urlscan.io logo urlscan.io
SecurityTrails logo

eid.prod.aldi-sued.com Open in urlscan Pro
185.157.100.151  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com/822ce644-a81a-4cfe-b6fa-6370b5774464.ds-mcservice.comsapaldisupplierDocuments/index.html#/overview
Effective URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Submission: On September 16 via manual from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 36 HTTP transactions. The main IP is 185.157.100.151, located in Essen, Germany and belongs to ALDI_IIT, DE. The main domain is eid.prod.aldi-sued.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 30th 2024. Valid for: a year.
This is the only time eid.prod.aldi-sued.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 40.119.153.88 8075 (MICROSOFT...)
1 130.214.144.214 35039 (SAP_CC)
28 185.157.100.151 204724 (ALDI_IIT)
36 3
Domain Requested by
28 eid.prod.aldi-sued.com eid.prod.aldi-sued.com
8 emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com 2 redirects emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com
1 ay1gdzomt.accounts.ondemand.com
1 emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com
36 4

This site contains links to these domains. Also see Links.

Domain
aldi.com
Subject Issuer Validity Valid
*.mobile.workzonehr.cfapps.eu20.hana.ondemand.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-09 -
2025-07-08		 a year crt.sh
*.cf.eu20.hana.ondemand.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-09 -
2025-07-08		 a year crt.sh
*.accounts.ondemand.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-17 -
2024-12-17		 a year crt.sh
eid.prod.aldi-sued.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-07-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Frame ID: E89CAB3D649E7785A2B5506261ED6ACA
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Inloggen met EmpowerID

Page URL History Show full URLs

  1. https://emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com/822ce644-a81a-4cfe-b6fa-6370b5774464.ds-mcservice.comsapaldisupplierDocument... Page URL
  2. https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/oauth/authorize?response_type=code&client_id=sb-launchpad-dt-approuter!t254&... HTTP 302
    https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login Page URL
  3. https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/discovery?returnIDParam=idp&entityID=https://emeacentral-iit-central-pr... HTTP 302
    https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/login/alias/emeacentral-iit-central-prd.azure-live-eu20?disco=true&idp=... Page URL
  4. https://ay1gdzomt.accounts.ondemand.com/saml2/idp/sso/ay1gdzomt.accounts.ondemand.com Page URL
  5. https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

36
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

3
Countries

3672 kB
Transfer

3656 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com/822ce644-a81a-4cfe-b6fa-6370b5774464.ds-mcservice.comsapaldisupplierDocuments/index.html Page URL
  2. https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/oauth/authorize?response_type=code&client_id=sb-launchpad-dt-approuter!t254&redirect_uri=https%3A%2F%2Femeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com%2Flogin%2Fcallback%3FauthType%3Dxsuaa&state=231f0504-cc63-470f-8388-a61948e00951 HTTP 302
    https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login Page URL
  3. https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/discovery?returnIDParam=idp&entityID=https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com&idp=httpsay1gdzomt.accounts.ondemand.com&isPassive=true HTTP 302
    https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/login/alias/emeacentral-iit-central-prd.azure-live-eu20?disco=true&idp=https%3A%2F%2Fay1gdzomt.accounts.ondemand.com Page URL
  4. https://ay1gdzomt.accounts.ondemand.com/saml2/idp/sso/ay1gdzomt.accounts.ondemand.com Page URL
  5. https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/oauth/authorize?response_type=code&client_id=sb-launchpad-dt-approuter!t254&redirect_uri=https%3A%2F%2Femeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com%2Flogin%2Fcallback%3FauthType%3Dxsuaa&state=231f0504-cc63-470f-8388-a61948e00951 HTTP 302
  • https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
Request Chain 5
  • https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/discovery?returnIDParam=idp&entityID=https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com&idp=httpsay1gdzomt.accounts.ondemand.com&isPassive=true HTTP 302
  • https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/login/alias/emeacentral-iit-central-prd.azure-live-eu20?disco=true&idp=https%3A%2F%2Fay1gdzomt.accounts.ondemand.com

