urlscan.io logo urlscan.io
SecurityTrails logo

protonmaillogin.com Open in urlscan Pro
2606:4700:3030::ac43:c7bc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://protonmaillogin.com/
Effective URL: https://protonmaillogin.com/
Submission: On March 25 via api from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3030::ac43:c7bc, located in United States and belongs to CLOUDFLARENET, US. The main domain is protonmaillogin.com.
TLS certificate: Issued by GTS CA 1P5 on March 24th 2024. Valid for: 3 months.
This is the only time protonmaillogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 104.18.70.113 13335 (CLOUDFLAR...)
2 65.108.8.93 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 162.159.138.6 13335 (CLOUDFLAR...)
27 6
16    2606:4700:3030::ac43:c7bc (United States)

ASN13335 (CLOUDFLARENET, US)
protonmaillogin.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
2    65.108.8.93 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.93.8.108.65.clients.your-server.de
decies.net
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    162.159.138.6 (None, )

ASN13335 (CLOUDFLARENET, US)
ringtech.zendesk.com
Apex Domain
Subdomains		 Transfer
16 protonmaillogin.com
protonmaillogin.com
341 KB
3 gstatic.com
fonts.gstatic.com
114 KB
3 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3545
ekr.zdassets.com — Cisco Umbrella Rank: 4283
38 KB
2 decies.net
decies.net
66 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 112
2 KB
1 zendesk.com
ringtech.zendesk.com
957 B
27 6
Domain Requested by
16 protonmaillogin.com protonmaillogin.com
3 fonts.gstatic.com fonts.googleapis.com
2 decies.net protonmaillogin.com
decies.net
2 static.zdassets.com protonmaillogin.com
static.zdassets.com
2 fonts.googleapis.com protonmaillogin.com
1 ringtech.zendesk.com static.zdassets.com
1 ekr.zdassets.com static.zdassets.com
27 7

This site contains no links.

Subject Issuer Validity Valid
protonmaillogin.com
GTS CA 1P5		 2024-03-24 -
2024-06-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
zdassets.com
E1		 2024-03-03 -
2024-06-01		 3 months crt.sh
decies.net
R3		 2024-03-14 -
2024-06-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
zendesk.com
E1		 2024-03-24 -
2024-06-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://protonmaillogin.com/
Frame ID: 0E9489443E350AF477102560E15C8BD9
Requests: 25 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-f2541d6fb2be34c39814.js
Frame ID: F110F03E619E7CB07760B5A1DCB4ADEE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ProtonMail: Login - protonmail sign up - protonmail download

Page URL History Show full URLs

  1. http://protonmaillogin.com/ HTTP 307
    https://protonmaillogin.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

96 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

562 kB
Transfer

1255 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://protonmaillogin.com/ HTTP 307
    https://protonmaillogin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://protonmaillogin.com/wp-includes/js/wp-emoji-release.min.js HTTP 307
  • https://protonmaillogin.com/wp-includes/js/wp-emoji-release.min.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
protonmaillogin.com/
Redirect Chain
  • http://protonmaillogin.com/
  • https://protonmaillogin.com/
44 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e881b8e24dea3598ced9108351fee146d15c3d41b0dfb855e11ccede3793f84

