urlscan.io logo urlscan.io
SecurityTrails logo

mail.td Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nqmo.com/
Effective URL: https://mail.td/
Submission: On April 19 via manual from MA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is mail.td.
TLS certificate: Issued by E1 on April 18th 2024. Valid for: 3 months.
This is the only time mail.td was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.185.148 13335 (CLOUDFLAR...)
1 18 188.114.96.3 13335 (CLOUDFLAR...)
2 216.58.206.34 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 172.217.16.206 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
29 7
1    172.67.185.148 (United States)

ASN13335 (CLOUDFLARENET, US)
nqmo.com
18    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
mail.td
2    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
pagead2.googlesyndication.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net
fundingchoicesmessages.google.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
18 mail.td
mail.td
143 KB
6 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660
183 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
188 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
698 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
6 KB
1 nqmo.com
nqmo.com
476 B
29 7
Domain Requested by
18 mail.td 1 redirects mail.td
6 fundingchoicesmessages.google.com mail.td
pagead2.googlesyndication.com
2 fonts.gstatic.com mail.td
2 pagead2.googlesyndication.com mail.td
pagead2.googlesyndication.com
1 lh3.googleusercontent.com mail.td
1 fonts.googleapis.com
1 nqmo.com 1 redirects
29 7

This site contains links to these domains. Also see Links.

Domain
stats.uptimerobot.com
api.mail.cx
Subject Issuer Validity Valid
mail.td
E1		 2024-04-18 -
2024-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mail.td/
Frame ID: ED42D5EE5B931F8E6A98E91D8B951ED4
Requests: 27 HTTP requests in this frame

Frame: https://mail.td/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: E1EBC51437172C0337FAEB020DEA58F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Temp Mail - Disposable Temporary Email Address

Page URL History Show full URLs

  1. http://nqmo.com/ HTTP 307
    https://nqmo.com/ HTTP 301
    https://mail.td/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

