 B 35ms
34ms XHR
application/octet-stream 4.207.234.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.pftk.temu.com/pmm/api/pmm/defined
Requested by: Host: www.temu.com
URL: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora%21&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.207.234.37 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3882201d0d5580ea687ef0a63eeb9ad94f1d32c7ca0661e75deab3daa1628161

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 4555_d3a34efb3b9e5ee1eab8.js Show response
static.kwcdn.com/m-assets/assets/js/ 26 KB
9 KB 26ms
26ms Script
application/javascript 104.18.11.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/4555_d3a34efb3b9e5ee1eab8.js

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/react_webpack_runtime_66086ccd9e8763b8c305.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42f44938a59597c11f40667d8e86c6094b19c64c11ccfe57907c78d7a6670fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 637
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: HmoaPpCrT5j3b2CYayUY7w==
age: 1119761
x-cip: 81.95.5.37
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 22 Feb 2024 06:26:43 GMT
server: cloudflare
etag: W/"0x8DC336F3C95963B"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05cbe3735f6-FRA

GET
H3 200 3248_4a30e158ed3cc954e7b1.js Show response
static.kwcdn.com/m-assets/assets/js/ 71 KB
25 KB 21ms
21ms Script
application/javascript 104.18.11.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kwcdn.com/m-assets/assets/js/3248_4a30e158ed3cc954e7b1.js

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/react_webpack_runtime_66086ccd9e8763b8c305.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f1f59d6c8085462efedca3dfa64e5576adaa3b2deef10ee8b2d5d656064386

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
Origin: https://www.temu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 637
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-md5: 9jhd6v1yxRA3/Z6wivacVg==
age: 213300
x-cip: 81.95.5.37
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 24 Mar 2024 02:41:28 GMT
server: cloudflare
etag: W/"0x8DC4BABE7EF2E45"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
cf-ray: 86a7e05cbe3b35f6-FRA

POST
H2 200 th.gif
eu.thtk.temu.com/c/ 0
318 B 199ms
100ms Ping
image/gif 20.166.157.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.thtk.temu.com/c/th.gif
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.166.157.163 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

POST
H2 200 th.gif
eu.thtk.temu.com/c/ 0
319 B 121ms
28ms Ping
image/gif 20.166.157.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.thtk.temu.com/c/th.gif
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.166.157.163 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993a7c81d894b87112ed303f7271ffd9e5fdcef386b1f36dcf7a2c55eb9b1364

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 defined Show response
eu.pftk.temu.com/pmm/api/pmm/ 0
327 B 31ms
30ms XHR
application/octet-stream 4.207.234.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.pftk.temu.com/pmm/api/pmm/defined
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.207.234.37 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

POST
H2 200 th.gif
eu.thtk.temu.com/c/ 0
318 B 135ms
99ms Ping
image/gif 20.166.157.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.thtk.temu.com/c/th.gif
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.166.157.163 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

POST
H2 200 th.gif
eu.thtk.temu.com/c/ 0
318 B 94ms
59ms Ping
image/gif 20.166.157.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.thtk.temu.com/c/th.gif
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.166.157.163 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

POST
H2 200 th.gif
eu.thtk.temu.com/c/ 0
318 B 134ms
99ms Ping
image/gif 20.166.157.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.thtk.temu.com/c/th.gif
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.166.157.163 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

POST
H2 200 th.gif
eu.thtk.temu.com/c/ 0
318 B 133ms
99ms Ping
image/gif 20.166.157.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.thtk.temu.com/c/th.gif
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.166.157.163 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

POST
H2 200 urlHash Show response
www.temu.com/api/market/cipher/ 75 B
621 B 33ms
33ms XHR
application/json 20.105.12.146
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/market/cipher/urlHash

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_97d4b177c0eb25765440.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.105.12.146 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

056b470f1d5a6c894dd979cb175ac01d96f1016b6ccb88d1242dd57e10052d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
strict-transport-security: max-age=2592000
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json;charset=utf-8
x-yak-request-id: 1711463822914-a4ebbc2b8a9b06ccb7843f4999817d2d
access-control-allow-origin: https://www.temu.com
yak-timeinfo: 1711463822914|4
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
access-control-allow-credentials: true
cip: 81.95.5.37
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content
content-length: 75

GET
H2 200 17c05521-15b7-45ad-bf14-9af7cf3c56d1.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 36 KB
36 KB 19ms
18ms Image
image/png 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/17c05521-15b7-45ad-bf14-9af7cf3c56d1.png.slim.png?imageView2/2/w/1300/q/80

