urlscan.io logo urlscan.io
SecurityTrails logo

mta-sts.echo-secure.com Open in urlscan Pro
185.205.69.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://mta-sts.echo-secure.com/
Submission: On October 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 185.205.69.10, located in United States and belongs to TUTA, DE. The main domain is mta-sts.echo-secure.com.
TLS certificate: Issued by R3 on October 10th 2023. Valid for: 3 months.
This is the only time mta-sts.echo-secure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 185.205.69.10 210909 (TUTA)
13 1
Apex Domain
Subdomains		 Transfer
13 echo-secure.com
mta-sts.echo-secure.com
287 KB
13 1
Domain Requested by
13 mta-sts.echo-secure.com mta-sts.echo-secure.com
13 1

This site contains links to these domains. Also see Links.

Domain
tutanota.com
Subject Issuer Validity Valid
mta-sts.echo-secure.com
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mta-sts.echo-secure.com/
Frame ID: D0892FB9B9F23F3AFB1A1FC068CB6647
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mail. Done. Right. Tutanota Login & Sign up for an Ad-free Mailbox

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

287 kB
Transfer

1047 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mta-sts.echo-secure.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
57578d52b7cb971263d7c50c7323b826ddb631d6cba507abf801d52bc963c960
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self'; child-src 'self'; font-src 'self'; img-src http: blob: data: *; style-src 'unsafe-inline'; frame-ancestors 'none'; base-uri 'none'; connect-src 'self' https://mta-sts.echo-secure.com wss://mta-sts.echo-secure.com https://tutanota.com https://*.api.tutanota.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
content-encoding
gzip
content-length
1048
content-security-policy
default-src 'none'; script-src 'self'; child-src 'self'; font-src 'self'; img-src http: blob: data: *; style-src 'unsafe-inline'; frame-ancestors 'none'; base-uri 'none'; connect-src 'self' https://mta-sts.echo-secure.com wss://mta-sts.echo-secure.com https://tutanota.com https://*.api.tutanota.com;
content-type
text/html;charset=utf-8
date
Tue, 10 Oct 2023 08:26:42 GMT
etag
W/"NgExEmO9CD8NgEwmJxejSI--gzip"
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1
polyfill.js
mta-sts.echo-secure.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/polyfill.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
dd1576d1741ef8daa8b7c4cf0429a37e973954c61ef13d907657979e7bd3ee12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:49:33 GMT
etag
W/"ijli0J2L4igijljWmJpHWQ--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
3193
x-xss-protection
1
index.js
mta-sts.echo-secure.com/ 		2 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/index.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
8b05db3505ef121e27a4b505fc8e320f23b5714b280de3382ceba1d4aa9a3e1c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"VQjLTy4sEt0VQjKxdHPm2I--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
740
x-xss-protection
1
app.js
mta-sts.echo-secure.com/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/app.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/polyfill.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
b28a18f940cf19c7e27e5b2f3762d2b390b15d6c5bed5b19bf9237547de4c079
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"zGiys5LYfw4zGizOW06mJc--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
29578
x-xss-protection
1
common-min-e1360136.js
mta-sts.echo-secure.com/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/common-min-e1360136.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/polyfill.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
293e2b8c26c6c3b32205488b03288db0f0739a13c659d6154b07b557f4f45c29
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"z67Cq/ISpr8z67DIQ3xvac--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
13072
x-xss-protection
1
sanitizer-ee15429e.js
mta-sts.echo-secure.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/sanitizer-ee15429e.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/polyfill.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
4fa55a8c7cf86250062e69501f80c2ace44cb96cf64cffd1b2aa4f27a8a91c61
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"6TA/s8kVo406TA+OTb2SH0--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
9662
x-xss-protection
1
main-cb337dbf.js
mta-sts.echo-secure.com/ 		223 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/main-cb337dbf.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/polyfill.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
a6f7808da728a941b420df0cbb841d7700bb63a9fd6386392d5e61e436e23130
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"Urp7yFnX6ysUrp6QqY3Hpg--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
64509
x-xss-protection
1
translation-en-83076e09.js
mta-sts.echo-secure.com/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/translation-en-83076e09.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/polyfill.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
a634b7fc00eca6ddc9a57f289761373573726297c600c56c02e9ebb544bfba93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"74ivu9sU34074iuMST242k--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
34209
x-xss-protection
1
polyfill-helpers-bc27a735.js
mta-sts.echo-secure.com/ 		512 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/polyfill-helpers-bc27a735.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/polyfill.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
18c56d8fa6442f675efbda437b22dc8281b265b68da85d87cf9d64d67e20d855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"DMzWK8MSLysDMzXoTzxojs--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
362
x-xss-protection
1
gui-base-db8c4293.js
mta-sts.echo-secure.com/ 		164 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/gui-base-db8c4293.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/polyfill.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
447cd5ba153fd3a12cd6c34d7ab20054e363b5b54c2d523baad98753d922ddba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"A6OK8OzL3MQA6OLehMq3G8--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
70915
x-xss-protection
1
common-4c47d861.js
mta-sts.echo-secure.com/ 		359 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/common-4c47d861.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/polyfill.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
8fd99e795ded2fface20b349b9bbd1bfd4e2fdc4fce6c07366988de37742eb69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"T1mt1stBTcwT1msXDSnXro--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
56692
x-xss-protection
1
login-628bb416.js
mta-sts.echo-secure.com/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/login-628bb416.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/polyfill.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
3335d909acfbbbee5a322ec4f2592297d3707e483a1d07a8f7b38fd0bd03ef2d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"GxP2oPYm/v4GxP3KgnFG5o--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
8318
x-xss-protection
1
worker-bootstrap.js
mta-sts.echo-secure.com/ 		178 B
250 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mta-sts.echo-secure.com/worker-bootstrap.js
Requested by
Host: mta-sts.echo-secure.com
URL: https://mta-sts.echo-secure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.205.69.10 , United States, ASN210909 (TUTA, DE),
Reverse DNS
Software
/
Resource Hash
881b4a7d50f14628cac5b646396ece7845978a5be8db7779a11185de7f79e4db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 08:26:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:50:18 GMT
etag
W/"cAi3TNagzMAcAi2xilDQ2I--gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript;charset=utf-8
access-control-expose-headers
Date
cache-control
no-cache,public,no-transform
accept-ranges
bytes
content-length
159
x-xss-protection
1

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| System function| unsupported object| whitelabelCustomizations object| env function| onorientationchange object| logger object| tutao

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src 'self'; child-src 'self'; font-src 'self'; img-src http: blob: data: *; style-src 'unsafe-inline'; frame-ancestors 'none'; base-uri 'none'; connect-src 'self' https://mta-sts.echo-secure.com wss://mta-sts.echo-secure.com https://tutanota.com https://*.api.tutanota.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1