urlscan.io logo urlscan.io
SecurityTrails logo

idpeint.post.ch Open in urlscan Pro
194.41.249.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://web-int.post.ch/
Effective URL: https://idpeint.post.ch/auth/saml
Submission: On July 11 via automatic, source certstream-suspicious — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 194.41.249.1, located in Switzerland and belongs to CH-POSTNETZ Post CH AG, CH. The main domain is idpeint.post.ch.
TLS certificate: Issued by SwissSign RSA TLS OV ICA 2022 - 1 on September 19th 2023. Valid for: a year.
This is the only time idpeint.post.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 194.41.248.48 12511 (CH-POSTNE...)
2 194.41.249.3 12511 (CH-POSTNE...)
13 194.41.249.1 12511 (CH-POSTNE...)
15 3
Apex Domain
Subdomains		 Transfer
16 post.ch
web-int.post.ch
aseint.post.ch
idpeint.post.ch
1 MB
2 swisspost.com
web-int.sp.swisspost.com
2 KB
15 2
Domain Requested by
13 idpeint.post.ch idpeint.post.ch
2 aseint.post.ch
2 web-int.sp.swisspost.com 2 redirects
1 web-int.post.ch 1 redirects
15 4

This site contains links to these domains. Also see Links.

Domain
www.post.ch
Subject Issuer Validity Valid
aseint.post.ch
SwissSign RSA TLS OV ICA 2022 - 1		 2024-01-08 -
2025-01-08		 a year crt.sh
idpeint.post.ch
SwissSign RSA TLS OV ICA 2022 - 1		 2023-09-19 -
2024-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://idpeint.post.ch/auth/saml
Frame ID: F2A4732B37F0E3BD7BAF0BCEBD40B188
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login interner Account

Page URL History Show full URLs

  1. https://web-int.post.ch/ HTTP 302
    https://web-int.sp.swisspost.com/ HTTP 302
    https://web-int.sp.swisspost.com/postweb/ HTTP 302
    https://aseint.post.ch/auth?response_type=code&scope=openid%20profile%20employee_id&client_id=b82ed... Page URL
  2. https://idpeint.post.ch/auth/saml Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

1
Countries

1090 kB
Transfer

1063 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://web-int.post.ch/ HTTP 302
    https://web-int.sp.swisspost.com/ HTTP 302
    https://web-int.sp.swisspost.com/postweb/ HTTP 302
    https://aseint.post.ch/auth?response_type=code&scope=openid%20profile%20employee_id&client_id=b82ed2320af8911325b9396f9c248d8a&state=KNM0vtDSs4K2MXPMTv6cq0UeXGs&redirect_uri=https%3A%2F%2Fweb-int.sp.swisspost.com%2Fcallback&nonce=8C-weSgEHC4Sc3d_DeBdQ65woTCd8wCu5q3OTmHo0VQ&code_challenge=kaSmaxJenOW5Pqm4Zq7B5MEyXhEWOSJIDXGimOPDXLk&code_challenge_method=S256 Page URL
  2. https://idpeint.post.ch/auth/saml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://web-int.post.ch/ HTTP 302
  • https://web-int.sp.swisspost.com/ HTTP 302
  • https://web-int.sp.swisspost.com/postweb/ HTTP 302
  • https://aseint.post.ch/auth?response_type=code&scope=openid%20profile%20employee_id&client_id=b82ed2320af8911325b9396f9c248d8a&state=KNM0vtDSs4K2MXPMTv6cq0UeXGs&redirect_uri=https%3A%2F%2Fweb-int.sp.swisspost.com%2Fcallback&nonce=8C-weSgEHC4Sc3d_DeBdQ65woTCd8wCu5q3OTmHo0VQ&code_challenge=kaSmaxJenOW5Pqm4Zq7B5MEyXhEWOSJIDXGimOPDXLk&code_challenge_method=S256