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.html
emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com/822ce644-a81a-4cfe-b6fa-6370b5774464.ds-mcservice.comsapaldisupplierDocuments/ 		828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com/822ce644-a81a-4cfe-b6fa-6370b5774464.ds-mcservice.comsapaldisupplierDocuments/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.119.153.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2e253325d7818ec6fa586bb4077d74314cb16fcc17c60a04a85bcd3b102ac53
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'self' 'unsafe-inline'; frame-ancestors *
content-type
text/html
date
Mon, 16 Sep 2024 08:05:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
5fa9a693-577d-410a-66f8-d5c4cf3c31db
x-vcap-request-id
5fa9a693-577d-410a-66f8-d5c4cf3c31db
login
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/
Redirect Chain
  • https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/oauth/authorize?response_type=code&client_id=sb-launchpad-dt-approuter!t254&redirect_uri=https%3A%2F%2Femeacentral-iit-cent...
  • https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
Requested by
Host: emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com
URL: https://emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com/822ce644-a81a-4cfe-b6fa-6370b5774464.ds-mcservice.comsapaldisupplierDocuments/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.119.153.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com/822ce644-a81a-4cfe-b6fa-6370b5774464.ds-mcservice.comsapaldisupplierDocuments/index.html#/overview
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
nl-NL
content-type
text/html;charset=UTF-8
critical-origin-trial
Tpcd
date
Mon, 16 Sep 2024 08:05:04 GMT
expires
0
origin-trial
Avu6rn7emV5gK8gvyGHlX8TMqM9uo1FacP2j/RWTq+8j+yKnqcTO0TQh0bXJ/7QntxD4/JzXv8aXoqxxZQuqXgYAAABdeyJvcmlnaW4iOiJodHRwczovL29uZGVtYW5kLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
DENY
x-vcap-request-id
64fe1536-5184-4228-57cf-58c805168a23
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
critical-origin-trial
Tpcd
date
Mon, 16 Sep 2024 08:05:04 GMT
expires
0
location
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
origin-trial
Avu6rn7emV5gK8gvyGHlX8TMqM9uo1FacP2j/RWTq+8j+yKnqcTO0TQh0bXJ/7QntxD4/JzXv8aXoqxxZQuqXgYAAABdeyJvcmlnaW4iOiJodHRwczovL29uZGVtYW5kLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
DENY
x-vcap-request-id
e8c909a8-f668-4e9f-7e09-bd92f92d0c39
x-xss-protection
1; mode=block
application.css
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/resources/oss/stylesheets/ 		229 KB
229 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/resources/oss/stylesheets/application.css
Requested by
Host: emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com
URL: https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.119.153.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
critical-origin-trial
Tpcd
last-modified
Sun, 15 Sep 2024 10:23:17 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/css
x-vcap-request-id
9dfbf9a5-49f0-4aa5-4e8c-368e85b146be
origin-trial
Avu6rn7emV5gK8gvyGHlX8TMqM9uo1FacP2j/RWTq+8j+yKnqcTO0TQh0bXJ/7QntxD4/JzXv8aXoqxxZQuqXgYAAABdeyJvcmlnaW4iOiJodHRwczovL29uZGVtYW5kLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
content-length
234294
sap.css
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/resources/oss/stylesheets/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/resources/oss/stylesheets/sap.css
Requested by
Host: emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com
URL: https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.119.153.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
critical-origin-trial
Tpcd
last-modified
Tue, 06 Aug 2024 16:01:48 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/css
x-vcap-request-id
dd9aa505-0fd5-48fb-6d29-a09a84537776
origin-trial
Avu6rn7emV5gK8gvyGHlX8TMqM9uo1FacP2j/RWTq+8j+yKnqcTO0TQh0bXJ/7QntxD4/JzXv8aXoqxxZQuqXgYAAABdeyJvcmlnaW4iOiJodHRwczovL29uZGVtYW5kLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
content-length
9053
sap.png
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/resources/oss/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/resources/oss/images/sap.png
Requested by
Host: emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com
URL: https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.119.153.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
critical-origin-trial
Tpcd
last-modified
Tue, 06 Aug 2024 16:01:48 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/png
x-vcap-request-id
e88565c0-3c90-4054-4b73-f3439151d5db
origin-trial
Avu6rn7emV5gK8gvyGHlX8TMqM9uo1FacP2j/RWTq+8j+yKnqcTO0TQh0bXJ/7QntxD4/JzXv8aXoqxxZQuqXgYAAABdeyJvcmlnaW4iOiJodHRwczovL29uZGVtYW5kLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
content-length
1199
emeacentral-iit-central-prd.azure-live-eu20
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/login/alias/
Redirect Chain
  • https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/discovery?returnIDParam=idp&entityID=https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com&idp=htt...
  • https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/login/alias/emeacentral-iit-central-prd.azure-live-eu20?disco=true&idp=https%3A%2F%2Fay1gdzomt.accounts.ondemand.com
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/login/alias/emeacentral-iit-central-prd.azure-live-eu20?disco=true&idp=https%3A%2F%2Fay1gdzomt.accounts.ondemand.com
Requested by
Host: emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com
URL: https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.119.153.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-type
text/html;charset=UTF-8
critical-origin-trial
Tpcd
date
Mon, 16 Sep 2024 08:05:05 GMT
origin-trial
Avu6rn7emV5gK8gvyGHlX8TMqM9uo1FacP2j/RWTq+8j+yKnqcTO0TQh0bXJ/7QntxD4/JzXv8aXoqxxZQuqXgYAAABdeyJvcmlnaW4iOiJodHRwczovL29uZGVtYW5kLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-vcap-request-id
ab05d73d-daa4-419b-7d0c-4061dca474fe