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86a0cf8cf8ea0e18-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 25 Mar 2024 18:02:14 GMT
last-modified
Sat, 03 Jul 2021 02:24:17 2JulGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2F%2FuNIcN7SGokOYxKvKiTN6Uwvxv1BMWIsYbFwWtfL84k8C87lyax41h6rsw%2FL5FEug6ARRkolpOJdjcBw6IDGQLFFEOuJ4SPB2ltZ1B%2BqgiVd3PltaoXjS8Aho%2BIYb20y07hT7bi06Jk68Sq3xZ%2Fjy9"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://protonmaillogin.com/
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
protonmaillogin.com/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 09 Apr 2021 13:39:50 13AprGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2e7e1d1c1d4d446a1b6b63295757d859"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3clm9KwdRJsNffA%2Fuu775xxfR6IQw%2BBGI1akajWUO3I7IBIWXcaGgXPFkmyt3H2KsVJenCAP7KPO3dRJovSKm7yv9zvGIVzHI1in0jqjABtcGGpnItAv5dzXbOA3H03F0LNKgCeR2s%2B0ocAhMmx0gDTb"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
cf-ray
86a0cf8dba160e18-AMS
alt-svc
h3=":443"; ma=86400
theme.min.css
protonmaillogin.com/wp-includes/css/dist/block-library/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/wp-includes/css/dist/block-library/theme.min.css
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 09 Apr 2021 13:39:46 13AprGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9bd313fbce9688ed85c407ad4d0a7c13"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=21j9TxpIAztWgH7iPyjrCa6QeGtbNTYCKG9AcjTS5rFKZAR6MEPP%2BHXFph0tO0OGkxHVcZiuJlwm7hLB2oJa83ohFa0K33PmRezLZtHf1p2V4oXOCMjqTqPoL7dWQ35JawSH5j1iqpPf8ZD8xs453IQ0"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
cf-ray
86a0cf8dba180e18-AMS
alt-svc
h3=":443"; ma=86400
style.css
protonmaillogin.com/wp-content/themes/schema-lite/ 		43 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/wp-content/themes/schema-lite/style.css
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a413301e3cea1d176ac2fa9d46b7fa0006d8d50edd219c38ca69c984f7aa94

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 09 Apr 2021 13:39:45 13AprGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"cbbaa54bc04b19dc4ec48238d08ca850"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DD6l0GkaqdvDFST9wf7doweN6X2eCu4h9XtSinorinAmMMSHi0Y1F45olsrH%2Fg734K2fHfvsNBWg3hz%2FjepO9TBkUOkqckXTQ56h1KFUjyG1MT8%2FyQfAX2W7ig7UzISHnk%2FKzL5GWefJdQDeYqhEB5TP"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
cf-ray
86a0cf8dba1a0e18-AMS
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bf8982b3abefe6d78747435ef2a94e1cc1d108e7f8f7d3aab62caa456f7b07a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 18:02:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 18:02:14 GMT
js_composer.min.css
protonmaillogin.com/wp-content/plugins/js_composer/assets/css/ 		473 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a08fb62d38719acbdb18518d226c0544f2e8b5c665bfdc13123c9adc8ee7bdf7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 03 Jul 2021 02:24:17 2JulGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e772d86b70a8d0bda26e8a364f7ea494"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abgca4li7LONvtNffq0u%2Fj8cz4GINFRx9F1%2BCs86dTWwmQYfs%2FhsRsirUck8mUnIZMrVW8OP285bXOCgONi1gnw6JUXgy5OdrW6lyxGmijKJvanrV%2F5VrzKOUwZjDnJIr3bYTpe6KyzD5WueId%2BfBjYH"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
cf-ray
86a0cf8dba200e18-AMS
alt-svc
h3=":443"; ma=86400
jquery.js
protonmaillogin.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 03 Jul 2021 02:24:16 2JulGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"49edccea2e7ba985cadc9ba0531cbed1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUIfVy%2BqyeNOCVH0Bth%2FHD%2FVZ1q%2B1ET8w4TD66JxT2GgYdEJ%2BH2DYRCD0Kp%2FRNWQ5MTd3JCasJUPWAv4vAdtTTRd%2Bc6syuSX5ZMnsiiqEdV9ylHKzoENN2q3amFz75KSUXr94BapozaucjWJKFuwtGV7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
86a0cf8dba240e18-AMS
alt-svc
h3=":443"; ma=86400
customscripts.js
protonmaillogin.com/wp-content/themes/schema-lite/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/wp-content/themes/schema-lite/js/customscripts.js
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e27c653773a5c9a41e50e3131caefcee7cfa28d5de219732712a752bb95ec1e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 09 Apr 2021 13:39:48 13AprGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"8f105d1f44ba37cf8219b096aa18e76d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yt6AQz%2F2ttkdSXr82C3QNRN%2BAzijceYgk3BzCZIiwtXQyp9mm%2F232%2BJ8B3%2FN1W53zDN20TVyTlzgxuf06XRZQfGYZ8dIU9mt2GxLCxWXcQh7mSaIV0FSXPqVcn2EPZGjlk1O7xUwGFLXPCdysutdIX9o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
86a0cf8dba270e18-AMS
alt-svc
h3=":443"; ma=86400
wp-emoji-release.min.js
protonmaillogin.com/wp-includes/js/
Redirect Chain
  • http://protonmaillogin.com/wp-includes/js/wp-emoji-release.min.js
  • https://protonmaillogin.com/wp-includes/js/wp-emoji-release.min.js
0
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H3
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbmEwmBHfHg1QSTNHvnfr9126IRyX4066aCiXv0QGGJKjoY750luX%2Flq%2FMnsCjbFZBE6i5GKht7YP43NLZF2GHrYlgu6NuJmOLygjXs9i5Q6QwrKvqlK%2FmXKb%2F05tvUirL6GBs%2Fm%2Bo1LBsT2B6uYL9Ns"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2592000
cf-ray
86a0cf8ebfb3bb4f-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

