urlscan.io logo urlscan.io
SecurityTrails logo

account.proton.me Open in urlscan Pro
185.70.42.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://edging.bdsmsecurity.com/
Effective URL: https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Submission: On April 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 29 HTTP transactions. The main IP is 185.70.42.36, located in Switzerland and belongs to PROTON, CH. The main domain is account.proton.me. The Cisco Umbrella rank of the primary domain is 62006.
TLS certificate: Issued by R3 on March 27th 2024. Valid for: 3 months.
This is the only time account.proton.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 193.243.189.83 56655 (TERRAHOST)
27 185.70.42.36 62371 (PROTON)
2 185.70.42.20 62371 (PROTON)
29 3
Apex Domain
Subdomains		 Transfer
29 proton.me
account.proton.me — Cisco Umbrella Rank: 62006
account-api.proton.me — Cisco Umbrella Rank: 177472
2 MB
1 bdsmsecurity.com
edging.bdsmsecurity.com
165 B
29 2
Domain Requested by
27 account.proton.me account.proton.me
2 account-api.proton.me account.proton.me
1 edging.bdsmsecurity.com 1 redirects
29 3

This site contains links to these domains. Also see Links.

Domain
proton.me
Subject Issuer Validity Valid
proton.me
R3		 2024-03-27 -
2024-06-25		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Frame ID: 274D22A11675AFB3F026029E0853CC8A
Requests: 27 HTTP requests in this frame

Frame: https://account-api.proton.me/challenge/v4/html?Type=0&Name=unauth
Frame ID: 622C65560FFA40E2CF498B6AC70F0E48
Requests: 1 HTTP requests in this frame

Frame: https://account-api.proton.me/challenge/v4/html?Type=0&Name=username
Frame ID: F90844247B8C219F094CE51FBA98539B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Try Proton Mail Plus for free with this link

Page URL History Show full URLs

  1. https://edging.bdsmsecurity.com/ HTTP 301
    https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0 Page URL

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

1993 kB
Transfer

6571 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://edging.bdsmsecurity.com/ HTTP 301
    https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request refer-a-friend
account.proton.me/
Redirect Chain
  • https://edging.bdsmsecurity.com/
  • https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
dce338c5b92fdda388f628ecf4f6a37cc8e6349552b139cbfe028b8316e740d8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1729
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
content-type
text/html; charset=UTF-8
date
Thu, 11 Apr 2024 09:14:29 GMT
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
expires
Wed, 11 Jan 1984 05:00:00 GMT
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
onion-location
https://account.protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion
pragma
no-cache
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

access-control-allow-origin
*
content-type
text/html
date
Thu, 11 Apr 2024 09:14:28 GMT
location
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
server
nginx/1.21.2
public.8130b9f0.css
account.proton.me/assets/ 		268 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/public.8130b9f0.css?v=5.0.108.1
Requested by
Host: account.proton.me
URL: https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
788492a808aff061d1e0321dbb1fa59f4630433244cbe9b685a287148ff2d258
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
20
content-length
44525
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
etag
"43023-61558ae4f4580-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
runtime.dfc965a7.js
account.proton.me/assets/ 		29 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/runtime.dfc965a7.js?v=5.0.108.1
Requested by
Host: account.proton.me
URL: https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
b05e7be4d1f36feadbdc4059e5e61dccf2b0e21997b343c49f12d659774da648
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Origin
https://account.proton.me
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
25
content-length
15258
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
etag
"7473-61558ae4f4580-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
pre.480754c1.js
account.proton.me/assets/ 		828 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/pre.480754c1.js?v=5.0.108.1
Requested by
Host: account.proton.me
URL: https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
7d9b0ae0110acb59222769eb67fa613618e2201170c30906c1c7baea56a1097a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Origin
https://account.proton.me
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
21
content-length
478
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
etag
"33c-61558ae4f4580-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
public.f876d39d.js
account.proton.me/assets/ 		4 MB
914 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Requested by
Host: account.proton.me
URL: https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
f35a7a372597531a195a5c4bd13670f9864ab8ea8b6e48134d2a236485b405b3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Origin
https://account.proton.me
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
etag
"3ce893-61558ae4f4580-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
unsupported.361a4a8a.js
account.proton.me/assets/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/unsupported.361a4a8a.js?v=5.0.108.1
Requested by
Host: account.proton.me
URL: https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
e25c0d6909fcdf1a46ef2a01f89aee7e1757491fa2662bdee89eef70c49418dc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Origin
https://account.proton.me
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
21
content-length
3366
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
etag
"1f8c-61558ae4f4580-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cfdbcf80c99a2666e810de78f93932251c3a30ddec9bec29d5087bd7047af31