Redirect headers

content-length
0
critical-origin-trial
Tpcd
date
Mon, 16 Sep 2024 08:05:04 GMT
location
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/login/alias/emeacentral-iit-central-prd.azure-live-eu20?disco=true&idp=https%3A%2F%2Fay1gdzomt.accounts.ondemand.com
origin-trial
Avu6rn7emV5gK8gvyGHlX8TMqM9uo1FacP2j/RWTq+8j+yKnqcTO0TQh0bXJ/7QntxD4/JzXv8aXoqxxZQuqXgYAAABdeyJvcmlnaW4iOiJodHRwczovL29uZGVtYW5kLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-vcap-request-id
b2b238c5-936e-4acb-524f-5c4b31b46898
ay1gdzomt.accounts.ondemand.com
ay1gdzomt.accounts.ondemand.com/saml2/idp/sso/ 		7 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ay1gdzomt.accounts.ondemand.com/saml2/idp/sso/ay1gdzomt.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.214.144.214 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
SAP /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; script-src consent.trustarc.com ay1gdzomt.accounts.ondemand.com/universalui/assets/ 'nonce-uco5CEV6BnsCRKrv1hM4H8IHVm1b3UZi8S5vTIc5W2A='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com
Referer
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
private,no-cache,no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
nl-NL
Content-Security-Policy
base-uri 'self'; script-src consent.trustarc.com ay1gdzomt.accounts.ondemand.com/universalui/assets/ 'nonce-uco5CEV6BnsCRKrv1hM4H8IHVm1b3UZi8S5vTIc5W2A='
Content-Type
text/html;charset=utf-8
Critical-Origin-Trial
Tpcd
Date
Mon, 16 Sep 2024 08:05:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=5, max=100
Origin-Trial
Avu6rn7emV5gK8gvyGHlX8TMqM9uo1FacP2j/RWTq+8j+yKnqcTO0TQh0bXJ/7QntxD4/JzXv8aXoqxxZQuqXgYAAABdeyJvcmlnaW4iOiJodHRwczovL29uZGVtYW5kLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Referrer-Policy
origin
Server
SAP
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-IDS-ID
432A3F3E-AE3A-4E0B-A34C-8392B6A3E5A7
X-IDS-Landscape
eu-de-2
X-IDS-Node
idp16
X-IDS-Pool
blue
X-IDS-Project
prod
X-Robots-Tag
none
vary
accept-encoding,X-CSP-STRIP
x-xss-protection
1; mode=block
favicon.ico
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.119.153.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/saml/login/alias/emeacentral-iit-central-prd.azure-live-eu20?disco=true&idp=https%3A%2F%2Fay1gdzomt.accounts.ondemand.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-language
nl-NL
x-vcap-request-id
a0ff5a81-a662-4ee3-473a-c2ff70951ad3
date
Mon, 16 Sep 2024 08:05:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
critical-origin-trial
Tpcd
origin-trial
Avu6rn7emV5gK8gvyGHlX8TMqM9uo1FacP2j/RWTq+8j+yKnqcTO0TQh0bXJ/7QntxD4/JzXv8aXoqxxZQuqXgYAAABdeyJvcmlnaW4iOiJodHRwczovL29uZGVtYW5kLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
content-type
text/html;charset=UTF-8
Primary Request SAP_Cloud_Identity_PRD
eid.prod.aldi-sued.com/WebIdPForms/Login/ 		162 KB
164 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
ad469277a6c3ff55f8ff2a8d4b2438be0105cbfa6a737b8ef423e9fb37d4722f
Security Headers
Name Value
Content-Security-Policy default-src https://dc.services.visualstudio.com/v2/track https://scimempoweridapp.azurewebsites.net 'self'; font-src data: https://fonts.googleapis.com https://fonts.gstatic.com https://maps.google.com 'self' 'unsafe-inline'; frame-ancestors https://*.aldiportal.com https://*.aldisuppliers.com https://*.hoferportal.com https://*.hofersuppliers.com https://*.launchpad.cfapps.ap20.hana.ondemand.com https://*.launchpad.cfapps.eu20.hana.ondemand.com https://*.launchpad.cfapps.us21.hana.ondemand.com https://asp.prod.aldi-sued.com https://myidentity.prod.aldi-sued.com https://mytasks.prod.aldi-sued.com 'self'; frame-src https://maps.google.com https://www.google.com 'self'; img-src data: https://api.qrserver.com/ https://linkmaker.itunes.apple.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://play.google.com 'self'; script-src https://*.msecnd.net/scripts/ https://*.vo.msecnd.net/scripts/ https://maps.google.com https://maps.googleapis.com https://scimempoweridapp.azurewebsites.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'self' 'unsafe-eval' 'unsafe-inline'; style-src https://fonts.googleapis.com https://maps.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ay1gdzomt.accounts.ondemand.com
Referer
https://ay1gdzomt.accounts.ondemand.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-EmpowerID-Api-Key,client_id,scope