Location
https://protonmaillogin.com/wp-includes/js/wp-emoji-release.min.js
Non-Authoritative-Reason
DNS
Cross-Origin-Resource-Policy
Cross-Origin
logo.png
protonmaillogin.com/wp-content/uploads/2020/11/ 		700 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protonmaillogin.com/wp-content/uploads/2020/11/logo.png
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4c4d2f0cf3844667f49dd812959b96889e2d3c12af1fb4956d286d151bd1fd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Jul 2021 02:24:15 2JulGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d5768d6676f78c7e0424950c4fd1a80a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0QSk5DbaAo3m324AFspgVWC0Qm%2FRdnhpssxizky0PdINxEiXKuZYorWdRuGg4c0T7dYreSP5PKHYtld%2F67geDe8hb0OwzVUHoeRFLWXFcsIXBEw6FMpQ5x6AXkycr%2FO4rUVB39K20grPHEn%2BxxRjYHr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
cf-ray
86a0cf8f283fbb4f-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		3 KB
654 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&ver=5.5.5
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 16:34:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 18:02:14 GMT
wp-embed.min.js
protonmaillogin.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/wp-includes/js/wp-embed.min.js
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 09 Apr 2021 13:39:44 13AprGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"905225d5711b559d3092387d5ffbedbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7g%2B2nMyVN1ULlPnEo5AbX0v3FsLLjrDIJXhMoG0xVyuqSoR0z5BxViMhYlok0M1GjcGSwNvDrTiXZ9x3bNdvFp77t77yA%2FSH0aa5dbUw5siRlhB0JehC9epIdtUPw9AtdFJtWrFNXtFLTowNT6HuCS6q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
86a0cf8dfeafbb4f-FRA
alt-svc
h3=":443"; ma=86400
js_composer_front.min.js
protonmaillogin.com/wp-content/plugins/js_composer/assets/js/dist/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 03 Jul 2021 02:24:16 2JulGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9d22f9409c43e4abec30c88531a5c5df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HhUS4NjliPoygvvdGeFJYi2uRvdJeGGlOprkOIFaG6aaq70K9%2Fh03e4eQvawibLxEuBy69gRpTy5YkfqqIh04y0PtkG6k7SImaDPstHesUF%2F414zRHS2lvXd612cmU7e71MNPmyIUx8JaLzCmqTeb%2BKJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
86a0cf8e2ee2bb4f-FRA
alt-svc
h3=":443"; ma=86400
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=cc6b2b4a-fd98-4ead-8bed-e389a2d884e8
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
CYEYQJYMT4QZ3T8W
age
52
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
w9Ykh+WtFixOrLFiNzGhpYHZOwk6DKoyxfhtDfVQkoErmToTSi1OHWtlNSPdHtDc+O/3ZoaZyAk=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5KL3wBycwgoI8Ce5j7LIFaHcbQAODm%2BXDBo%2FYzdIBpXXvibO4wCvmYiC3SDdtpJd1byIBngJMtzaux7Pb2n4uLd1BGyVoyjFuScUXcLdAXCxc4kbtsDqGQpLa9DUFLalrRM5ug%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
86a0cf8e882591d1-FRA
access-control-allow-headers
*
matomo.js
decies.net/ma/ 		65 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://decies.net/ma/matomo.js
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
65.108.8.93 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.93.8.108.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 25 Mar 2024 18:02:14 GMT
Last-Modified
Mon, 18 Mar 2024 10:29:19 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65f8177f-1042f"
Content-Type
application/javascript
Cache-Control
max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66607
Expires
Mon, 25 Mar 2024 19:02:14 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://protonmaillogin.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 19 Mar 2024 07:44:56 GMT
x-content-type-options
nosniff
age
555438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:44:56 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&ver=5.5.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://protonmaillogin.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:34:04 GMT
x-content-type-options
nosniff
age
1690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Mar 2025 17:34:04 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://protonmaillogin.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 19 Mar 2024 02:18:26 GMT
x-content-type-options
nosniff
age
575028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34328
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:54:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 02:18:26 GMT
slider.jpg
protonmaillogin.com/wp-content/uploads/2020/11/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protonmaillogin.com/wp-content/uploads/2020/11/slider.jpg
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519e2bb5e847cf119890d8b3bfc1bc5ff66be4a281534cc94b5d6e8008be4586

