poc.postfinance.bsi.cloud Open in urlscan Pro
16.63.11.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://poc.postfinance.bsi.cloud/
Effective URL:
https://poc.postfinance.bsi.cloud/bsicrm/
Submission: On November 09 via automatic, source certstream-suspicious (November 9th 2023, 10:50:43 am UTC) — Scanned from CH

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 16.63.11.78, located in Zurich, Switzerland and belongs to AMAZON-02, US. The main domain is poc.postfinance.bsi.cloud.
TLS certificate: Issued by R3 on November 9th 2023. Valid for: 3 months.

This is the only time poc.postfinance.bsi.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 10	16.63.11.78 16.63.11.78		16509 (AMAZON-02) (AMAZON-02)
9	1

10 16.63.11.78 (Zurich, Switzerland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-16-63-11-78.eu-central-2.compute.amazonaws.com

poc.postfinance.bsi.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	bsi.cloud 1 redirects poc.postfinance.bsi.cloud	699 KB
9	1

	Domain	Requested by
10	poc.postfinance.bsi.cloud	1 redirects poc.postfinance.bsi.cloud
9	1

This site contains no links.

Subject Issuer	Validity	Valid
poc.postfinance.bsi.cloud R3	`2023-11-09` - `2024-02-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://poc.postfinance.bsi.cloud/bsicrm/
Frame ID: 3A12CA0CBD347B825ECB4A6A62DECBFC
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BSI Customer Suite

Page URL History Show full URLs

https://poc.postfinance.bsi.cloud/ HTTP 302
https://poc.postfinance.bsi.cloud/bsicrm/ Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

698 kB
Transfer

4182 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://poc.postfinance.bsi.cloud/ HTTP 302
https://poc.postfinance.bsi.cloud/bsicrm/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request / Show response
poc.postfinance.bsi.cloud/bsicrm/
Redirect Chain

https://poc.postfinance.bsi.cloud/
https://poc.postfinance.bsi.cloud/bsicrm/

3 KB
4 KB

69ms
69ms

Document
text/html

16.63.11.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://poc.postfinance.bsi.cloud/bsicrm/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

16.63.11.78 Zurich, Switzerland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-63-11-78.eu-central-2.compute.amazonaws.com

Software

Resource Hash

d4931cff8436ec57215ea23cb6d0ac21db7a5aa2c5d9d30c123f3ddbec483570

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src ; connect-src 'self' https://teams.microsoft.com/ https://.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 2909
Content-Security-Policy: img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src *; connect-src 'self' https://teams.microsoft.com/ https://*.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
Content-Type: text/html;charset=UTF-8
Date: Thu, 09 Nov 2023 10:50:37 GMT
ETag: W/"2909-1186974373"
Last-Modified: Thu, 09 Nov 2023 10:50:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Thu, 09 Nov 2023 10:50:37 GMT
Location: https://poc.postfinance.bsi.cloud/bsicrm/
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200 bapcrm-theme-6ee2ae8dca98e4fedb17.min.css
poc.postfinance.bsi.cloud/bsicrm/ 2 MB
188 KB 31ms
29ms Stylesheet
text/css 16.63.11.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://poc.postfinance.bsi.cloud/bsicrm/bapcrm-theme-6ee2ae8dca98e4fedb17.min.css

Requested by

Host: poc.postfinance.bsi.cloud
URL: https://poc.postfinance.bsi.cloud/bsicrm/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

16.63.11.78 Zurich, Switzerland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-63-11-78.eu-central-2.compute.amazonaws.com

Software

Resource Hash

ce64a7c8b4132a42e1cab03f81df875a09aea22f01c5bfb22a85a8878db11ba8

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src ; connect-src 'self' https://teams.microsoft.com/ https://.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://poc.postfinance.bsi.cloud/bsicrm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 10:50:37 GMT
Content-Security-Policy: img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src *; connect-src 'self' https://teams.microsoft.com/ https://*.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
ETag: W/"2071700-325602585"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
Cache-Control: private, max-age=31536000, s-maxage=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 vendors~bapcrm~office-addin~office-addin-dialog~login~logout~spnego~teams-9e0aac8ff4fba355ff0b.min.js Show response
poc.postfinance.bsi.cloud/bsicrm/ 108 KB
39 KB 71ms
26ms Script
application/javascript 16.63.11.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://poc.postfinance.bsi.cloud/bsicrm/vendors~bapcrm~office-addin~office-addin-dialog~login~logout~spnego~teams-9e0aac8ff4fba355ff0b.min.js

