urlscan.io logo urlscan.io
SecurityTrails logo

account.proton.me Open in urlscan Pro
185.70.42.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://old.protonmail.com/
Effective URL: https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Submission Tags: falconsandbox
Submission: On February 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 2 domains to perform 24 HTTP transactions. The main IP is 185.70.42.36, located in Switzerland and belongs to PROTON, CH. The main domain is account.proton.me. The Cisco Umbrella rank of the primary domain is 99848.
TLS certificate: Issued by R3 on February 20th 2023. Valid for: 3 months.
This is the only time account.proton.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.70.42.23 62371 (PROTON)
7 185.70.42.37 62371 (PROTON)
2 185.70.42.11 62371 (PROTON)
14 185.70.42.36 62371 (PROTON)
1 185.70.42.41 62371 (PROTON)
24 5
1    185.70.42.23 (Switzerland)

ASN62371 (PROTON, CH)
PTR: 185-70-42-23.protonmail.ch
old.protonmail.com
7    185.70.42.37 (Switzerland)

ASN62371 (PROTON, CH)
PTR: 185-70-42-37.protonmail.ch
mail.proton.me
2    185.70.42.11 (Switzerland)

ASN62371 (PROTON, CH)
PTR: 185-70-42-11.protonmail.ch
reports.proton.me
14    185.70.42.36 (Switzerland)

ASN62371 (PROTON, CH)
PTR: 185-70-42-36.protonmail.ch
account.proton.me
1    185.70.42.41 (Switzerland)

ASN62371 (PROTON, CH)
PTR: 185-70-42-41.protonmail.ch
account-api.proton.me
Apex Domain
Subdomains		 Transfer
24 proton.me
mail.proton.me — Cisco Umbrella Rank: 44353
reports.proton.me — Cisco Umbrella Rank: 362320
account.proton.me — Cisco Umbrella Rank: 99848
account-api.proton.me — Cisco Umbrella Rank: 192970
2 MB
1 protonmail.com
old.protonmail.com
394 B
24 2
Domain Requested by
14 account.proton.me mail.proton.me
account.proton.me
7 mail.proton.me mail.proton.me
2 reports.proton.me mail.proton.me
1 account-api.proton.me account.proton.me
1 old.protonmail.com 1 redirects
24 5

This site contains links to these domains. Also see Links.

Domain
proton.me
Subject Issuer Validity Valid
proton.me
R3		 2023-02-20 -
2023-05-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Frame ID: C3A41F5969CEDA2CA7F05AB817F59964
Requests: 25 HTTP requests in this frame

Frame: https://account-api.proton.me/challenge/v4/html?Type=0&Name=login
Frame ID: EC5DD1B0D47D6B36B2F26AD85C3A8D59
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Proton AccountProtonProton MailProton CalendarProton DriveProton VPN

Page URL History Show full URLs

  1. http://old.protonmail.com/ HTTP 307
    https://old.protonmail.com/ HTTP 301
    https://mail.proton.me/ Page URL
  2. https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0 Page URL

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

5
IPs

1
Countries

2050 kB
Transfer

6044 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://old.protonmail.com/ HTTP 307
    https://old.protonmail.com/ HTTP 301
    https://mail.proton.me/ Page URL
  2. https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://old.protonmail.com/ HTTP 307
  • https://old.protonmail.com/ HTTP 301
  • https://mail.proton.me/

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mail.proton.me/
Redirect Chain
  • http://old.protonmail.com/
  • https://old.protonmail.com/
  • https://mail.proton.me/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.proton.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.37 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-37.protonmail.ch
Software
/
Resource Hash
0f981ad7477731b1b5e49781e6d8c204ded78f4da5f6da58ed7fcc99ee0e4737
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1601
content-security-policy
default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
content-type
text/html; charset=UTF-8
date
Fri, 24 Feb 2023 06:16:00 GMT
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
expires
Wed, 11 Jan 1984 05:00:00 GMT
last-modified
Thu, 23 Feb 2023 13:08:06 GMT
onion-location
https://mail.protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion
pragma
no-cache
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

content-length
0
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
location
https://mail.proton.me
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0
index.e925d340.css
mail.proton.me/ 		194 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mail.proton.me/index.e925d340.css
Requested by
Host: mail.proton.me
URL: https://mail.proton.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.37 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-37.protonmail.ch
Software
/
Resource Hash
0ba4883f33e2e5e67854b5ea1f0cb7f58e97ad08647fff59585c0b2b5111a6be
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.proton.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
32886
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 13:08:06 GMT
etag
"308b7-5f55db41b3980-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:00 GMT
runtime.7a27a309.js
mail.proton.me/ 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.proton.me/runtime.7a27a309.js
Requested by
Host: mail.proton.me
URL: https://mail.proton.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.37 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-37.protonmail.ch
Software
/
Resource Hash
938e7919d5ad873337d3a14ea4bf1e176be835b880380dce85719fee50b381c7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.proton.me/
Origin
https://mail.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11715
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 13:08:06 GMT
etag
"4e1c-5f55db41b3980-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:00 GMT
pre.907743c1.js
mail.proton.me/ 		680 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.proton.me/pre.907743c1.js
Requested by
Host: mail.proton.me
URL: https://mail.proton.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.37 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-37.protonmail.ch
Software
/
Resource Hash
3fe84c7b20251d1895c3af2b60cc4b078b2acb7f29044c16d8c57eee90b5c64f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.proton.me/
Origin
https://mail.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
389
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 13:08:06 GMT
etag
"2a8-5f55db41b3980-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:00 GMT
index.b0416304.js
mail.proton.me/ 		2 MB
453 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.proton.me/index.b0416304.js
Requested by
Host: mail.proton.me
URL: https://mail.proton.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.37 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-37.protonmail.ch
Software
/
Resource Hash
921ca8b33ab9d0ca8bf46a353bcf755697a81f03044db11e90c092169e99d188
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.proton.me/
Origin
https://mail.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 13:08:06 GMT
etag
"1a55bd-5f55db41b3980-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:00 GMT
unsupported.28e67d25.js
mail.proton.me/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.proton.me/unsupported.28e67d25.js
Requested by
Host: mail.proton.me
URL: https://mail.proton.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.37 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-37.protonmail.ch
Software
/
Resource Hash
9cb8e4f7f940a52adcd13521153160d6fe9e938537ab8df5ff048953db86c605
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.proton.me/
Origin
https://mail.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2553
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 13:08:06 GMT
etag
"15ce-5f55db41b3980-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:00 GMT
csp
reports.proton.me/reports/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://reports.proton.me/reports/csp
Requested by
Host: mail.proton.me
URL: https://mail.proton.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.11 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-11.protonmail.ch
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.proton.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13088502d212eb7dcdd14bb1ee9b5691f912da253ad448565340d36ac91a56db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
ba4caefcdf5b36b438db.woff2
mail.proton.me/assets/ 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mail.proton.me/assets/ba4caefcdf5b36b438db.woff2?v=3.19
Requested by
Host: mail.proton.me
URL: https://mail.proton.me/index.e925d340.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.37 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-37.protonmail.ch
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.proton.me/index.e925d340.css
Origin
https://mail.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:00 GMT
content-security-policy
default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-length
227180
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 13:08:06 GMT
etag
"3776c-5f55db41b3980"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type
application/font-woff2
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:00 GMT
Primary Request authorize
account.proton.me/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Requested by
Host: mail.proton.me
URL: https://mail.proton.me/index.b0416304.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
99d24b46d70d381acd4efdf6a647b29b6f6763025e5153d18d62a41df104aacf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.proton.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1572
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
content-type
text/html; charset=UTF-8
date
Fri, 24 Feb 2023 06:16:00 GMT
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
expires
Wed, 11 Jan 1984 05:00:00 GMT
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
onion-location
https://account.protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion
pragma
no-cache
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0
index.e9c01d34.css
account.proton.me/ 		181 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/index.e9c01d34.css
Requested by
Host: account.proton.me
URL: https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
d1887ba4e7593189b17d02b3d473369002c812f46220f1f695979922b34a0b6b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
31214
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"2d2e7-5f4cef119e640-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
runtime.de6f6a69.js
account.proton.me/ 		21 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/runtime.de6f6a69.js
Requested by
Host: account.proton.me
URL: https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
54d18641e471d27f9e850bccf2690570e7b998a69e78374095f9a690aaa70aef
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Origin
https://account.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12499
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"52a0-5f4cef119e640-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
pre.8c733f5c.js
account.proton.me/ 		686 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/pre.8c733f5c.js
Requested by
Host: account.proton.me
URL: https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
b0d11ed3da8d10ee756dfdd0944fc447f0f044a05c009328410334a076d50e1e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Origin
https://account.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
390
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"2ae-5f4cef119e640-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
index.3c0e3d13.js
account.proton.me/ 		2 MB
567 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/index.3c0e3d13.js
Requested by
Host: account.proton.me
URL: https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
fa6801cf44781aa4db28973f1990858dd89fd0614c29bddea4eace91dfbe5633
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Origin
https://account.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"2111b0-5f4cef119e640-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
unsupported.2ccea1ad.js
account.proton.me/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/unsupported.2ccea1ad.js
Requested by
Host: account.proton.me
URL: https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
e67b306e31a023fd0e847e42b145030408f3a05e28a2dc257edac3b434e8ee3e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.proton.me/authorize?app=proton-mail&state=ySdKmrYQm5b8rBvQWEYaXXnySIKRhq-WwNI2JFnjiB0
Origin
https://account.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2555
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"15d4-5f4cef119e640-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
csp
reports.proton.me/reports/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://reports.proton.me/reports/csp
Requested by
Host: mail.proton.me
URL: https://mail.proton.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.11 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-11.protonmail.ch
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://account.proton.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13088502d212eb7dcdd14bb1ee9b5691f912da253ad448565340d36ac91a56db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
ba4caefcdf5b36b438db.woff2
account.proton.me/assets/ 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/ba4caefcdf5b36b438db.woff2?v=3.19
Requested by
Host: account.proton.me
URL: https://account.proton.me/index.e9c01d34.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.proton.me/index.e9c01d34.css
Origin
https://account.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-length
227180
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"3776c-5f4cef119e640"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type
application/font-woff2
access-control-allow-origin
https://account.proton.me
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
626.ac1e99e4.chunk.js
account.proton.me/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/626.ac1e99e4.chunk.js
Requested by
Host: account.proton.me
URL: https://account.proton.me/runtime.de6f6a69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
8111ca9a0b167c717d3a8ab3cddaa5aba1663ce69c28bc87a5b90471a6ab7455
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.proton.me/login
Origin
https://account.proton.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2718
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"24b9-5f4cef119e640-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
crypto-worker.68fc91cc.chunk.js
account.proton.me/ 		580 KB
175 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/crypto-worker.68fc91cc.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
8f2de3b7f3551392ab33796fb28cac8b93490958d610833dd641ab3264c149bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.proton.me/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"90f42-5f4cef119e640-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
crypto-worker.68fc91cc.chunk.js
account.proton.me/ 		580 KB
175 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/crypto-worker.68fc91cc.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
8f2de3b7f3551392ab33796fb28cac8b93490958d610833dd641ab3264c149bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.proton.me/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"90f42-5f4cef119e640-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
html
account-api.proton.me/challenge/v4/ Frame EC5D 		116 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account-api.proton.me/challenge/v4/html?Type=0&Name=login
Requested by
Host: account.proton.me
URL: https://account.proton.me/index.3c0e3d13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.41 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-41.protonmail.ch
Software
/
Resource Hash
608be8ea9eff4b09b1b42bdbe95bc4dd24fb994f414ab29323c6476aa0d40c0a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-Y/hWIWHXa4Bdvt1kKdO0iAAAACo' 'strict-dynamic' https:; style-src 'self' 'unsafe-inline'; font-src 'self' https://account.proton.me data:; img-src http: https: data: blob: cid:; frame-src https:; connect-src https: wss:; media-src https:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://account.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.proton.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access
application/vnd.protonmail.api+json;apiversion=4
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-Y/hWIWHXa4Bdvt1kKdO0iAAAACo' 'strict-dynamic' https:; style-src 'self' 'unsafe-inline'; font-src 'self' https://account.proton.me data:; img-src http: https: data: blob: cid:; frame-src https:; connect-src https: wss:; media-src https:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://account.proton.me;
content-type
text/html; charset=UTF-8
date
Fri, 24 Feb 2023 06:16:01 GMT
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
expires
Fri, 04 May 1984 22:15:00 GMT
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0
170a1a5fb468cdaa91bf.jpg
account.proton.me/assets/ 		72 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.proton.me/assets/170a1a5fb468cdaa91bf.jpg
Requested by
Host: account.proton.me
URL: https://account.proton.me/index.e9c01d34.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
96ccf3523e3e403ceb93a7fa39510aaf67b6db7375a89b4d777652dd3486395d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.proton.me/index.e9c01d34.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-length
74017
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"12121-5f4cef119e640"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type
image/jpeg
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
host.png
account.proton.me/assets/ 		42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.proton.me/assets/host.png
Requested by
Host: account.proton.me
URL: https://account.proton.me/index.e9c01d34.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.proton.me/index.e9c01d34.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-length
42
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Feb 2023 10:48:49 GMT
etag
"2a-5f4cef119e640"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type
image/png
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 06:16:01 GMT
features
account.proton.me/api/core/v4/ 		153 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/core/v4/features?Code=TrustedDeviceRecovery&Limit=1
Requested by
Host: account.proton.me
URL: https://account.proton.me/index.3c0e3d13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
1f5f767b4cd689191063cc534eade94ed44d2034dd7417b4dfe49ce16a141917
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
application/vnd.protonmail.v1+json
Referer
https://account.proton.me/login
accept-language
de-DE,de;q=0.9
x-pm-appversion
web-account@5.0.18.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
x-pm-locale
en_US

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=4
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
x-permitted-cross-domain-policies
none
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
x-xss-protection
0
expires
Fri, 04 May 1984 22:15:00 GMT
available
account.proton.me/api/domains/ 		54 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/domains/available?Type=login
Requested by
Host: account.proton.me
URL: https://account.proton.me/index.3c0e3d13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
3ba9fce180e0a7fe534adb72b6fc0240bbf47de8eebc5daaf4b66eeca712a434
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
application/vnd.protonmail.v1+json
Referer
https://account.proton.me/login
accept-language
de-DE,de;q=0.9
x-pm-appversion
web-account@5.0.18.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
x-pm-locale
en_US

Response headers

date
Fri, 24 Feb 2023 06:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me;
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=3
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
x-permitted-cross-domain-policies
none
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
x-xss-protection
0
expires
Fri, 04 May 1984 22:15:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| webpackChunkproton_account function| clearImmediate function| setImmediate object| __SENTRY__ function| saveAs number| protonSupportedBrowser

5 Cookies

Domain/Path Name / Value
.proton.me/ Name: Session-Id
Value: Y-hWIO8c@GRjszuKDc7powAAAC8
mail.proton.me/ Name: Tag
Value: default
.proton.me/ Name: Theme
Value: 0
account.proton.me/ Name: Tag
Value: default
account-api.proton.me/ Name: Tag
Value: default

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob:; script-src 'self' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; media-src 'self' blob:; frame-src 'self' blob: https://mail-api.proton.me https://account.proton.me https://verify.proton.me https://calendar.proton.me https://drive.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://calendar.proton.me https://drive.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-api.proton.me
account.proton.me
mail.proton.me
old.protonmail.com
reports.proton.me
185.70.42.11
185.70.42.23
185.70.42.36
185.70.42.37
185.70.42.41
0ba4883f33e2e5e67854b5ea1f0cb7f58e97ad08647fff59585c0b2b5111a6be
0f981ad7477731b1b5e49781e6d8c204ded78f4da5f6da58ed7fcc99ee0e4737
13088502d212eb7dcdd14bb1ee9b5691f912da253ad448565340d36ac91a56db
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
1f5f767b4cd689191063cc534eade94ed44d2034dd7417b4dfe49ce16a141917
3ba9fce180e0a7fe534adb72b6fc0240bbf47de8eebc5daaf4b66eeca712a434
3fe84c7b20251d1895c3af2b60cc4b078b2acb7f29044c16d8c57eee90b5c64f
54d18641e471d27f9e850bccf2690570e7b998a69e78374095f9a690aaa70aef
608be8ea9eff4b09b1b42bdbe95bc4dd24fb994f414ab29323c6476aa0d40c0a
8111ca9a0b167c717d3a8ab3cddaa5aba1663ce69c28bc87a5b90471a6ab7455
8f2de3b7f3551392ab33796fb28cac8b93490958d610833dd641ab3264c149bc
921ca8b33ab9d0ca8bf46a353bcf755697a81f03044db11e90c092169e99d188
938e7919d5ad873337d3a14ea4bf1e176be835b880380dce85719fee50b381c7
96ccf3523e3e403ceb93a7fa39510aaf67b6db7375a89b4d777652dd3486395d
99d24b46d70d381acd4efdf6a647b29b6f6763025e5153d18d62a41df104aacf
9cb8e4f7f940a52adcd13521153160d6fe9e938537ab8df5ff048953db86c605
b0d11ed3da8d10ee756dfdd0944fc447f0f044a05c009328410334a076d50e1e
d1887ba4e7593189b17d02b3d473369002c812f46220f1f695979922b34a0b6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67b306e31a023fd0e847e42b145030408f3a05e28a2dc257edac3b434e8ee3e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa6801cf44781aa4db28973f1990858dd89fd0614c29bddea4eace91dfbe5633