694 kB
Transfer

1998 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nqmo.com/ HTTP 307
    https://nqmo.com/ HTTP 301
    https://mail.td/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://mail.td/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://mail.td/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mail.td/
Redirect Chain
  • http://nqmo.com/
  • https://nqmo.com/
  • https://mail.td/
36 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb7933c64919cad64ac48aa8edf05be21a2f8c5b1443dc1f7d04ba7380fe89a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
876d2e3d4e315d3a-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 19 Apr 2024 13:18:27 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
876d2e3c8bf5190f-FRA
content-length
167
content-type
text/html
date
Fri, 19 Apr 2024 13:18:27 GMT
expires
Fri, 19 Apr 2024 14:18:27 GMT
location
https://mail.td
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zyUoCWZqy3TVID8EDEZJNr7YUQXmrWTu9Z4LOmUZOXt%2F3iJlML9kvUbCOKb9B0u4XqnICJ%2FwLvQd7QJwLocaiCqKfd1ffNJp25fn2fVkR8A%2Bckp7o05h4AlU9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
79282b6056e2e36a.css
mail.td/_next/static/css/ 		341 B
474 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/css/79282b6056e2e36a.css
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61ecfb413fa23a792c1dda7b6af3abada682d4d97939d674e6bc05a3cc406cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
2399808
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"155-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3deed15d3a-FRA
080f76a34a8b8678.css
mail.td/_next/static/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/css/080f76a34a8b8678.css
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e4512026d599217ae52429a7ea64d527f69276ebb6ef724578234bdba862ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
2399808
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"3529-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3deed35d3a-FRA
webpack-b8c2ec4d19f350bc.js
mail.td/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/chunks/webpack-b8c2ec4d19f350bc.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400cc7528efcc8f553dd31e15a5b872ab018c210ff7b0d5c9b8560d833299eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
2389886
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"ed8-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3e4f2a5d3a-FRA
framework-7dc8a65f4a0cda33.js
mail.td/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/chunks/framework-7dc8a65f4a0cda33.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fff1301f899454eccafcc9b12ed9365c96960a9d5290a57775e20c8b0e7327b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
2376307
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"22675-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3e4f2c5d3a-FRA
main-0abd3ec81f1cd104.js
mail.td/_next/static/chunks/ 		108 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/chunks/main-0abd3ec81f1cd104.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
733df482172f3abd941b493d3cbd674316cead6ad2c72839c1e9b0581d280db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
2376307
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"1b0d8-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3e4f2d5d3a-FRA
_app-9e397866f57e8a45.js
mail.td/_next/static/chunks/pages/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/chunks/pages/_app-9e397866f57e8a45.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b9dcded87cb321be9cde9023f41f8771445e6c8ed4f38bb22829793ec92bd36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
140760
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"dff0-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3e4f365d3a-FRA
864-d5a4affecc68980a.js
mail.td/_next/static/chunks/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/chunks/864-d5a4affecc68980a.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfa3cecc6eb39dd12f1d3e2da4409e0823277cf4a8b2235ba26996fdd79b3a45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
2376307
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"7c5d-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3e4f395d3a-FRA
786-c6e8272b95b3a2ca.js
mail.td/_next/static/chunks/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/chunks/786-c6e8272b95b3a2ca.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a337a72a59ea96865d16d9dd0ae71af25d98650fcf4999003b63f52ff3555fbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
97636
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"4b8b-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3e4f3b5d3a-FRA
186-51d81d6f5657d742.js
mail.td/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/chunks/186-51d81d6f5657d742.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80d0cb31a4cafe1dfecb1d43e1c0a43462c69df9d2d4eafcaf0e4ed647cd167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
2376307
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"2c7d-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3e4f3c5d3a-FRA
index-be477353c84af2c7.js
mail.td/_next/static/chunks/pages/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/chunks/pages/index-be477353c84af2c7.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2784739617438ec6014957fdc52906f45bb6fb020f957fc073a553a88bb30fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
2376776
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"e9e-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3e4f405d3a-FRA
_buildManifest.js
mail.td/_next/static/6Kl_YoeAWLipYOOrtSt0N/ 		948 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/6Kl_YoeAWLipYOOrtSt0N/_buildManifest.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b627c512daaca4bed97ed266f6a015ad81f78909f2e91128670f489e8f6acea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
2376307
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"3b4-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3e4f425d3a-FRA
_ssgManifest.js
mail.td/_next/static/6Kl_YoeAWLipYOOrtSt0N/ 		77 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/_next/static/6Kl_YoeAWLipYOOrtSt0N/_ssgManifest.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
2376307
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 08:23:56 GMT
server
cloudflare
etag
W/"4d-18ca012d0d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
876d2e3e4f435d3a-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1885816497771161
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
239923f4cb3cb70d9af9e5822f60023995530f8f691e149def613cfcb352fe7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Origin
https://mail.td
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50877
x-xss-protection
0
server
cafe
etag
1675244536776455334
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 19 Apr 2024 13:18:27 GMT
pub-1885816497771161
fundingchoicesmessages.google.com/i/ 		180 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-1885816497771161?ers=1
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47b80d0494536659d0e5396b6bf08934612ac8a0101da072eac4a0a247edf759
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XsC-vktQsIJsWx0qSzfYrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XsC-vktQsIJsWx0qSzfYrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhHo7F9zo3sgn8eHrvBBMA_asrqA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo.png
mail.td/ 		913 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.td/logo.png
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cae12c4bedf94f2c4af81dbc93815c6e7491b81febb3e2d484801719f686877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
2376307
alt-svc
h3=":443"; ma=86400
content-length
913
