urlscan.io logo urlscan.io
SecurityTrails logo

todentaminen.posti.fi Open in urlscan Pro
65.9.95.91  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://todentaminen.posti.fi/uas/authn/*/view?_id=bb16f1cc-518e-445b-91f9-802c224090af&entityID=5b05bc63-9195-4687-9ac0-df872...
Effective URL: https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Submission: On May 21 via manual from AT — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 65.9.95.91, located in United States and belongs to AMAZON-02, US. The main domain is todentaminen.posti.fi.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 31st 2024. Valid for: a year.
This is the only time todentaminen.posti.fi was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: MobilePay (Financial)

Domain & IP information

IP Address AS Autonomous System
1 18 65.9.95.91 16509 (AMAZON-02)
17 1
Apex Domain
Subdomains		 Transfer
18 posti.fi
todentaminen.posti.fi
193 KB
17 1
Domain Requested by
18 todentaminen.posti.fi 1 redirects todentaminen.posti.fi
17 1

This site contains links to these domains. Also see Links.

Domain
www.posti.fi
Subject Issuer Validity Valid
prd.auth.posticloud.fi
Amazon RSA 2048 M03		 2024-01-31 -
2025-03-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Frame ID: C5A1305EAEDF49FA664168EE4A0FB4BF
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Posti

Page URL History Show full URLs

  1. http://todentaminen.posti.fi/uas/authn/*/view?_id=bb16f1cc-518e-445b-91f9-802c224090af&entityID=5b05bc63-... HTTP 307
    https://todentaminen.posti.fi/uas/authn/*/view?_id=bb16f1cc-518e-445b-91f9-802c224090af&entityID=5b05bc63-... HTTP 302
    https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

192 kB
Transfer

291 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://todentaminen.posti.fi/uas/authn/*/view?_id=bb16f1cc-518e-445b-91f9-802c224090af&entityID=5b05bc63-9195-4687-9ac0-df872... HTTP 307
    https://todentaminen.posti.fi/uas/authn/*/view?_id=bb16f1cc-518e-445b-91f9-802c224090af&entityID=5b05bc63-9195-4687-9ac0-df872... HTTP 302
    https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872... Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request view
todentaminen.posti.fi/uas/error/
Redirect Chain
  • http://todentaminen.posti.fi/uas/authn/*/view?_id=bb16f1cc-518e-445b-91f9-802c224090af&entityID=5b05bc63-9195-4687-9ac0-df872...
  • https://todentaminen.posti.fi/uas/authn/*/view?_id=bb16f1cc-518e-445b-91f9-802c224090af&entityID=5b05bc63-9195-4687-9ac0-df872...
  • https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
7aa067551ebceb07ef031e5661461379ab6be9ecd4f381ee27ca0f1b22256604
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-language
fi
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
content-type
text/html;charset=utf-8
date
Tue, 21 May 2024 12:58:44 GMT
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-cf-id
jtcDO9MV8Nu5atixWROP4WETKPwbljFpF7fsVfYue4AD9UlkSKttlQ==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block