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
InterVariable.a0e477f2f1f9d2376fde.woff2
account.proton.me/assets/ 		337 KB
339 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/InterVariable.a0e477f2f1f9d2376fde.woff2?v=5.0.108.1
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.8130b9f0.css?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/assets/public.8130b9f0.css?v=5.0.108.1
Origin
https://account.proton.me
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:06:48 GMT
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
age
463
etag
"545f4-61558ae4f4580"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type
font/woff2
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
content-length
345588
x-xss-protection
0
en-US.082e357d.chunk.js
account.proton.me/assets/date-fns/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/date-fns/en-US.082e357d.chunk.js?v=5.0.108.1
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/runtime.dfc965a7.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
3f45db501c069a151e1c24f668c6f51deae0f4f4b04c462c9d454267008919f4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Origin
https://account.proton.me
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
553
content-length
2647
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
etag
"2347-61558ae4f4580-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
favicon.85478299dafc69454be0.svg
account.proton.me/assets/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/favicon.85478299dafc69454be0.svg?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
e599e9db5cb154d9e98f8205cf02bea37fdcf39cccfde17c87ef8fa183342838
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
content-type
image/svg+xml
accept-ranges
bytes
content-length
494
x-xss-protection
0
crypto-worker.78eab9f4.chunk.js
account.proton.me/assets/ 		555 KB
178 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/crypto-worker.78eab9f4.chunk.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
c0e45a3048d466686ee42c3ca41dac4058d50b1aa1e00d8aae6a97414637f1c2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
etag
"8acf9-61558ae4f4580-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
favicon.ico
account.proton.me/assets/ 		33 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
b14b9633f3e695331dd486d257ba034ae6b807c950ea52c37ac37432982ec853
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:11:52 GMT
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
age
159
etag
"821e-61558ae4f4580"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type
image/vnd.microsoft.icon
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
content-length
33310
x-xss-protection
0
crypto-worker.78eab9f4.chunk.js
account.proton.me/assets/ 		555 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/crypto-worker.78eab9f4.chunk.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
c0e45a3048d466686ee42c3ca41dac4058d50b1aa1e00d8aae6a97414637f1c2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
age
12
etag
"8acf9-61558ae4f4580-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
x-xss-protection
0
html
account-api.proton.me/challenge/v4/ Frame 622C 		117 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account-api.proton.me/challenge/v4/html?Type=0&Name=unauth
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.20 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-20.protonmail.ch
Software
/
Resource Hash
3b967bba4945b3affbf8d82a80cc91db27b94b9d4a7421d0de0587ab58eeda9b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-Zhep-BnOILArEepkH3fccgAAAJw' 'strict-dynamic' https:; style-src 'self' 'unsafe-inline'; font-src 'self' https://account.proton.me data:; img-src http: https: data: blob: cid:; frame-src https:; connect-src https: wss:; media-src https:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://account.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://account.proton.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access
application/vnd.protonmail.api+json;apiversion=4
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-encoding
gzip
content-length
43774
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-Zhep-BnOILArEepkH3fccgAAAJw' 'strict-dynamic' https:; style-src 'self' 'unsafe-inline'; font-src 'self' https://account.proton.me data:; img-src http: https: data: blob: cid:; frame-src https:; connect-src https: wss:; media-src https:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://account.proton.me;
content-type
text/html; charset=UTF-8
date
Thu, 11 Apr 2024 09:14:32 GMT
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
expires
Fri, 04 May 1984 22:15:00 GMT
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0
sessions
account.proton.me/api/auth/v4/ 		198 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/auth/v4/sessions
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
1cafbc079707b5db1120cc80d9c5df556e6335247798dffcffb9cdfa5a8474be
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-pm-locale
en_US
accept
application/vnd.protonmail.v1+json
x-enforce-unauthsession
true
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=4
content-length
183
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://account.proton.me
access-control-expose-headers
Date, Retry-After
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
access-control-allow-credentials
true
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
expires
Fri, 04 May 1984 22:15:00 GMT
cookies
account.proton.me/api/core/v4/auth/ 		85 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/core/v4/auth/cookies