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
auth
aseint.post.ch/
Redirect Chain
  • https://web-int.post.ch/
  • https://web-int.sp.swisspost.com/
  • https://web-int.sp.swisspost.com/postweb/
  • https://aseint.post.ch/auth?response_type=code&scope=openid%20profile%20employee_id&client_id=b82ed2320af8911325b9396f9c248d8a&state=KNM0vtDSs4K2MXPMTv6cq0UeXGs&redirect_uri=https%3A%2F%2Fweb-int.s...
3 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aseint.post.ch/auth?response_type=code&scope=openid%20profile%20employee_id&client_id=b82ed2320af8911325b9396f9c248d8a&state=KNM0vtDSs4K2MXPMTv6cq0UeXGs&redirect_uri=https%3A%2F%2Fweb-int.sp.swisspost.com%2Fcallback&nonce=8C-weSgEHC4Sc3d_DeBdQ65woTCd8wCu5q3OTmHo0VQ&code_challenge=kaSmaxJenOW5Pqm4Zq7B5MEyXhEWOSJIDXGimOPDXLk&code_challenge_method=S256
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.3 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
404e9f93d48d46a4f1dcfb4354fa67f4ba5702a0484cde0ad886c470cfa523b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-dScVyXW48/uKq7lJJOFM8g==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
*
Cache-Control
no-cache
Connection
Keep-Alive
Content-Encoding
identity
Content-Length
3264
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-dScVyXW48/uKq7lJJOFM8g==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Jul 2024 13:19:04 GMT
Keep-Alive
timeout=70, max=100
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Strict-Transport-Security
max-age=63072000
Vary
Origin
X-Content-Type-Options
nosniff
X-RP-UNIQUE_ID
Zo_byCvmm5xZ_tpiJEE4tAAAAlM
X-Xss-Protection
1; mode=block
traceparent
00-26e9be0718d680ece0010fcec7335c41-518ff4d04a9fec38-00

Redirect headers

Cache-Control
no-cache, no-store, max-age=0
Connection
Keep-Alive
Content-Length
571
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 11 Jul 2024 13:19:04 GMT
Keep-Alive
timeout=5, max=99
Location
https://aseint.post.ch/auth?response_type=code&scope=openid%20profile%20employee_id&client_id=b82ed2320af8911325b9396f9c248d8a&state=KNM0vtDSs4K2MXPMTv6cq0UeXGs&redirect_uri=https%3A%2F%2Fweb-int.sp.swisspost.com%2Fcallback&nonce=8C-weSgEHC4Sc3d_DeBdQ65woTCd8wCu5q3OTmHo0VQ&code_challenge=kaSmaxJenOW5Pqm4Zq7B5MEyXhEWOSJIDXGimOPDXLk&code_challenge_method=S256
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-RP-UNIQUE_ID
Zo_byMllQVXisjRUKoyw7gAAAFE
X-Xss-Protection
1; mode=block
traceparent
00-edda7cc59e8234cccf3c04a8f0fd475e-a5f23b64c29e80a1-00
Primary Request saml
idpeint.post.ch/auth/ 		9 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/auth/saml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
a34788714e12c128188d5e7421b07baff7be8effb3c2768e84e1b741ed1377b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-SWhdBOH5HumMuLZLgSln9w==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://aseint.post.ch
Referer
https://aseint.post.ch/auth?response_type=code&scope=openid%20profile%20employee_id&client_id=b82ed2320af8911325b9396f9c248d8a&state=KNM0vtDSs4K2MXPMTv6cq0UeXGs&redirect_uri=https%3A%2F%2Fweb-int.sp.swisspost.com%2Fcallback&nonce=8C-weSgEHC4Sc3d_DeBdQ65woTCd8wCu5q3OTmHo0VQ&code_challenge=kaSmaxJenOW5Pqm4Zq7B5MEyXhEWOSJIDXGimOPDXLk&code_challenge_method=S256
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://aseint.post.ch
Cache-Control
no-store, no-cache, must-revalidate, private
Connection
Keep-Alive
Content-Length
9403
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-SWhdBOH5HumMuLZLgSln9w==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Content-Type
text/html;charset=utf-8
Date
Thu, 11 Jul 2024 13:19:04 GMT
Expires
Thu, 1 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=5, max=100
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Strict-Transport-Security
max-age=63072000
Vary
Origin
X-Content-Type-Options
nosniff
X-RP-UNIQUE_ID
Zo_byJKiYG-wFdCqd4nTLwAAAug
X-Xss-Protection
1; mode=block
traceparent
00-296d21c8b78efe73fc00f423ccc75d49-aa551d6221882410-00
favicon.ico
aseint.post.ch/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aseint.post.ch/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.3 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aseint.post.ch/auth?response_type=code&scope=openid%20profile%20employee_id&client_id=b82ed2320af8911325b9396f9c248d8a&state=KNM0vtDSs4K2MXPMTv6cq0UeXGs&redirect_uri=https%3A%2F%2Fweb-int.sp.swisspost.com%2Fcallback&nonce=8C-weSgEHC4Sc3d_DeBdQ65woTCd8wCu5q3OTmHo0VQ&code_challenge=kaSmaxJenOW5Pqm4Zq7B5MEyXhEWOSJIDXGimOPDXLk&code_challenge_method=S256
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
X-RP-UNIQUE_ID
Zo_byCvmm5xZ_tpiJEE4tgAAAv4
Connection
Keep-Alive
Content-Length
15086
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 02 May 2023 11:51:16 GMT
Server
Apache
traceparent
00-a7a47637b94a8ce7d15826ca3b898e32-37807dc698dd5031-00
ETag
"3aee-5fab48e92e1dd"
Vary
X-QOS-EXCL,Origin
Content-Type
image/x-icon
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Keep-Alive
timeout=70, max=99
jquery-ui-1.12.1.custom.min.css
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/ 		21 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/jquery-ui-1.12.1.custom.min.css
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/auth/saml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
1cfb9b4e5372e21e0a1761917ade47ff2ffb2debececb2ea8ab9932d559e4680
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-rh0rJF6aHjR3opZSYEO8lg==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/auth/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-rh0rJF6aHjR3opZSYEO8lg==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byJKiYG-wFdCqd4nTMAAAAvA
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-c9f916a05ecca6c045de9168fbd6e7ec-4aceff4bd7d5ba65-00
Vary
Origin
Content-Type
text/css;charset=utf-8
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=99
Expires
Thu, 11 Jul 2024 13:34:04 GMT
post.css
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/ 		565 KB
568 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/post.css
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/auth/saml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
391bff833545a2f3c3ee1be0f7a4a49d9fdd0ccc1ccc545e41ebd74d4bbe8ada
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-eiBSYaihp7WUjukVVl8EKQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/auth/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-eiBSYaihp7WUjukVVl8EKQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byJKiYG-wFdCqd4nTMQAAAsU
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-7be648db9e3c5ea8d3f72b2ba2f1da61-1703c412b798931a-00
Vary
Origin
Content-Type
text/css;charset=utf-8
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=98
Expires
Thu, 11 Jul 2024 13:34:04 GMT
app.css
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/ 		6 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/app.css
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/auth/saml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
85ddf202fc65e104c0f738db01d55739097a8d7de3cd29ab538349b6d0db7927
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-BANt+VuD6s3rO7VjrsRvlw==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/auth/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-BANt+VuD6s3rO7VjrsRvlw==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byJKiYG-wFdCqd4nTMgAAAuw
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-69a98da1837eebcf84cbc538ca1be625-991a049a3ea6822b-00
Vary
Origin
Content-Type
text/css;charset=utf-8
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=100
Expires
Thu, 11 Jul 2024 13:34:04 GMT
jquery-3.6.0.min.js
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/ 		87 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/jquery-3.6.0.min.js
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/auth/saml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-iz47OdfXm84vSDCVuJA7PA==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/auth/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-iz47OdfXm84vSDCVuJA7PA==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byItjy_mgmsCSFqAR7QAAAdY
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-3b6f731eee2792c077758d644d8d76d0-92df9db11b24026b-00
Vary
Origin
Content-Type
application/javascript;charset=utf-8
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=100
Expires
Thu, 11 Jul 2024 13:34:04 GMT
bootstrap.bundle.min.js
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/ 		79 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/bootstrap.bundle.min.js
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/auth/saml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-N0SfRj0j6IJ4E+aqIRdo3A==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/auth/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-N0SfRj0j6IJ4E+aqIRdo3A==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byItjy_mgmsCSFqAR7gAAAbI
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-bf780dfb5845bbaa9f6f822cdeedb751-e51f7b6cfa75dcdf-00
Vary
Origin
Content-Type
application/javascript;charset=utf-8
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=100
Expires
Thu, 11 Jul 2024 13:34:04 GMT
jquery-ui-1.12.1.custom.min.js
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/ 		127 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/jquery-ui-1.12.1.custom.min.js
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/auth/saml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
a5bf4c5eec5b61ff70c6481821520aa1052ec4d257554c05b3e19321092514c7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-hwlNzYKvkA2XlZXFcVUGYQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/auth/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-hwlNzYKvkA2XlZXFcVUGYQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byItjy_mgmsCSFqAR7wAAAbA
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-ed44692484f42855b785bd62c3b249e2-a5c4f20cbcf867dd-00
Vary
Origin
Content-Type
application/javascript;charset=utf-8
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=100
Expires
Thu, 11 Jul 2024 13:34:04 GMT
app.js
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/app.js
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/auth/saml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
9ca0d5fc058d314e6d5523132747c8b60c5f78b7dba2875908448124b7f96dd2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-nuYqyFTsOztYBBSCXaHpnw==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/auth/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-nuYqyFTsOztYBBSCXaHpnw==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byJKiYG-wFdCqd4nTMwAAAi0
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-be64958158093aa0651aedb27a412e0d-4848124d848e91ab-00
Vary
Origin
Content-Type
application/javascript;charset=utf-8
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=100
Expires
Thu, 11 Jul 2024 13:34:04 GMT
logoPost.svg
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/images/ 		909 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/images/logoPost.svg
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/auth/saml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
58c803b6cd8e7b56288f26786cce0d905310e39f3dfa7cb20f24c061c82b3a65
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-pyCvdZFfQyp36SNOJC1AwQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/auth/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-pyCvdZFfQyp36SNOJC1AwQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byJKiYG-wFdCqd4nTNAAAAvs
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-c542e40df98256ec26c5864a246b8d44-cc72eef93dab919d-00
Vary
Origin
Content-Type
image/svg+xml;charset=utf-8
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=99
Expires
Thu, 11 Jul 2024 13:34:04 GMT
truncated
/ 		205 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cbf77fee8febcc1a3cef2e35bfb9d0c19f9a9b5a91ff262be45e18a1bcf9498

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fafa346f0f80f88f002778cb2fce8a2d4acfd36e54d319016082a46bb35072a7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
frutiger55roman.woff
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/fonts/ 		44 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/fonts/frutiger55roman.woff
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/post.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-MIYiDhbteauwwAiF6bFnKQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/post.css
Origin
https://idpeint.post.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-MIYiDhbteauwwAiF6bFnKQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byJKiYG-wFdCqd4nTNQAAAgU
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-793160342b1218b34470caab5b1c8455-d92c8426c79d86bf-00
Vary
Origin
Content-Type
font/woff;charset=utf-8
Access-Control-Allow-Origin
https://idpeint.post.ch
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=97
Expires
Thu, 11 Jul 2024 13:34:04 GMT
frutiger45light.woff
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/fonts/ 		50 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/fonts/frutiger45light.woff
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/post.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-zu8z+lhnM0nUb2lEYF8mLQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/post.css
Origin
https://idpeint.post.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-zu8z+lhnM0nUb2lEYF8mLQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byItjy_mgmsCSFqAR8AAAAbg
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-3e60793b2fed4f7643976cb3a4048cdc-8c7e48c19d71b3d5-00
Vary
Origin
Content-Type
font/woff;charset=utf-8
Access-Control-Allow-Origin
https://idpeint.post.ch
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=99
Expires
Thu, 11 Jul 2024 13:34:04 GMT
frutiger65bold.woff
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/fonts/ 		37 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/fonts/frutiger65bold.woff
Requested by
Host: idpeint.post.ch
URL: https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/post.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-xF0B03ZwgCxd9ZZ2/pEnuA==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/post.css
Origin
https://idpeint.post.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-xF0B03ZwgCxd9ZZ2/pEnuA==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Transfer-Encoding
chunked
X-RP-UNIQUE_ID
Zo_byItjy_mgmsCSFqAR8QAAAbM
Connection
Keep-Alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
traceparent
00-86ee317f72d9c5a513ac167d47a46f1e-34f774e541ab010e-00
Vary
Origin
Content-Type
font/woff;charset=utf-8
Access-Control-Allow-Origin
https://idpeint.post.ch
Cache-Control
must-revalidate
Keep-Alive
timeout=5, max=99
Expires
Thu, 11 Jul 2024 13:34:04 GMT
favicon.ico
idpeint.post.ch/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://idpeint.post.ch/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.41.249.1 , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
091099a5b30fd8f83c98a96df5a6b39b091ef985840e559fdcb06ac250b9706f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idpeint.post.ch/auth/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 13:19:04 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
X-RP-UNIQUE_ID
Zo_byItjy_mgmsCSFqAR8gAAAcE
Connection
Keep-Alive
Content-Length
15086
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 02 May 2023 11:51:16 GMT
Server
Apache
traceparent
00-e6ffe12504a4a7b325c1cd6ab9be55de-ca2fa27c8ef44930-00
ETag
"3aee-5fab48e92e1dd"
Vary
X-QOS-EXCL,Origin
Content-Type
image/x-icon
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap function| dropdownAccessible function| removeValidation

5 Cookies

Domain/Path Name / Value
web-int.sp.swisspost.com/ Name: mod_auth_openidc_state_KNM0vtDSs4K2MXPMTv6cq0UeXGs
Value: eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..W7vCH1CezZBZyt3H.aK0C3lVt1arkfXE9k8_cDy_vziV_bZwL8-L6FntQjWIb0I2Iwbvm5r1MPI-U2SLkpkVWCXpSgLXD9Ao65KdsngiDkVIghZx441YDkcqiBOwxulJTTI97VzTdcuVX3z8P0YktC2uotTckNBhijgF9ombnqvC4kEg82YtqbYYzwSYB0qjvYRsS9N2kXzm4b_WgTGD6AI4dV_Ao66StvJzyq3BMq5al8ZbW-Yoy20hHMqI1ZP-_xwbXnA.rzJX13dYT4ukPZYyAKGDcg
.post.ch/ Name: ittrksessid
Value: d295a1f7.61cf89b5b2e0f
aseint.post.ch/ Name: NavajoAS
Value: 0bb71cac4071HX75dPMko3EMw8BdslXj7UwcwFDGQu7spcMNKI67zkALz8
idpeint.post.ch/ Name: lopchc_AS
Value: 1
idpeint.post.ch/ Name: NavajoACS
Value: 0b321cac3f71Xpc3Vchg6hPKOJFb8rFiMkJm8EaWbn5s9CUBDUoGh1AGdh

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-dScVyXW48/uKq7lJJOFM8g==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block