Redirect headers

cache-control
private no-cache no-store must-revalidate max-age=0
content-length
0
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
date
Tue, 21 May 2024 12:58:44 GMT
expires
0
location
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
pragma
no-cache
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-cf-id
EGPg_8nZbl_y-w7J7G4DOOH8DCuCADUj2tz3RmPaudpKxGCAU9G2OA==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
style.css
todentaminen.posti.fi/uas/template/default/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
d63dc7a0d1c160e21a23d2b4fadebf955439759044d238649de014296d97e0be
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2024 09:53:22 GMT
server
CloudFront
x-frame-options
deny
vary
Accept-Encoding
content-type
text/css
cache-control
public
x-amz-cf-id
w6NmqTgmPze7ykRxx44WdMqjsLkLYJECHN8HZGrGkh3kJXdAY2ZRqA==
expires
Tue, 21 May 2024 13:58:44 GMT
jquery.min.js
todentaminen.posti.fi/uas/webjars/jquery/3.7.1/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/webjars/jquery/3.7.1/jquery.min.js
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 29 Aug 2023 10:45:18 GMT
server
CloudFront
etag
W/"87533-1693305918000"
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
L1zjklbKVTRdXpTqIsXVtAqYT1PeioTeITkiVDign_hVAOY7ioU8vg==
view.js
todentaminen.posti.fi/uas/template/default/resource/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/template/default/resource/view.js?locale=fi
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
9e237344b18f7f0084cce23f540de53ae79136d9dac59c4f438439266fdbab83
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 04 Apr 2024 20:27:49 GMT
server
CloudFront
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
cache-control
public
x-amz-cf-id
OKumVTV_Nw3XK7zqz7LzmYnJ9kk4IvE8EyudSHCmQdzhiEdxqXq9nw==
expires
Tue, 21 May 2024 13:58:44 GMT
script.js
todentaminen.posti.fi/uas/template/default/resource/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/template/default/resource/script.js?locale=fi
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
596af74d8179ebc97c9c5ccae92fd4659c561709f5146064d58ebda10f59eae3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 04 Apr 2024 20:27:49 GMT
server
CloudFront
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
cache-control
public
x-amz-cf-id
_oBdTCfrL7d0PdGvypTxt3xxRe369zE0GK9gGfrDqEIYQYd_PGEABg==
expires
Tue, 21 May 2024 13:58:44 GMT
xhr.js
todentaminen.posti.fi/uas/template/default/resource/script/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/template/default/resource/script/xhr.js?locale=fi
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e77180ce5a2fc5dba86aaf8621d09f584459bf4f3b0694838f79f6e1df77733b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 04 Apr 2024 20:27:49 GMT
server
CloudFront
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
cache-control
public
x-amz-cf-id
tis2NHfygmR8HABNMixMErOtIzYzKKNJvCfA1_C-_nvq9TAVv-6iuQ==
expires
Tue, 21 May 2024 13:58:44 GMT
posti_common.js
todentaminen.posti.fi/uas/template/default/resource/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/template/default/resource/posti_common.js?locale=fi
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
685e9cd87f2026059a596f6eb45e9a4a222eba41da1d0e4805c4ea8fc63843b2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 10:37:44 GMT
server
CloudFront
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
cache-control
public
x-amz-cf-id
X8hhf6SmlfeloMXrGm6WhAP6hVpAHrqU4MGzrRPjJ3W269oo1l-P-g==
expires
Tue, 21 May 2024 13:58:44 GMT
logo
todentaminen.posti.fi/uas/template/default/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://todentaminen.posti.fi/uas/template/default/logo?locale=fi
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
7369dc918fd559a14c5b719f7a20cb3bdd9aeaec28e2158831ec1fd46de86eb7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 10:37:44 GMT
server
CloudFront
x-frame-options
deny
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
x-amz-cf-id
xYm3HjvT0lRBYJWS1GbnZ5WJSNH-28Dx0IT9mliOGYLERaxGi5p_uQ==
expires
Tue, 21 May 2024 13:58:44 GMT
default_page_icon
todentaminen.posti.fi/uas/template/default/resource/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://todentaminen.posti.fi/uas/template/default/resource/default_page_icon?locale=fi
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
cebb4620cfa1dd09c4b53ab5ddbd3f7661f1ebedeea79a1c28cb83d9c90eb9b0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 10:37:44 GMT
server
CloudFront
x-frame-options
deny
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
x-amz-cf-id
y4l7vGTdbIW-DR3gy5COpxt6inQw_DJp1kX8EIJjkU1v49vuMJNUMQ==
expires
Tue, 21 May 2024 13:58:44 GMT
posti_background_left
todentaminen.posti.fi/uas/template/posti/resource/ 		24 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://todentaminen.posti.fi/uas/template/posti/resource/posti_background_left
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
5157c549b18199c1f27b28a0902c87881aba365e67236816652f49010c6b243b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 10:37:44 GMT
server
CloudFront
x-frame-options
deny
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
x-amz-cf-id
kId0KkW2bani1dljRcnGSsRW6DxNdaDNK3Y8SDGU8dEcwpI-M6WMDw==
expires
Tue, 21 May 2024 13:58:44 GMT
icon_alert
todentaminen.posti.fi/uas/template/posti/resource/ 		829 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://todentaminen.posti.fi/uas/template/posti/resource/icon_alert
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
f7977de79cee71ad4eafa4c08d07e7aed0726e58c0001c6803b523e83ad6b515
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-length
829
x-xss-protection
1; mode=block
last-modified
Thu, 09 Jun 2022 08:01:32 GMT
server
CloudFront
x-frame-options
deny
content-type
image/svg+xml
cache-control
public
x-amz-cf-id