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
7e7d11b01e8b633c73066da1582b854f9422f1c6d226325d5f765ac20981a98a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer 46qcp6q32sanjs2q5mqm6zvglr7enpat
x-pm-locale
en_US
x-pm-uid
6tqyea2fav2xf67wwse7yqh5tbsrvzyx
Content-Type
application/json
accept
application/vnd.protonmail.v1+json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=4
content-length
101
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://account.proton.me
access-control-expose-headers
Date, Retry-After
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
access-control-allow-credentials
true
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
expires
Fri, 04 May 1984 22:15:00 GMT
frontend
account.proton.me/api/feature/v2/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/feature/v2/frontend?sessionId=980531984&appName=-&environment=default
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
56eab08bd7b4005f33b47dce1ee550295e37ad2fb205102bc553991109727419
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
-
x-pm-locale
en_US
x-pm-uid
6tqyea2fav2xf67wwse7yqh5tbsrvzyx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept
application/vnd.protonmail.v1+json, application/json
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=2
content-length
493
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
expires
Fri, 04 May 1984 22:15:00 GMT
payload
account.proton.me/api/auth/v4/sessions/ 		13 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/auth/v4/sessions/payload
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
4733b85883a9b044b5dc137df5011f7b68e852fa9381fe60d05aed26e45b1b9c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-pm-locale
en_US
x-pm-uid
6tqyea2fav2xf67wwse7yqh5tbsrvzyx
Content-Type
application/json
accept
application/vnd.protonmail.v1+json
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=4
content-length
33
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://account.proton.me
access-control-expose-headers
Date, Retry-After
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
access-control-allow-credentials
true
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
expires
Fri, 04 May 1984 22:15:00 GMT
html
account-api.proton.me/challenge/v4/ Frame F908 		114 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account-api.proton.me/challenge/v4/html?Type=0&Name=username
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.20 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-20.protonmail.ch
Software
/
Resource Hash
1a3ffcf0fb8b16535521f50effde7a09058322dd3d27a25e9f1d33e6acb24e74
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-Zhep-T6jM8aqQQTR7Mbi_wAAAEU' 'strict-dynamic' https:; style-src 'self' 'unsafe-inline'; font-src 'self' https://account.proton.me data:; img-src http: https: data: blob: cid:; frame-src https:; connect-src https: wss:; media-src https:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://account.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://account.proton.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access
application/vnd.protonmail.api+json;apiversion=4
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-encoding
gzip
content-length
42497
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-Zhep-T6jM8aqQQTR7Mbi_wAAAEU' 'strict-dynamic' https:; style-src 'self' 'unsafe-inline'; font-src 'self' https://account.proton.me data:; img-src http: https: data: blob: cid:; frame-src https:; connect-src https: wss:; media-src https:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://account.proton.me;
content-type
text/html; charset=UTF-8
date
Thu, 11 Apr 2024 09:14:33 GMT
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
expires
Fri, 04 May 1984 22:15:00 GMT
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0
host.png
account.proton.me/assets/ 		42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.proton.me/assets/host.png
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.8130b9f0.css?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/assets/public.8130b9f0.css?v=5.0.108.1
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:07:25 GMT
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
age
428
etag
"2a-61558ae4f4580"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type
image/png
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
content-length
42
x-xss-protection
0
%68%6f%73%74.%70%6e%67
account.proton.me/%61%73%73%65%74%73/ 		42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.proton.me/%61%73%73%65%74%73/%68%6f%73%74.%70%6e%67
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.8130b9f0.css?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/assets/public.8130b9f0.css?v=5.0.108.1
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:07:21 GMT
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
age
432
etag
"2a-61558ae4f4580"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type
image/png
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
content-length
42
x-xss-protection
0
public.8130b9f0.css
account.proton.me/assets/ 		268 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/public.8130b9f0.css?v=5.0.108.1
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
fd9193274e652221263b5c87615f9a4419aaa7221708afdc576df371a9276b48
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
age
20
content-length
44525
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
etag
"43023-61558ae4f4580-gzip"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
servers-count