x-xss-protection
1; mode=block
last-modified
Sun, 25 Sep 2022 17:29:47 GMT
server
cloudflare
etag
W/"391-18375b2acd0"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
876d2e3e4f465d3a-FRA
pub-1885816497771161
fundingchoicesmessages.google.com/b/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-1885816497771161
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b8cdf752d3e30272759744a688ad083ed92832a6ae3b7aea760762ef194cadf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kGgFKKPjiDWElQ7wnjt-Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kGgFKKPjiDWElQ7wnjt-Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhHo7F9zo3sglc-Ne_hwkA_corQg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXKDo2tYV5OQtpEs7bQ4mftWZ6QoGjeD8n2aiXTB2xfaN374zYC3mighPCAGDhDaQxZMCqVNcEL1YmlQ4ZALBIxMw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXKDo2tYV5OQtpEs7bQ4mftWZ6QoGjeD8n2aiXTB2xfaN374zYC3mighPCAGDhDaQxZMCqVNcEL1YmlQ4ZALBIxMw==
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GopBlueZMBdNSj70pZghag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-GopBlueZMBdNSj70pZghag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw15BiWMy_i6mW4RlTKxA7pc9gDQFiIR6Oxfc6N7IJzHi-pZkZAPigDYw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mail.td
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
main.js
mail.td/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame E1EB
Redirect Chain
  • https://mail.td/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://mail.td/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.td/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac0af0aa60f1e5da29acd7c2cb5fdb300241503263cd5984cc88074a20a5376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
876d2e3fd8ea5d3a-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 19 Apr 2024 13:18:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
876d2e3f788b5d3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404110101/ 		408 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1885816497771161&plah=mail.td&aplac=true&bust=31082731
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1885816497771161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c645bb557463e09cabfb09a4f3bdfdd6c45df34712c412df1f45f9953e71bb17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141475
x-xss-protection
0
server
cafe
etag
3766938056806100162
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 Apr 2024 13:18:27 GMT
AGSKWxWpIsKnhUi-_CFj_FUtjVJJ9xxIpdsB1shkKY9Tuf6knTFmYBjVLMHgRWkJELWAKvDtsawqLbSF7akaYj08U6wO_bbIVgWolxw1uprCZRraH_zacqkNk1BT3woDIoFH9Ck8i3QQfA==
fundingchoicesmessages.google.com/f/ 		367 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWpIsKnhUi-_CFj_FUtjVJJ9xxIpdsB1shkKY9Tuf6knTFmYBjVLMHgRWkJELWAKvDtsawqLbSF7akaYj08U6wO_bbIVgWolxw1uprCZRraH_zacqkNk1BT3woDIoFH9Ck8i3QQfA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzNTMyNzA3LDc5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tYWlsLnRkLyIsbnVsbCxbWzgsIm5xTms0ZzhnemhjIl0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.nqNk4g8gzhc.es5.O/am=wA/d=1/rs=AJlcJMwj-Q7mE1ZXcRLOUIftuBuCjNvZDQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e50559b71929fcadc95a2cc14c32d42e7631cfff0d49fdc6ffd301914edd8f4c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-f5UbfTAKh4v6PwrriX18KA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-f5UbfTAKh4v6PwrriX18KA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhHo7F9zo3sgl0HHm5iRkA-u0rDQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
876d2e3d4e315d3a
mail.td/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E1EB 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mail.td/cdn-cgi/challenge-platform/h/b/jsd/r/876d2e3d4e315d3a
Requested by
Host: mail.td
URL: https://mail.td/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Apr 2024 13:18:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
876d2e4079775d3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
css
fonts.googleapis.com/ 		106 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.nqNk4g8gzhc.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxGcpZ3fqdDsW0s1Ly9EwsEhOT0sw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Apr 2024 13:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Apr 2024 13:18:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Apr 2024 13:18:28 GMT
QNtjG6TsDbeEZe6jVRUVMMWnwtmt-GOTeyroXXqLahstoR81cQkC8MY4fQJRBJ3hUOlfbJC8_eoQzH8Y8D1Z6GyU-X_kfufZIKXM7uI0bUeBEnIVjYkX0g=h60
lh3.googleusercontent.com/ 		401 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/QNtjG6TsDbeEZe6jVRUVMMWnwtmt-GOTeyroXXqLahstoR81cQkC8MY4fQJRBJ3hUOlfbJC8_eoQzH8Y8D1Z6GyU-X_kfufZIKXM7uI0bUeBEnIVjYkX0g=h60
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
eb05289d1b5a30e55b57bfc2c988e98a2a0de350fae1efe77929305eab7acba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 10:33:30 GMT
x-content-type-options
nosniff
age
9898
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 20 Apr 2024 10:33:30 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Origin
https://mail.td
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
570752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 22:45:56 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: mail.td
URL: https://mail.td/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Origin
https://mail.td
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 19:45:43 GMT
x-content-type-options
nosniff
age
322365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 19:45:43 GMT
AGSKWxV2fLQRRGc8HKBs8r_wyBLhAZNBQrhvoYGH-TMIsbd_NyyGrht5eqgHv9GhDpmRCU4mX1zbR5BKeirq5uqXUH6HMkA587Ct_ET0JZxhA0bZMMrHz6aJgNI-PR46KMK1FfDNaoRE0g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV2fLQRRGc8HKBs8r_wyBLhAZNBQrhvoYGH-TMIsbd_NyyGrht5eqgHv9GhDpmRCU4mX1zbR5BKeirq5uqXUH6HMkA587Ct_ET0JZxhA0bZMMrHz6aJgNI-PR46KMK1FfDNaoRE0g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.nqNk4g8gzhc.es5.O/am=wA/d=1/rs=AJlcJMwj-Q7mE1ZXcRLOUIftuBuCjNvZDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4Ba2do4_7anZV_co3gHe-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Apr 2024 13:18:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-4Ba2do4_7anZV_co3gHe-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIm2PJvc6NbAIrHu4TAgC5Uwu_"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mail.td
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ca-pub-1885816497771161
fundingchoicesmessages.google.com/i/ 		180 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1885816497771161?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1885816497771161&plah=mail.td&aplac=true&bust=31082731
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
f419f71a5206c5371c0805fbb6f1ef9cf5f4e60531d896c8437ef08346882825
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kNRdtkSAb07e6E1TFE8yOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kNRdtkSAb07e6E1TFE8yOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw0pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhbo4l9zo3sgnsOLFZHwDQHCqG"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.png
mail.td/ 		480 B
696 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mail.td/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd48784ff1f24820db315b053e339a5b8f0c5fca76ada598c7264ce4fb7dbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mail.td/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 13:18:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
2376306
alt-svc
h3=":443"; ma=86400
content-length
480
x-xss-protection
1; mode=block
last-modified
Sun, 25 Sep 2022 17:29:29 GMT
server
cloudflare
etag
W/"1e0-18375b26764"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
876d2e42dc915d3a-FRA