Requested by

Host: www.temu.com
URL: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85bbdc43ee659d0b62e4f834f7c5bc0ddedb60db61fd4ac44c883249126502ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 472
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 483725
x-cip: 2a01:4a0:2b::6
request-id: c34cf6dc1fb5fa972b9683f08adad474
alt-svc: h3=":443"; ma=86400
content-length: 37192
x-avi-image-cache: hit
last-modified: Mon, 19 Feb 2024 08:57:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86a7e05d4c259bd6-FRA

GET
H2 200 fd7505be-bc9b-4980-88cc-4b5f8ccfc677.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 7 KB
7 KB 18ms
17ms Image
image/png 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/fd7505be-bc9b-4980-88cc-4b5f8ccfc677.png.slim.png?imageView2/2/w/1300/q/80

Requested by

Host: www.temu.com
URL: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d9dbf9243a675d387498dcac02fdd0cf1b7aafab9aa7de7106aa7a91652546

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 472
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 1106143
x-cip: 2a01:4a0:2b::6
request-id: ee4e258cefa8be0091de564576c64239
alt-svc: h3=":443"; ma=86400
content-length: 7273
last-modified: Thu, 18 Jan 2024 20:38:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86a7e05d4c269bd6-FRA

GET
H2 200 3af291df-d9e4-4fc2-9ec9-230d23acd920.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 41 KB
41 KB 28ms
27ms Image
image/png 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/3af291df-d9e4-4fc2-9ec9-230d23acd920.png.slim.png?imageView2/2/w/1300/q/80

Requested by

Host: www.temu.com
URL: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e197b33a61f035231cedf175c69a305ed161c07d3447edf79eafa4da50b8da45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 472
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 204790
x-cip: 2a01:4a0:2b::6
request-id: d73bb6c3ef6e3216514ca754319f09d4
alt-svc: h3=":443"; ma=86400
content-length: 41483
x-avi-image-cache: hit
last-modified: Tue, 20 Feb 2024 04:30:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86a7e05d4c279bd6-FRA

GET
H2 200 ce7c99a2-d7f9-4bf1-b6eb-88af622dc122.png.slim.png
aimg.kwcdn.com/upload_aimg/dawn/ 77 KB
77 KB 24ms
23ms Image
image/png 2606:4700::6812:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aimg.kwcdn.com/upload_aimg/dawn/ce7c99a2-d7f9-4bf1-b6eb-88af622dc122.png.slim.png?imageView2/2/w/1300/q/80

Requested by

Host: www.temu.com
URL: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40ba2337faea7b268ea51821092e7316df86cf102bd688c9e67d1c332333de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
coloid: 472
x-content-type-options: nosniff
cf-cache-status: HIT
x-fop-destination-type: fop
age: 1118784
x-cip: 2a01:4a0:2b::6
request-id: 946b09b08b9d1d8cc0fdcd0caafd4ba6
alt-svc: h3=":443"; ma=86400
content-length: 79014
x-avi-image-cache: hit
last-modified: Mon, 19 Feb 2024 08:57:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-imagine-success: true
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86a7e05d4c299bd6-FRA

GET
H2 200 _stm Show response
www.temu.com/api/server/ 29 B
179 B 29ms
29ms XHR
application/json 20.105.12.146
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.temu.com/api/server/_stm
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_97d4b177c0eb25765440.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.105.12.146 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: d99a64d82db8a6b6f91c9be8ad72753f84e72f6d55bbbc14a9567cf17ec2b348

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
cache-control: no-cache, no-store
content-encoding: gzip
server: nginx
cip: 81.95.5.37
vary: Accept-Encoding
content-type: application/json

POST
H2 200 api Show response
eu.pftk.temu.com/pmm/api/pmm/ 0
327 B 33ms
33ms XHR
application/octet-stream 4.207.234.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.pftk.temu.com/pmm/api/pmm/api
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.207.234.37 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

GET
H2 200 cg Show response
www.temu.com/api/phantom/dm/wl/ 216 B
497 B 36ms
36ms XHR
application/json 20.105.12.146
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/phantom/dm/wl/cg

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_97d4b177c0eb25765440.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.105.12.146 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

590b998749a4265569ecdf31d20d375de4af41649cf702753f186d6cd8b7a3fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: nginx
vary: Accept-Encoding
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-type: application/json;charset=UTF-8
x-yak-request-id: 1711463822972-264ce6ab96d57f2244db711871c99809
yak-timeinfo: 1711463822972|2
cip: 81.95.5.37

GET
H2 200 a3 Show response
www.temu.com/api/phantom/xg/pfb/ 65 B
400 B 37ms
37ms XHR
application/json 20.105.12.146
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/phantom/xg/pfb/a3

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_97d4b177c0eb25765440.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.105.12.146 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

cf7b2f8657bff12b5f8bc9c183ef9c96c1cd6533f27fba4cc5843f7a51eecfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: nginx
vary: Accept-Encoding
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-type: application/json;charset=UTF-8
x-yak-request-id: 1711463822975-c445d252b7f9bc07004b870db9323931
yak-timeinfo: 1711463822975|1
cip: 81.95.5.37

GET
H2 200 b Show response
www.temu.com/api/phantom/xg/pfb/ 161 B
494 B 38ms
38ms XHR
application/json 20.105.12.146
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/phantom/xg/pfb/b

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_97d4b177c0eb25765440.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.105.12.146 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

99f77ecc14a97e7311b659946c95861c61667a23d3ba250e7fc512db66e088ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: nginx
vary: Accept-Encoding
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-type: application/json;charset=UTF-8
x-yak-request-id: 1711463822976-faa2494fe7632ed2e101da8662b1b15f
yak-timeinfo: 1711463822976|2
cache-control: max-age=94608000, immutable, private
cip: 81.95.5.37

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ce77f4fc4795d3b7ca8d8738305a03d1ee0b08926f199ca3db167d828e4877b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 api Show response
eu.pftk.temu.com/pmm/api/pmm/ 0
327 B 36ms
36ms XHR
application/octet-stream 4.207.234.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.pftk.temu.com/pmm/api/pmm/api
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.207.234.37 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:02 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:01 GMT

GET
H2 200 favicon.ico
www.temu.com/ 17 KB
18 KB 120ms
120ms Other
image/x-icon 20.105.12.146
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.105.12.146 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

9e50f7118d02f2fc45af374163bf05bb6467869ff0333751d2e0d9a0401e8b5e

Security Headers

Name	Value
Content-Security-Policy	default-src temu: .temu.com .kwcdn.com wss://.temu.com .paypal.com .googleapis.com .gstatic.com .googletagmanager.com .google-analytics.com .analytics.google.com .doubleclick.net .google.com .googlesyndication.com .googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net .cash.app .forter.com www.paypalobjects.com .braintree-api.com .braintreegateway.com cash-f.squarecdn.com api.squareup.com api.lab.amplitude.com .paidy.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-unsafe-eval'; report-uri /api/sec-csp/110000006/enforce
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:03 GMT
strict-transport-security: max-age=2592000
content-security-policy: default-src temu: *.temu.com *.kwcdn.com wss://*.temu.com *.paypal.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com www.paypalobjects.com *.braintree-api.com *.braintreegateway.com cash-f.squarecdn.com api.squareup.com api.lab.amplitude.com *.paidy.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-unsafe-eval'; report-uri /api/sec-csp/110000006/enforce
server: nginx
content-security-policy-report-only: default-src temu: *.temu.com *.kwcdn.com wss://*.temu.com *.paypal.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.google.com *.googlesyndication.com *.googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net *.cash.app *.forter.com www.paypalobjects.com *.braintree-api.com *.braintreegateway.com cash-f.squarecdn.com api.squareup.com api.lab.amplitude.com *.paidy.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-unsafe-eval'; report-uri /api/sec-csp/110000006/report
vary: User-Agent
content-type: image/x-icon
x-yak-request-id: 1711463823001-8174b36c8bff1e76dc2573fbd4b355f2
cache-control: max-age=3600
x-frame-options: SAMEORIGIN
cip: 81.95.5.37

POST
H2 200 a4 Show response
www.temu.com/api/phantom/xg/pfb/ 194 B
1 KB 55ms
55ms XHR
application/json 20.105.12.146
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/phantom/xg/pfb/a4

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_97d4b177c0eb25765440.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.105.12.146 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

0f53a385bec9d11ee174ebe906f0f2d156d38ba21fd8e681537f2210721c6202

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:03 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: nginx
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
x-yak-request-id: 1711463823200-0e2b3cca9a2701821619a330392c5ea2
access-control-allow-origin: https://www.temu.com
yak-timeinfo: 1711463823200|19
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
access-control-allow-credentials: true
cip: 81.95.5.37
access-control-allow-headers: Origin, X-Requested-With, Content-Type, X_Requested_With, Accept, X-HTTP-Method-Override, Cookie, AccessToken, PASSID, VerifyAuthToken, Anti-Content

GET
H2 200 l1 Show response
www.temu.com/api/phantom/xg/pfb/ 114 B
430 B 40ms
40ms XHR
application/json 20.105.12.146
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.temu.com/api/phantom/xg/pfb/l1

Requested by

Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/vendors_97d4b177c0eb25765440.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.105.12.146 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