account.proton.me/api/vpn/v1/ 		62 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/vpn/v1/servers-count
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
9b7f1b56ac325b3969ed7e4461c59dac448ae5ede0e0d05cc58609d6c03a9d87
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-pm-locale
en_US
x-pm-uid
6tqyea2fav2xf67wwse7yqh5tbsrvzyx
accept
application/vnd.protonmail.v1+json
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=1
content-length
78
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
expires
Fri, 04 May 1984 22:15:00 GMT
count
account.proton.me/api/vpn/countries/ 		97 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/vpn/countries/count
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
f4e3308b2db1fcac340ae9e5bfbba1d72b9aa591222323f814c399d6d7bc0ee0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-pm-locale
en_US
x-pm-uid
6tqyea2fav2xf67wwse7yqh5tbsrvzyx
accept
application/vnd.protonmail.v1+json
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=3
content-length
75
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
expires
Fri, 04 May 1984 22:15:00 GMT
count
account.proton.me/api/vpn/logicals/ 		41 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/vpn/logicals/count?GroupBy=Tier
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
2ee09a8404bb502477fd3a6a05380ef99abd5b4d4eb509bd7c72e1f056b0153e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-pm-locale
en_US
x-pm-uid
6tqyea2fav2xf67wwse7yqh5tbsrvzyx
accept
application/vnd.protonmail.v1+json
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=3
content-length
59
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
expires
Fri, 04 May 1984 22:15:00 GMT
available
account.proton.me/api/domains/ 		54 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/domains/available?Type=signup
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
3ba9fce180e0a7fe534adb72b6fc0240bbf47de8eebc5daaf4b66eeca712a434
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-pm-locale
en_US
x-pm-uid
6tqyea2fav2xf67wwse7yqh5tbsrvzyx
accept
application/vnd.protonmail.v1+json
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=3
content-length
67
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
expires
Fri, 04 May 1984 22:15:00 GMT
9PGDD15MN4S0
account.proton.me/api/core/v4/referrals/identifiers/ 		13 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/core/v4/referrals/identifiers/9PGDD15MN4S0
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
4733b85883a9b044b5dc137df5011f7b68e852fa9381fe60d05aed26e45b1b9c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-pm-locale
en_US
x-pm-uid
6tqyea2fav2xf67wwse7yqh5tbsrvzyx
accept
application/vnd.protonmail.v1+json
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=4
content-length
33
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
expires
Fri, 04 May 1984 22:15:00 GMT
plans
account.proton.me/api/payments/v4/ 		27 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/payments/v4/plans
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
c317798101c063a683b5a975eb0c4b4fd8b67da96846f99a28486770d00f0076
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-pm-locale
en_US
x-pm-uid
6tqyea2fav2xf67wwse7yqh5tbsrvzyx
accept
application/vnd.protonmail.v1+json
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=4
content-length
4439
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
expires
Fri, 04 May 1984 22:15:00 GMT
default
account.proton.me/api/payments/v4/plans/ 		392 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/api/payments/v4/plans/default
Requested by
Host: account.proton.me
URL: https://account.proton.me/assets/public.f876d39d.js?v=5.0.108.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
fff401ce2fe4d95a200f45321f06d585c90d21adfe1715d6748777650845e636
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-pm-locale
en_US
x-pm-uid
6tqyea2fav2xf67wwse7yqh5tbsrvzyx
accept
application/vnd.protonmail.v1+json
Referer
https://account.proton.me/refer-a-friend?referrer=9PGDD15MN4S0
x-pm-appversion
web-account@5.0.108.1
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
access
application/vnd.protonmail.api+json;apiversion=4
content-length
256
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary
Accept-Encoding
content-type
application/json
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
expires
Fri, 04 May 1984 22:15:00 GMT
InterVariable.a0e477f2f1f9d2376fde.woff2
account.proton.me/assets/ Frame F908 		337 KB
339 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.proton.me/assets/InterVariable.a0e477f2f1f9d2376fde.woff2?v=5.0.108.1&t=1712826873365
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.70.42.36 , Switzerland, ASN62371 (PROTON, CH),
Reverse DNS
185-70-42-36.protonmail.ch
Software
/
Resource Hash
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://account-api.proton.me/
Origin
https://account-api.proton.me
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 09:14:34 GMT
content-security-policy
default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 05 Apr 2024 12:34:46 GMT
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
etag
"545f4-61558ae4f4580"
expect-ct
max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type
font/woff2
access-control-allow-origin
https://account-api.proton.me
public-key-pins-report-only
pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges
bytes
content-length
345588
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkproton_account object| SENTRY_RELEASE function| clearImmediate function| setImmediate function| saveAs function| _ number| protonSupportedBrowser object| __SENTRY__