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| __h82AlnkH6D91__ object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __p4qa8r1lb17__ string| cHViLTE4ODU4MTY0OTc3NzExNjE= object| __MIDDLEWARE_MANIFEST object| __BUILD_MANIFEST object| __SSG_MANIFEST object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Mzc1NGJhYzkzMTY0ODhmM2xvYWRlcl9qcw== string| Mzc1NGJhYzkzMTY0ODhmM2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| google_sa_impl boolean| adsbygoogle_ama_fc_has_run

2 Cookies

Domain/Path Name / Value
mail.td/ Name: auth_token
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MTM1MzI3MDcsImV4cCI6MTcxMzUzMzAwN30.49aiiuZucRvgeYfvZUnELjb_swnqsxm98zeS9ACdvSk
.mail.td/ Name: cf_clearance
Value: U5GR13s7CrcMQ79PuIWjcR1LHzEPKnB1dN.1h65R3Ss-1713532707-1.0.1.1-gcmmjAQAlOEtBbOgg.sCNervVth4zfSVZifi3DsYI9EMbLpkFBhf_fLBn5xAVNQOcTWPGBd9vfZmsPSIJBTMcQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
mail.td
nqmo.com
pagead2.googlesyndication.com
172.217.16.206
172.67.185.148
188.114.96.3
216.58.206.34
2a00:1450:4001:806::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::200a
0cae12c4bedf94f2c4af81dbc93815c6e7491b81febb3e2d484801719f686877
239923f4cb3cb70d9af9e5822f60023995530f8f691e149def613cfcb352fe7b
2784739617438ec6014957fdc52906f45bb6fb020f957fc073a553a88bb30fd8
36e4512026d599217ae52429a7ea64d527f69276ebb6ef724578234bdba862ba
3b9dcded87cb321be9cde9023f41f8771445e6c8ed4f38bb22829793ec92bd36
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
400cc7528efcc8f553dd31e15a5b872ab018c210ff7b0d5c9b8560d833299eba
47b80d0494536659d0e5396b6bf08934612ac8a0101da072eac4a0a247edf759
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
5b627c512daaca4bed97ed266f6a015ad81f78909f2e91128670f489e8f6acea
6b8cdf752d3e30272759744a688ad083ed92832a6ae3b7aea760762ef194cadf
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
733df482172f3abd941b493d3cbd674316cead6ad2c72839c1e9b0581d280db4
7ac0af0aa60f1e5da29acd7c2cb5fdb300241503263cd5984cc88074a20a5376
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8bb7933c64919cad64ac48aa8edf05be21a2f8c5b1443dc1f7d04ba7380fe89a
a337a72a59ea96865d16d9dd0ae71af25d98650fcf4999003b63f52ff3555fbd
afd48784ff1f24820db315b053e339a5b8f0c5fca76ada598c7264ce4fb7dbf7
b61ecfb413fa23a792c1dda7b6af3abada682d4d97939d674e6bc05a3cc406cd
bfa3cecc6eb39dd12f1d3e2da4409e0823277cf4a8b2235ba26996fdd79b3a45
c645bb557463e09cabfb09a4f3bdfdd6c45df34712c412df1f45f9953e71bb17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50559b71929fcadc95a2cc14c32d42e7631cfff0d49fdc6ffd301914edd8f4c
eb05289d1b5a30e55b57bfc2c988e98a2a0de350fae1efe77929305eab7acba9
f419f71a5206c5371c0805fbb6f1ef9cf5f4e60531d896c8437ef08346882825
f80d0cb31a4cafe1dfecb1d43e1c0a43462c69df9d2d4eafcaf0e4ed647cd167
fff1301f899454eccafcc9b12ed9365c96960a9d5290a57775e20c8b0e7327b3