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Jul 2021 02:24:17 2JulGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0a495dffd1b7323601e0acb28d24827d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IEvxdhsx7J%2BCiq9eCb06illxbvRN6mEUkGC711zMD%2BKedxoTh3Zvql9TH%2Bwn3O6UJtm6zmhjDeO%2B8xTjyvZP%2FBOqSrC2%2FL8YgQI2R%2BkpQx1nB0lQpAaI%2FguNnm8Va5cTkg1QKILLSrMqcWGXKqJxy2kx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
cf-ray
86a0cf8f58bdbb4f-FRA
alt-svc
h3=":443"; ma=86400
new-account.jpg
protonmaillogin.com/wp-content/uploads/2020/11/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protonmaillogin.com/wp-content/uploads/2020/11/new-account.jpg
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b2d056af751552365290ffaf3d4677e8608cd2b90d9b099029c636de7fc463

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Jul 2021 02:24:15 2JulGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e4bcdb0f5edecf2035ad6f11c9922f9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9u6hA1R1OII8EUiRXm6G6x%2BbYOJWbp1Kn1Wt%2FtZP6Py5sPWOl3PQC72D6hkcnar1g%2FnJTNJZFZAwRnLpScWHNHoAJohXJt7I8KqU3VJ0lbQ3jGhW6c7XXaPvo99eTqc%2F6NNqEDES2pywoZl%2BS6jwD1Hp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
cf-ray
86a0cf8f58c3bb4f-FRA
alt-svc
h3=":443"; ma=86400
paid-account.jpg
protonmaillogin.com/wp-content/uploads/2020/11/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protonmaillogin.com/wp-content/uploads/2020/11/paid-account.jpg
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9486e186bf60f90bd0096d80cfc8869c77839c4204b1dcc06dcef04bf039d77f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Jul 2021 02:24:17 2JulGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0485d62d40c2a85b154daca058a4e192"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKrloNG8CNWy3ksBEhqoz%2FBDNPUGuaQLH9W0XAB1sJpEnO8co2%2Beh%2BZjM%2BSDHU1Vujyona0RyA91sSb4WVoWUAOVLsB02jSY5a8iTprr0ubUm9CY3osvjO5SNhO1x7H8WDk%2BAc9sJ4Vr91I8zSuiypT3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
cf-ray
86a0cf8f58cabb4f-FRA
alt-svc
h3=":443"; ma=86400
based-in-usa.jpg
protonmaillogin.com/wp-content/uploads/2020/11/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protonmaillogin.com/wp-content/uploads/2020/11/based-in-usa.jpg
Requested by
Host: protonmaillogin.com
URL: https://protonmaillogin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a238cfbfae4c2eb6573f7eb23b5695cf9c1a1695efffa310dfaade7e89af9a8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Jul 2021 02:24:17 2JulGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"441b0dcf7ddcb8a1461fe8be733f11d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a25qbYCPvbeU6KTYmsAIKusXapBD3C0I4YUqmoP96HCb4%2FuhTMv92AFlXht0f95nKyUXbxBk%2FaTQMFapnQYPsWecNvre%2BuxtsyqYVrY2lBxVB%2Bi3T5SwHcD2kiXhpyT8IEABwcQY2czPtRR2ZP5dPaDO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
cf-ray
86a0cf8f58d2bb4f-FRA
alt-svc
h3=":443"; ma=86400
cc6b2b4a-fd98-4ead-8bed-e389a2d884e8
ekr.zdassets.com/compose/ 		345 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/cc6b2b4a-fd98-4ead-8bed-e389a2d884e8
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=cc6b2b4a-fd98-4ead-8bed-e389a2d884e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7c04bb3a47cd807bd3332fd6de9bedaf3d18e84696b3267696ce8e6c0272846
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8696f70c094381c4-SEA, 8696f70c094381c4-SEA
x-runtime
0.017390
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"b7c04bb3a47cd807bd3332fd6de9beda"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HgdKh2L3Qlt0IiyMRtqTmk0bDGLQ5%2ByGGMbwAR%2FFJDvpDb%2FADTBpwhUCT69NZmLkFsBI3evkvNYff%2Fkf1IRLBv3Bqo7PbOk0YzWKd5IfGsU8o2KD29Bg5t7FKqkrds%2BgZY8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
86a0cf8f7e90195c-FRA
matomo.php
decies.net/ma/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://decies.net/ma/matomo.php?action_name=ProtonMail%3A%20Login%20-%20protonmail%20sign%20up%20-%20protonmail%20download&idsite=8066&rec=1&r=473550&h=19&m=2&s=14&url=https%3A%2F%2Fprotonmaillogin.com%2F&_id=3032a7a3948172dc&_idn=1&send_image=0&_refts=0&pv_id=oUTv6E&pf_net=61&pf_srv=109&pf_tfr=54&pf_dm1=273&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.58%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.58%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=800x600
Requested by
Host: decies.net
URL: https://decies.net/ma/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
65.108.8.93 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.93.8.108.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
https://protonmaillogin.com
Date
Mon, 25 Mar 2024 18:02:14 GMT
Strict-Transport-Security
max-age=15768000, max-age=31536000;
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
protonmail-favicon.jpg
protonmaillogin.com/wp-content/uploads/2020/09/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://protonmaillogin.com/wp-content/uploads/2020/09/protonmail-favicon.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c7bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
598aea5a2138c74be6c0554eb47a7b15764d0d48b04cadcb945067045640e150

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protonmaillogin.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Jul 2021 02:24:15 2JulGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62938c0285adebc057f538d561bc0232"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1JZtr%2FP9gIOl1WEUJOra%2F7CIDPGIfrmBSjCBAJ6K8NWd%2FBH8uOWoAxHR0ehSuWHF0Jl%2BYv8gX7k9ICadyihgntJjMU0YTSIHIGo2%2FF6cLI9WPFZo0APvwdqFpD3JPoSnJg2R2Jr6bKYzh9NMu0225WU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
cf-ray
86a0cf9049e4bb4f-FRA
alt-svc
h3=":443"; ma=86400
web-widget-framework-f2541d6fb2be34c39814.js
static.zdassets.com/web_widget/latest/ Frame F110 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-f2541d6fb2be34c39814.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=cc6b2b4a-fd98-4ead-8bed-e389a2d884e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8877753b7ab2a196ef088add01233f64ec66bbcc4d1122ba09b540ace64b31c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:14 GMT
x-amz-version-id
Oc_7gec3CEudN0dDcLkCPo7dX1q95toB
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4C4DYBZPHWTTG3CA
age
549327
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
aknE5swFRTkQqzDqnXFMWhjvnzuR5eR6Zdw8Zc93/NnrUkL6VPP7xrkdFb9xdn8E0OipIenme9uy57Ofp4HQhQ==
last-modified
Thu, 07 Mar 2024 14:09:00 GMT
server
cloudflare
etag
W/"d6e76ab73fe7762d242e5893147de723"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X9Vst9MqsxhDYSL%2Bw8i%2F7RNcoiN37zx5Acy0IiMfi1gmnQ70hSvdjuQ6TzcFLd410iRHVwyT4Jq2SO%2B%2BQNsi4FDPkl1KNITAJgNxzhX%2FntCuG1%2FCVu8oICJ%2BY79OWb1rLZm2wa4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
86a0cf90e9fe91d1-FRA
access-control-allow-headers
*
expires
Fri, 07 Mar 2025 14:08:58 GMT
config
ringtech.zendesk.com/embeddable/ Frame F110 		15 B
957 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ringtech.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-f2541d6fb2be34c39814.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:02:15 GMT
strict-transport-security
max-age=0;
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-747f666657-qjgzc
x-request-id
86a0cf915a9003e4-FRA, 86a0cf915a9003e4-FRA
x-runtime
0.009528
server
cloudflare
x-zendesk-zorg
yes
vary
Accept, Origin, Accept-Encoding
access-control-max-age
7200
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u1aRG1MMHC927RGz8im4523oHwYoztqDERL4mC49J5huseN1Xa5A82fyijCYrjVaSVQEgBXn0btfEWsjhMULkN5tOWxAqsdea%2FVH06HkBDPy22lKl1sHsfRCDbul1COkYiPHNsqL"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=3600
content-type
text/plain; charset=utf-8
cf-ray
86a0cf915a9003e4-FRA