3e1bb342c7ecf58b5d350767875b6370a0686f42a5f9f73a2734110075ab3fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.temu.com/niffler_farm.html?group_sn=A07E249D6F6F333AB877045BF3C0F9AB&aty_oid=BIBDMWISBA3GS6LUNNEFOZA2CDWWXXNCDRVZSMMXJUBOPOBFFRHSQBZQAI&_bg_fs=1&share_biz_source=0&share_region=186&_p_rfs=1&gs_pelican_id=10024&refer_share_suin=BAWVHNVWTOJ3QCJQGAZ557UHLYIFPPRJY4HEBHTI6Y6B4&refer_share_id=ZW63otRww1bIVTYoHtc5FNJG9vBc26zv&refer_share_channel=ins_chat&_ex_campaign=mkt_activity&_ex_cid=mkt_activity_house&_ex_sid=farm_share&needs_login=1&login_scene=7&_p_login_channel=activity&_x_sid=search&_x_campaign=mkt_activity&_x_cid=mkt_activity_house&_x_share_id=OM3bVM5QZ6Jja7F8xSrIEMDdViAu267f&gs_invite_code=508560060&gs_og_title=Por%20favor%F0%9F%A5%BA%2C%20estoy%20intentando%20obtener%20mi%20favorito%20art%26iacute%3Bculo%20por%20gratis.%20%26iquest%3BPodr%26iacute%3Bas%20ayudarme%3F&gs_og_description=%26iexcl%3BVen%20y%20%26uacute%3Bnete%20a%20m%26iacute%3B%20ahora!&gs_og_image=https%3A%2F%2Faimg.kwcdn.com%2Fupload_aimg%2Fdawn%2F6316ea3a-6b5e-489c-ba1b-5c43284f4712.png.slim.png
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:37:03 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: nginx
vary: Accept-Encoding
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-type: application/json;charset=UTF-8
x-yak-request-id: 1711463823198-9fe318706fee46170e277a3913580982
yak-timeinfo: 1711463823198|1
cip: 81.95.5.37

POST
H2 200 th.gif
eu.thtk.temu.com/c/ 0
318 B 31ms
31ms Ping
image/gif 20.166.157.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.thtk.temu.com/c/th.gif
Requested by: Host: static.kwcdn.com
URL: https://static.kwcdn.com/m-assets/assets/js/biz_vendors_13f3cceb9c0b7a5f00cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.166.157.163 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.temu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 14:37:04 GMT
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.temu.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override, Cookie, AccessToken, Anti-Content
expires: Tue, 26 Mar 2024 14:37:03 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.temu.com/	1970-01-21 04:09:59	Name: api_uid Value: CnDouGYC3Y1VGQCVlE7YAg==
www.temu.com/	1970-01-20 23:43:35	Name: region Value: 76
www.temu.com/	1970-01-20 23:43:35	Name: language Value: en
www.temu.com/	1970-01-20 23:43:35	Name: currency Value: EUR
www.temu.com/	1970-01-21 04:09:59	Name: timezone Value: Europe%2FBerlin
www.temu.com/	1970-01-21 05:00:23	Name: _nano_fp Value: XpmaXpTjXqCxX5Txno_P7qj0s5UqFxTmu9BCgUUV
.temu.com/	1970-01-21 04:09:59	Name: _bee Value: ecmVnMjcsZscfmaWgHFKIT0DCIzSea0o
.temu.com/	1970-01-21 04:09:59	Name: njrpl Value: ecmVnMjcsZscfmaWgHFKIT0DCIzSea0o
.temu.com/	1970-01-21 04:09:59	Name: dilx Value: GkEGOEQqRtlZkB34WkG1e
.temu.com/	1970-01-21 04:09:59	Name: hfsc Value: L3yLeY026jb60JXNfw==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src temu: .temu.com .kwcdn.com wss://.temu.com .paypal.com .googleapis.com .gstatic.com .googletagmanager.com .google-analytics.com .analytics.google.com .doubleclick.net .google.com .googlesyndication.com .googleusercontent.com www.googleadservices.com www.google.cn www.google.com.hk www.google.co.uk www.google.ca www.google.com.au www.google.co.nz google.com connect.facebook.net www.facebook.com appleid.cdn-apple.com socialplugin.facebook.net .cash.app .forter.com www.paypalobjects.com .braintree-api.com .braintreegateway.com cash-f.squarecdn.com api.squareup.com api.lab.amplitude.com .paidy.com blob: data: 'unsafe-eval' 'unsafe-inline' 'wasm-unsafe-eval'; report-uri /api/sec-csp/110000006/enforce
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aimg.kwcdn.com
eu.pftk.temu.com
eu.thtk.temu.com
static.kwcdn.com
temu.com
www.temu.com
104.18.11.132
20.105.12.146
20.15.0.25
20.166.157.163
2606:4700::6812:b84
4.207.234.37
056b470f1d5a6c894dd979cb175ac01d96f1016b6ccb88d1242dd57e10052d6e
09ee45e0678054fa5ea00907b91d8063aad86a6d0cc4b958b4832b71384bd84c
0f53a385bec9d11ee174ebe906f0f2d156d38ba21fd8e681537f2210721c6202
17c090d68b58c2a85ad06b57d52dafe3646d18257a23ec0e97755365523aed68
1924062b211ef8a98883e6c75e158c7db3d2f4777483667e6f12b16d75f82532
1d9de76e61dab369bafe68126c272fabd6d9fcbecab6d8eea2c4efc34dfa97ca
3882201d0d5580ea687ef0a63eeb9ad94f1d32c7ca0661e75deab3daa1628161
39f1f59d6c8085462efedca3dfa64e5576adaa3b2deef10ee8b2d5d656064386
3ce77f4fc4795d3b7ca8d8738305a03d1ee0b08926f199ca3db167d828e4877b
3e1bb342c7ecf58b5d350767875b6370a0686f42a5f9f73a2734110075ab3fb8
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
518fe88bdd41a0cf20c0f6ea8514cfbb437c79bfb4704bfeec25cdd3c90b1672
52010b5839bcdc283d0e3c550b504b3887ca40c913ff4a7191fb9b7c9c8de95d
590b998749a4265569ecdf31d20d375de4af41649cf702753f186d6cd8b7a3fc
65c3d4e6114fc99ee604a1e0233c2c1e3d9d442ff16a87746e3a17e554722eaa
68429cdbdc4974a6a75b5eb4e6ceb570cbdd208c06d05384fdeb86e2bace9a02
6ea7e071608590571f9cdf53812b61442fe18c2d8419160265c00c39d967a650
775cba03a4ae5af08b3d825d780f0276c961996b2293c185675290ec8aa804e4
79d9dbf9243a675d387498dcac02fdd0cf1b7aafab9aa7de7106aa7a91652546
85bbdc43ee659d0b62e4f834f7c5bc0ddedb60db61fd4ac44c883249126502ba
8646c3a5944f23a772adfddba145e5f852379b76a35ebdd1157f7710b707637c
8dbc708bd214c0ac24edde6523d540b124d8de22abbe87923f4f923545cef940
8e4b66c4be42c2d5a98639ed4638824efd6ee0b4972daad3929f93a8bc26debb
982bd2b572e365a8002ef2c92bb73a4ca7d710b096f70814607ae42800378736
993a7c81d894b87112ed303f7271ffd9e5fdcef386b1f36dcf7a2c55eb9b1364
99f77ecc14a97e7311b659946c95861c61667a23d3ba250e7fc512db66e088ba
9e50f7118d02f2fc45af374163bf05bb6467869ff0333751d2e0d9a0401e8b5e
9fa6e38c8ff14c3c48640dd95c947fe92fdb55ab9d54ec8419366cea43b12752
b25acd1913e83a532b22e6cf3c4991c95999dd5d7c0faa19c1116ce97b8c9c90
b69d80b7bf7f23cec2add7dd67cb3f50bf20cc3e3f1509e5019168b566e0de39
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7b2f8657bff12b5f8bc9c183ef9c96c1cd6533f27fba4cc5843f7a51eecfd4
d40ba2337faea7b268ea51821092e7316df86cf102bd688c9e67d1c332333de5
d99a64d82db8a6b6f91c9be8ad72753f84e72f6d55bbbc14a9567cf17ec2b348
e197b33a61f035231cedf175c69a305ed161c07d3447edf79eafa4da50b8da45
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42f44938a59597c11f40667d8e86c6094b19c64c11ccfe57907c78d7a6670fd
e5070028294b6ef5a9654b55baf614281c90e72c90f34d70ebecc39ad8b89632
ef4e1a2d1239816b54c3adf19b486d27d77f12631d2c44c490c1fe417adf62c2

www.temu.com Open in urlscan Pro 20.105.12.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

45 Requests

100 %HTTPS

17 %IPv6

2 Domains

6 Subdomains

6 IPs

3 Countries

1137 kBTransfer

3193 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.temu.com Open in urlscan Pro
20.105.12.146 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

17 %
IPv6

2
Domains

6
Subdomains

6
IPs

3
Countries

1137 kB
Transfer

3193 kB
Size

10
Cookies

45 HTTP transactions
5 data transactions