8 Cookies

Domain/Path Name / Value
account.proton.me/api/auth/refresh Name: REFRESH-6tqyea2fav2xf67wwse7yqh5tbsrvzyx
Value: %7B%22ResponseType%22%3A%22token%22%2C%22ClientID%22%3A%22WebAccount%22%2C%22GrantType%22%3A%22refresh_token%22%2C%22RefreshToken%22%3A%22sxf4nnhanlnxds4iwofhjlm3axptbbkm%22%2C%22UID%22%3A%226tqyea2fav2xf67wwse7yqh5tbsrvzyx%22%2C%22RedirectURI%22%3A%22https%3A%5C%2F%5C%2Fmail.proton.me%22%7D
account.proton.me/api/ Name: AUTH-6tqyea2fav2xf67wwse7yqh5tbsrvzyx
Value: lng6ygbnuor6v6dpzj2g6536fqypzr65
.proton.me/ Name: Session-Id
Value: Zhep9bDFvc17LJIc8v5L1AAAAF4
account.proton.me/ Name: Tag
Value: default
account.proton.me/ Name: Domain
Value: proton.me
account-api.proton.me/ Name: Tag
Value: default
.proton.me/ Name: ChargebeeSignupsFlag
Value: 1
.proton.me/ Name: ChargebeeFreeToPaidFlag
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-api.proton.me
account.proton.me
edging.bdsmsecurity.com
185.70.42.20
185.70.42.36
193.243.189.83
1a3ffcf0fb8b16535521f50effde7a09058322dd3d27a25e9f1d33e6acb24e74
1cafbc079707b5db1120cc80d9c5df556e6335247798dffcffb9cdfa5a8474be
2ee09a8404bb502477fd3a6a05380ef99abd5b4d4eb509bd7c72e1f056b0153e
3b967bba4945b3affbf8d82a80cc91db27b94b9d4a7421d0de0587ab58eeda9b
3ba9fce180e0a7fe534adb72b6fc0240bbf47de8eebc5daaf4b66eeca712a434
3f45db501c069a151e1c24f668c6f51deae0f4f4b04c462c9d454267008919f4
4733b85883a9b044b5dc137df5011f7b68e852fa9381fe60d05aed26e45b1b9c
56eab08bd7b4005f33b47dce1ee550295e37ad2fb205102bc553991109727419
788492a808aff061d1e0321dbb1fa59f4630433244cbe9b685a287148ff2d258
7cfdbcf80c99a2666e810de78f93932251c3a30ddec9bec29d5087bd7047af31
7d9b0ae0110acb59222769eb67fa613618e2201170c30906c1c7baea56a1097a
7e7d11b01e8b633c73066da1582b854f9422f1c6d226325d5f765ac20981a98a
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
9b7f1b56ac325b3969ed7e4461c59dac448ae5ede0e0d05cc58609d6c03a9d87
b05e7be4d1f36feadbdc4059e5e61dccf2b0e21997b343c49f12d659774da648
b14b9633f3e695331dd486d257ba034ae6b807c950ea52c37ac37432982ec853
c0e45a3048d466686ee42c3ca41dac4058d50b1aa1e00d8aae6a97414637f1c2
c317798101c063a683b5a975eb0c4b4fd8b67da96846f99a28486770d00f0076
dce338c5b92fdda388f628ecf4f6a37cc8e6349552b139cbfe028b8316e740d8
e25c0d6909fcdf1a46ef2a01f89aee7e1757491fa2662bdee89eef70c49418dc
e599e9db5cb154d9e98f8205cf02bea37fdcf39cccfde17c87ef8fa183342838
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35a7a372597531a195a5c4bd13670f9864ab8ea8b6e48134d2a236485b405b3
f4e3308b2db1fcac340ae9e5bfbba1d72b9aa591222323f814c399d6d7bc0ee0
fd9193274e652221263b5c87615f9a4419aaa7221708afdc576df371a9276b48
fff401ce2fe4d95a200f45321f06d585c90d21adfe1715d6748777650845e636