Requested by

Host: poc.postfinance.bsi.cloud
URL: https://poc.postfinance.bsi.cloud/bsicrm/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

16.63.11.78 Zurich, Switzerland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-63-11-78.eu-central-2.compute.amazonaws.com

Software

Resource Hash

29e3c35520022ac5ab14b61d8e38c3c5a44206c38553e59e69957d54f550dcbd

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src ; connect-src 'self' https://teams.microsoft.com/ https://.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://poc.postfinance.bsi.cloud/bsicrm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 10:50:37 GMT
Content-Security-Policy: img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src *; connect-src 'self' https://teams.microsoft.com/ https://*.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
ETag: W/"111035-1867859662"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=UTF-8
Cache-Control: private, max-age=31536000, s-maxage=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 vendors~login~spnego-a71305e1e363e778c559.min.js Show response
poc.postfinance.bsi.cloud/bsicrm/ 2 MB
433 KB 71ms
26ms Script
application/javascript 16.63.11.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://poc.postfinance.bsi.cloud/bsicrm/vendors~login~spnego-a71305e1e363e778c559.min.js

Requested by

Host: poc.postfinance.bsi.cloud
URL: https://poc.postfinance.bsi.cloud/bsicrm/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

16.63.11.78 Zurich, Switzerland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-63-11-78.eu-central-2.compute.amazonaws.com

Software

Resource Hash

ce389e95ff8b41a5ab17bc857b2b7ac0445978c7caa0be853f364078995f8ff1

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src ; connect-src 'self' https://teams.microsoft.com/ https://.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://poc.postfinance.bsi.cloud/bsicrm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 10:50:37 GMT
Content-Security-Policy: img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src *; connect-src 'self' https://teams.microsoft.com/ https://*.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
ETag: W/"2064592-889993591"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=UTF-8
Cache-Control: private, max-age=31536000, s-maxage=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 login-409ce007cc9acc401dd2.min.js Show response
poc.postfinance.bsi.cloud/bsicrm/ 1 KB
2 KB 72ms
24ms Script
application/javascript 16.63.11.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://poc.postfinance.bsi.cloud/bsicrm/login-409ce007cc9acc401dd2.min.js

Requested by

Host: poc.postfinance.bsi.cloud
URL: https://poc.postfinance.bsi.cloud/bsicrm/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

16.63.11.78 Zurich, Switzerland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-63-11-78.eu-central-2.compute.amazonaws.com

Software

Resource Hash

6977835bf2059d36f113cd1030138239851f5fc73e45d4969b2ddb4bd7806bab

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src ; connect-src 'self' https://teams.microsoft.com/ https://.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://poc.postfinance.bsi.cloud/bsicrm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 10:50:37 GMT
Content-Security-Policy: img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src *; connect-src 'self' https://teams.microsoft.com/ https://*.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
ETag: W/"1288-3159925477"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=UTF-8
Cache-Control: private, max-age=31536000, s-maxage=31536000
Connection: keep-alive
Content-Length: 785
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 csp-report
poc.postfinance.bsi.cloud/bsicrm/ 0
194 B 74ms
28ms Other
text/plain 16.63.11.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://poc.postfinance.bsi.cloud/bsicrm/csp-report

Requested by

Host: poc.postfinance.bsi.cloud
URL: https://poc.postfinance.bsi.cloud/bsicrm/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

16.63.11.78 Zurich, Switzerland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-63-11-78.eu-central-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://poc.postfinance.bsi.cloud/bsicrm/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Thu, 09 Nov 2023 10:50:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200 open-sans-v18-latin-regular.woff2
poc.postfinance.bsi.cloud/bsicrm/fonts/ 14 KB
15 KB 27ms
27ms Font
font/woff2 16.63.11.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://poc.postfinance.bsi.cloud/bsicrm/fonts/open-sans-v18-latin-regular.woff2

Requested by

Host: poc.postfinance.bsi.cloud
URL: https://poc.postfinance.bsi.cloud/bsicrm/bapcrm-theme-6ee2ae8dca98e4fedb17.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

16.63.11.78 Zurich, Switzerland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-63-11-78.eu-central-2.compute.amazonaws.com

