![](/screenshots/bece2a09-50e5-4767-a3a4-4d1d920745c4.png)
idpeint.post.ch
Open in
urlscan Pro
194.41.249.1
Public Scan
Effective URL: https://idpeint.post.ch/auth/saml
Submission: On June 06 via api from US — Scanned from CH
Summary
TLS certificate: Issued by SwissSign RSA TLS OV ICA 2022 - 1 on September 19th 2023. Valid for: a year.
This is the only time idpeint.post.ch was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 194.41.248.64 194.41.248.64 | 12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG) | |
2 | 194.41.249.3 194.41.249.3 | 12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG) | |
13 | 194.41.249.1 194.41.249.1 | 12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG) | |
15 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
post.ch
aseint.post.ch idpeint.post.ch |
1 MB |
2 |
postauto.ch
2 redirects
mit-int-cloud.postauto.ch |
2 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
13 | idpeint.post.ch |
idpeint.post.ch
|
2 | aseint.post.ch | |
2 | mit-int-cloud.postauto.ch | 2 redirects |
15 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.post.ch |
Subject Issuer | Validity | Valid | |
---|---|---|---|
aseint.post.ch SwissSign RSA TLS OV ICA 2022 - 1 |
2024-01-08 - 2025-01-08 |
a year | crt.sh |
idpeint.post.ch SwissSign RSA TLS OV ICA 2022 - 1 |
2023-09-19 - 2024-09-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://idpeint.post.ch/auth/saml
Frame ID: 5E4CE0F31084FB6BD630048DB6C39950
Requests: 17 HTTP requests in this frame
Screenshot
![](/screenshots/bece2a09-50e5-4767-a3a4-4d1d920745c4.png)
Page Title
Login interner AccountPage URL History Show full URLs
-
https://mit-int-cloud.postauto.ch/
HTTP 302
https://mit-int-cloud.postauto.ch/dienst/ HTTP 302
https://aseint.post.ch/auth?response_type=code&scope=openid%20email%20profile%20groups%20offline_ac... Page URL
- https://idpeint.post.ch/auth/saml Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mit-int-cloud.postauto.ch/
HTTP 302
https://mit-int-cloud.postauto.ch/dienst/ HTTP 302
https://aseint.post.ch/auth?response_type=code&scope=openid%20email%20profile%20groups%20offline_access%20employee_id&client_id=9ab9d7a70314d5a3a92dd19440d6ac9a&state=Z4CXz4OlRi47LO-U1AGdsKg7mrA&redirect_uri=https%3A%2F%2Fmit-int-cloud.postauto.ch%2Fcallback&nonce=DDAxxsNXFTaLn0T-fJamcjIx5GBV32p4CwyyZH80SeU&code_challenge=FE-b0az35jyU_0hhEentRV1zg4v4JwXi5PD-VXLM1Ww&code_challenge_method=S256 Page URL
- https://idpeint.post.ch/auth/saml Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://mit-int-cloud.postauto.ch/ HTTP 302
- https://mit-int-cloud.postauto.ch/dienst/ HTTP 302
- https://aseint.post.ch/auth?response_type=code&scope=openid%20email%20profile%20groups%20offline_access%20employee_id&client_id=9ab9d7a70314d5a3a92dd19440d6ac9a&state=Z4CXz4OlRi47LO-U1AGdsKg7mrA&redirect_uri=https%3A%2F%2Fmit-int-cloud.postauto.ch%2Fcallback&nonce=DDAxxsNXFTaLn0T-fJamcjIx5GBV32p4CwyyZH80SeU&code_challenge=FE-b0az35jyU_0hhEentRV1zg4v4JwXi5PD-VXLM1Ww&code_challenge_method=S256
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
auth
aseint.post.ch/ Redirect Chain
|
3 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
saml
idpeint.post.ch/auth/ |
9 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
aseint.post.ch/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.12.1.custom.min.css
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/ |
21 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post.css
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/ |
565 KB 568 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/ |
6 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/ |
87 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.bundle.min.js
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/ |
79 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.12.1.custom.min.js
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/ |
127 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/js/ |