bvXFozjuZCUE-PJQNDbnlwZ9GkT0T04WZsmP-Y2J0Vyikmio6kDY9w==
expires
Tue, 21 May 2024 13:58:44 GMT
posti_background_right
todentaminen.posti.fi/uas/template/posti/resource/ 		19 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://todentaminen.posti.fi/uas/template/posti/resource/posti_background_right
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
0c0428703717799bfc75042090acc9f443d492f1c795f4df4306e9a9dd612127
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-cf-pop
PRG50-C1
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 10:37:44 GMT
server
CloudFront
x-frame-options
deny
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
x-amz-cf-id
V2Fo4cS-h9qLOQCJRaj4UfuG1rC6LWgvws_5Hcsdxc9FlUJHoJHfCA==
expires
Tue, 21 May 2024 13:58:44 GMT
montserrat-regular.woff2
todentaminen.posti.fi/uas/template/posti/resource/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/template/posti/resource/montserrat-regular.woff2
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
cb15fa3084adac41439d772b620de689cd54ed49f0c3f01c43a50374d5a3f558
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Origin
https://todentaminen.posti.fi
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 12 Apr 2023 10:37:44 GMT
server
CloudFront
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-frame-options
deny
x-cache
Miss from cloudfront
cache-control
public
x-amz-cf-id
2-Y8phH9276rEs27g8WKw23PxD8FuCww0NL-ZPUsX22T2a4ddLJGqw==
content-length
28800
x-xss-protection
1; mode=block
expires
Tue, 21 May 2024 13:58:44 GMT
montserrat-700.woff2
todentaminen.posti.fi/uas/template/posti/resource/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/template/posti/resource/montserrat-700.woff2
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
44d534fbe4c22af785941cdbfd66ec935b27333fe10e26294eb9f9ff21f2a486
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Origin
https://todentaminen.posti.fi
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 12 Apr 2023 10:37:44 GMT
server
CloudFront
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-frame-options
deny
x-cache
Miss from cloudfront
cache-control
public
x-amz-cf-id
oBZPIIwsLFdgQo1e_-qp7NIUzGGjOEjDNK3KT3TohivtRA9ei3KLhQ==
content-length
28860
x-xss-protection
1; mode=block
expires
Tue, 21 May 2024 13:58:44 GMT
montserrat-500.woff2
todentaminen.posti.fi/uas/template/posti/resource/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/template/posti/resource/montserrat-500.woff2
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
261e933313b6a954084442326334600df53be3701a7bfc314d307a46553fe612
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Origin
https://todentaminen.posti.fi
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 12 Apr 2023 10:37:44 GMT
server
CloudFront
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-frame-options
deny
x-cache
Miss from cloudfront
cache-control
public
x-amz-cf-id
6dw2cVy9fbzVstHZhM366SfRGSqM6Tf6o87i48mgFgnbiVJBF5qX_A==
content-length
28932
x-xss-protection
1; mode=block
expires
Tue, 21 May 2024 13:58:44 GMT
chevron_down
todentaminen.posti.fi/uas/template/posti/resource/ 		174 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://todentaminen.posti.fi/uas/template/posti/resource/chevron_down
Requested by
Host: todentaminen.posti.fi
URL: https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
7369278822be5f721d30313590626205239000c8da4dc48c144913a783387ba0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/template/default/style.css?locale=fi
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-length
174
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 10:37:44 GMT
server
CloudFront
x-frame-options
deny
content-type
image/svg+xml
cache-control
public
x-amz-cf-id
Ogb0j0MPPr4tzHfGhNhXh57cUWPkXdMwYGaktxvj5wE9y99QTm_Jsw==
expires
Tue, 21 May 2024 13:58:44 GMT
logo.ico
todentaminen.posti.fi/uas/template/default/ 		22 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://todentaminen.posti.fi/uas/template/default/logo.ico?locale=fi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ea6ec16c4b53ef2fa344f940002b96b8625c755514ca25229ebdcb3a197ced14
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://todentaminen.posti.fi/uas/error/view?entityID=5b05bc63-9195-4687-9ac0-df872...
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:58:44 GMT
content-security-policy
default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-length
22382
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 10:37:44 GMT
server
CloudFront
x-frame-options
deny
content-type
image/x-icon
cache-control
public
x-amz-cf-id
0P70a5V85oL7OHQOe17lOY7_ibRr4XBQH51Uen7LjV2if3U1ts_W0g==
expires
Tue, 21 May 2024 13:58:44 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: MobilePay (Financial)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| View object| view function| OnWindowLoad function| AutoFocus function| OnSubmitClick function| DisableSubmit function| disableEnterKeyAndFocus function| addEventHandler function| getFirstNodeValue function| clearGenericMfaStrongAuthCookie function| setMfaStrongAuthUrl

3 Cookies

Domain/Path Name / Value
todentaminen.posti.fi/uas Name: JSESSIONID
Value: 2B9F9850668F2464A93A8212998A3149
todentaminen.posti.fi/ Name: AWSALB
Value: pedw6fFGg+N+/BtFbiw7Yqlfb4dZHBRvVhfJ2V6C0IjfWUdWwg8MaG7YlejG3IIgt97KojQm+r0F1+O9dMgk226TWRXZIz8YhDOQZPz/zMr1HUw+dC4xaQXNk24V
todentaminen.posti.fi/ Name: AWSALBCORS
Value: pedw6fFGg+N+/BtFbiw7Yqlfb4dZHBRvVhfJ2V6C0IjfWUdWwg8MaG7YlejG3IIgt97KojQm+r0F1+O9dMgk226TWRXZIz8YhDOQZPz/zMr1HUw+dC4xaQXNk24V

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; connect-src 'self'; frame-src *.posti.fi *.posti.com *.netposti.fi *.omaposti.fi *.omaposti.com *.itella.fi *.itella.com *.postinext.fi *.postinext.com *.posticloud.fi; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block