Software

Resource Hash

c48e0380855b0b3a91d9c14c434b2dc8d38c5adca55a8b4ebe2d1e3869407caa

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src ; connect-src 'self' https://teams.microsoft.com/ https://.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://poc.postfinance.bsi.cloud/bsicrm/bapcrm-theme-6ee2ae8dca98e4fedb17.min.css
Origin: https://poc.postfinance.bsi.cloud
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 10:50:37 GMT
Content-Security-Policy: img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src *; connect-src 'self' https://teams.microsoft.com/ https://*.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
ETag: W/"14380-2639121480"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2;charset=UTF-8
Cache-Control: private, max-age=14400, s-maxage=14400
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 open-sans-v18-latin-600.woff2
poc.postfinance.bsi.cloud/bsicrm/fonts/ 15 KB
15 KB 27ms
27ms Font
font/woff2 16.63.11.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://poc.postfinance.bsi.cloud/bsicrm/fonts/open-sans-v18-latin-600.woff2

Requested by

Host: poc.postfinance.bsi.cloud
URL: https://poc.postfinance.bsi.cloud/bsicrm/bapcrm-theme-6ee2ae8dca98e4fedb17.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

16.63.11.78 Zurich, Switzerland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-63-11-78.eu-central-2.compute.amazonaws.com

Software

Resource Hash

a71b255c156dbf61b42e17db5e46b8a5e9f54e68ae99ba19c419c242b6ca0272

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src ; connect-src 'self' https://teams.microsoft.com/ https://.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://poc.postfinance.bsi.cloud/bsicrm/bapcrm-theme-6ee2ae8dca98e4fedb17.min.css
Origin: https://poc.postfinance.bsi.cloud
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 10:50:38 GMT
Content-Security-Policy: img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src *; connect-src 'self' https://teams.microsoft.com/ https://*.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
ETag: W/"14880-2523259900"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2;charset=UTF-8
Cache-Control: private, max-age=14400, s-maxage=14400
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 logo.svg
poc.postfinance.bsi.cloud/bsicrm/ 2 KB
2 KB 25ms
25ms Image
image/svg+xml 16.63.11.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poc.postfinance.bsi.cloud/bsicrm/logo.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

16.63.11.78 Zurich, Switzerland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-63-11-78.eu-central-2.compute.amazonaws.com

Software

Resource Hash

9cd115db162347f0bc33ba3c95f67275c671d50728b039ce3f3107dbb6e6d2ee

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src ; connect-src 'self' https://teams.microsoft.com/ https://.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://poc.postfinance.bsi.cloud/bsicrm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 10:50:38 GMT
Content-Security-Policy: img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src *; connect-src 'self' https://teams.microsoft.com/ https://*.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
ETag: W/"2014-208848250"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: private, max-age=14400, s-maxage=14400
Connection: keep-alive
Content-Length: 1065
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunk_bapcrm_crm function| $ object| scout

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			poc.postfinance.bsi.cloud/bsicrm/	1969-12-31 23:59:59	Name: BSICRM_ID Value: d80953fbc65b3d74e5d8b5d25df6e5e6\|b42ed4c491de39fd4045dcdbfb488f65

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; child-src ; connect-src 'self' https://teams.microsoft.com/ https://.teams.microsoft.com/ wss://*.teams.microsoft.com https://teams.events.data.microsoft.com/ https://ecs.office.com/ https://api.flightproxy.skype.com/; default-src 'self'; font-src 'self' data: blob:; frame-ancestors 'self' https://teams.microsoft.com/; report-uri csp-report; script-src 'self' https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

poc.postfinance.bsi.cloud
16.63.11.78
29e3c35520022ac5ab14b61d8e38c3c5a44206c38553e59e69957d54f550dcbd
6977835bf2059d36f113cd1030138239851f5fc73e45d4969b2ddb4bd7806bab
9cd115db162347f0bc33ba3c95f67275c671d50728b039ce3f3107dbb6e6d2ee
a71b255c156dbf61b42e17db5e46b8a5e9f54e68ae99ba19c419c242b6ca0272
c48e0380855b0b3a91d9c14c434b2dc8d38c5adca55a8b4ebe2d1e3869407caa
ce389e95ff8b41a5ab17bc857b2b7ac0445978c7caa0be853f364078995f8ff1
ce64a7c8b4132a42e1cab03f81df875a09aea22f01c5bfb22a85a8878db11ba8
d4931cff8436ec57215ea23cb6d0ac21db7a5aa2c5d9d30c123f3ddbec483570
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

poc.postfinance.bsi.cloud Open in urlscan Pro 16.63.11.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

698 kBTransfer

4182 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

poc.postfinance.bsi.cloud Open in urlscan Pro
16.63.11.78 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

698 kB
Transfer

4182 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions