swiss-post
YesWeHackView on YesWeHack
11
In Scope
5
Out of Scope
In-Scope Assets (11)
| Asset | Category | Quick Links | |
|---|---|---|---|
| (*.post.ch:80|*.post.ch:443) AND 194.41.128.0/17 | OTHER | - | |
| https://account.post.ch | URL | ||
| https://apps.apple.com/ch/app/die-post/id378676700 | IOS | - | |
| https://billingonline.post.ch/OnlinePayment/Web/v1/BOI | URL | ||
| https://itunes.apple.com/ch/app/postcard-creator/id820354055?mt=8 | IOS | - | |
| https://play.google.com/store/apps/details?id=ch.post.it.pcc&hl=en | ANDROID | ||
| https://play.google.com/store/apps/details?id=com.nth.swisspost&hl=de_CH&gl=US | ANDROID | ||
| https://service.post.ch/ekp-web/ | URL | ||
| https://service.post.ch/ele-klp/ele/ | URL | ||
| https://service.post.ch/zopa/app/ | URL | ||
| https://shop.post.ch/shop | URL |
Out-of-Scope Assets (5)
| Asset | Category | |
|---|---|---|
| Any services related to Incamail (for example https://incamail-dev.post.ch (194.41.248.224) and https://incamail-test.post.ch (194.41.248.58)) | OTHER | |
| Anything that has not been described as in scope in the previous section is automatically out of scope. | OTHER | |
| Attacks on administrative and surrounding systems that are not used for the in-scope services are not permitted (this includes DNS, NTP, routers, systems of the ISP, etc.). | OTHER | |
| Please note that some of the applications may contain links or redirect you away from the URIs described in the scope section. This means you are leaving the scope if you follow these links / redirects. | OTHER | |
| The alternative login (https://login.swissid.ch) is out of scope. It also leads to the in-scope service, (https://account.post.ch) but we have designated it as out of scope. | OTHER |