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| _paq object| wp function| vc_js string| screen_size function| getSizeName function| loadScript function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| vc_googleMapsPointer function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content object| jQuery112404485911319493543 object| zEWebpackACJsonp function| zE function| zEmbed object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log boolean| zEACLoaded

2 Cookies

Domain/Path Name / Value
protonmaillogin.com/ Name: _pk_id.8066.2afe
Value: 3032a7a3948172dc.1711389734.
protonmaillogin.com/ Name: _pk_ses.8066.2afe
Value: 1

2 Console Messages

Source Level URL
Text
security warning URL: https://protonmaillogin.com/(Line 26)
Message:
Mixed Content: The page at 'https://protonmaillogin.com/' was loaded over HTTPS, but requested an insecure script 'http://protonmaillogin.com/wp-includes/js/wp-emoji-release.min.js'. This content should also be served over HTTPS.
network error URL: https://ringtech.zendesk.com/embeddable/config
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

decies.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
protonmaillogin.com
ringtech.zendesk.com
static.zdassets.com
104.18.70.113
162.159.138.6
2606:4700:3030::ac43:c7bc
2a00:1450:4001:806::2003
2a00:1450:4001:827::200a
65.108.8.93
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd
30b2d056af751552365290ffaf3d4677e8608cd2b90d9b099029c636de7fc463
4e881b8e24dea3598ced9108351fee146d15c3d41b0dfb855e11ccede3793f84
519e2bb5e847cf119890d8b3bfc1bc5ff66be4a281534cc94b5d6e8008be4586
598aea5a2138c74be6c0554eb47a7b15764d0d48b04cadcb945067045640e150
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5bf8982b3abefe6d78747435ef2a94e1cc1d108e7f8f7d3aab62caa456f7b07a
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
7a238cfbfae4c2eb6573f7eb23b5695cf9c1a1695efffa310dfaade7e89af9a8
7e27c653773a5c9a41e50e3131caefcee7cfa28d5de219732712a752bb95ec1e
8877753b7ab2a196ef088add01233f64ec66bbcc4d1122ba09b540ace64b31c2
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
9486e186bf60f90bd0096d80cfc8869c77839c4204b1dcc06dcef04bf039d77f
a08fb62d38719acbdb18518d226c0544f2e8b5c665bfdc13123c9adc8ee7bdf7
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
b7c04bb3a47cd807bd3332fd6de9bedaf3d18e84696b3267696ce8e6c0272846
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d8a413301e3cea1d176ac2fa9d46b7fa0006d8d50edd219c38ca69c984f7aa94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4c4d2f0cf3844667f49dd812959b96889e2d3c12af1fb4956d286d151bd1fd