2 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logoPost.svg
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/images/ |
909 B 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
205 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
235 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frutiger55roman.woff
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/fonts/ |
44 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frutiger45light.woff
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/fonts/ |
50 KB 52 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frutiger65bold.woff
idpeint.post.ch/gui/login/resources/nevislogrend/applications/def/webdata/css/fonts/ |
37 KB 39 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
idpeint.post.ch/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| bootstrap function| dropdownAccessible function| removeValidation4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mit-int-cloud.postauto.ch/ | Name: mod_auth_openidc_state_Z4CXz4OlRi47LO-U1AGdsKg7mrA Value: eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..PfXajlMSfQuu0sO_.XRioSUy2DzXWPAGL3nvu2tQqMsonp2iHUM60LdAcdBSsL4oQGlLZ_0FbofQ1_4h0229CUbb5RGCi2Arh2rq1bNeE4NqCA_ESy2Mp8IcO2WEZccQ14YkwNV9aljX4OMd-XW9UePGWp4_ZALJcusqosBUfKC8kF9BVOLVRpT3bSX3d1PRD31-BH7agJtyKbK1b1-V79RQasDUeQlGfMvyj-qwHywCG_zN2JJgDEtHcJzVaD6GcvmDTGOCFayo.CI7FW0Wc69B93AD00GL5LA |
|
.post.ch/ | Name: ittrksessid Value: fa07caef.61a3cc21a57ae |
|
aseint.post.ch/ | Name: NavajoAS Value: 729b1cac4071fKYAOtKFtlEFYnKttgewYrsgVjmClvmO19Bh3ANDJxAMI2 |
|
idpeint.post.ch/ | Name: NavajoACS Value: 869a1cac3671YmFknQ4NaO6af9KUe3kdQiCy1HWEFPf4JwzILgtVDhABuW |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' https://webidecp-a27fcbc9f.dispatcher.hana.ondemand.com https://webidecp-jadtfdlf0x.dispatcher.hana.ondemand.com https://webidecp-a127061bf.dispatcher.hana.ondemand.com https://ayrznyb2f.accounts.ondemand.com https://pfportal-test.pnet.ch https://pfportal.pnet.ch https://intpfwiki.post.ch https://pfwiki.post.ch https://*.wd.pnet.ch; object-src 'none'; script-src 'nonce-8uAHY9m1B9bsyekQqTLiGg==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' *.post.ch stackpath.bootstrapcdn.com *.google.com *.google.ch *.google-analytics.com tags.tiqcdn.com *.webtrendslive.com *.webtrends.com *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; style-src 'self' 'unsafe-inline' *.post.ch stackpath.bootstrapcdn.com; img-src 'self' *.youtube.com *.ytimg.com data: *.post.ch stackpath.bootstrapcdn.com *.google-analytics.com *.webtrendslive.com *.webtrends.com *.google.com *.google.ch *.googleadservices.com *.adform.net *.doubleclick.net *.xiti.com *.ipify.org *.googletagmanager.com *.aticdn.net; font-src 'self' data: *.post.ch stackpath.bootstrapcdn.com *.gstatic.com;base-uri 'self'; connect-src 'self' wss://*.post.ch *.post.ch stackpath.bootstrapcdn.com; report-uri https://violations.post.ch/CSP/UAAS/int/enforced |
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aseint.post.ch
idpeint.post.ch
mit-int-cloud.postauto.ch
194.41.248.64
194.41.249.1
194.41.249.3
091099a5b30fd8f83c98a96df5a6b39b091ef985840e559fdcb06ac250b9706f
109a6145ce7c9781394096c2c70d0de8c6616ae7b73c3c0c78f10cb3d1ae9776
1cfb9b4e5372e21e0a1761917ade47ff2ffb2debececb2ea8ab9932d559e4680
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9
391bff833545a2f3c3ee1be0f7a4a49d9fdd0ccc1ccc545e41ebd74d4bbe8ada
3cbf77fee8febcc1a3cef2e35bfb9d0c19f9a9b5a91ff262be45e18a1bcf9498
58c803b6cd8e7b56288f26786cce0d905310e39f3dfa7cb20f24c061c82b3a65
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
85ddf202fc65e104c0f738db01d55739097a8d7de3cd29ab538349b6d0db7927
9ca0d5fc058d314e6d5523132747c8b60c5f78b7dba2875908448124b7f96dd2
a5bf4c5eec5b61ff70c6481821520aa1052ec4d257554c05b3e19321092514c7
dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984
fafa346f0f80f88f002778cb2fce8a2d4acfd36e54d319016082a46bb35072a7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e