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate,no-cache, no-store, must-revalidate
content-security-policy
default-src https://dc.services.visualstudio.com/v2/track https://scimempoweridapp.azurewebsites.net 'self'; font-src data: https://fonts.googleapis.com https://fonts.gstatic.com https://maps.google.com 'self' 'unsafe-inline'; frame-ancestors https://*.aldiportal.com https://*.aldisuppliers.com https://*.hoferportal.com https://*.hofersuppliers.com https://*.launchpad.cfapps.ap20.hana.ondemand.com https://*.launchpad.cfapps.eu20.hana.ondemand.com https://*.launchpad.cfapps.us21.hana.ondemand.com https://asp.prod.aldi-sued.com https://myidentity.prod.aldi-sued.com https://mytasks.prod.aldi-sued.com 'self'; frame-src https://maps.google.com https://www.google.com 'self'; img-src data: https://api.qrserver.com/ https://linkmaker.itunes.apple.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://play.google.com 'self'; script-src https://*.msecnd.net/scripts/ https://*.vo.msecnd.net/scripts/ https://maps.google.com https://maps.googleapis.com https://scimempoweridapp.azurewebsites.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'self' 'unsafe-eval' 'unsafe-inline'; style-src https://fonts.googleapis.com https://maps.google.com 'self' 'unsafe-inline'
content-type
text/html; charset=utf-8
date
Mon, 16 Sep 2024 08:05:06 GMT
eid-lang
nl-NL
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000
uniqueid
d8f18205-0ed0-499e-a6b1-d569ee3d1935
vary
Origin,Accept-Encoding,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block
eid.min.css
eid.prod.aldi-sued.com/webcdn/themes/empowerid/ 		888 KB
889 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/webcdn/themes/empowerid/eid.min.css
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
64b6fe872fe48d52c2eb08b80008192efef8444ff394b546237adb17b2d9e393
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Origin
https://eid.prod.aldi-sued.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 27 Aug 2024 14:17:12 GMT
server
etag
"06420cf8bf8da1:0"
vary
Origin,Accept-Encoding
x-frame-options
deny
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
chrome.css
eid.prod.aldi-sued.com/webcdn/themes/empowerid/browsers/ 		159 B
512 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/webcdn/themes/empowerid/browsers/chrome.css
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
7cc7e491b0e7d75be886963b8e1967672f9f8e9994178b90cc762c5cbfa7b0ea
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Origin
https://eid.prod.aldi-sued.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:18 GMT
server
etag
"01b154b521cd81:0"
vary
Origin,Accept-Encoding,Accept-Encoding
x-frame-options
deny
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
overrides.css
eid.prod.aldi-sued.com/webcdn/overrides/themes/empowerid/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/webcdn/overrides/themes/empowerid/overrides.css
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
02958ee69f16ba5da34105eed6017c84baf71dc76ee6a2c27037640e693d0f1b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Origin
https://eid.prod.aldi-sued.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 04 Jun 2024 21:06:08 GMT
server
etag
"0e055c3b6da1:0"
vary
Origin,Accept-Encoding
x-frame-options
deny
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
3rdparty.min.js
eid.prod.aldi-sued.com/webcdn/scripts/ 		907 KB
908 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/webcdn/scripts/3rdparty.min.js
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
e462bc5087acaffa931683c7929c3641418028c01e2e0c9573c7c01ebaa20bcb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Origin
https://eid.prod.aldi-sued.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:12 GMT
server
etag
"0948147521cd81:0"
vary
Origin,Accept-Encoding
x-frame-options
deny
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
idp.min.js
eid.prod.aldi-sued.com/webcdn/scripts/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/webcdn/scripts/idp.min.js
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
01d8fa246a8be0473f2bd876952fe929d13951f787b7cf643dd2edc9f471a81a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Origin
https://eid.prod.aldi-sued.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:18 GMT
server
etag
"01b154b521cd81:0"
vary
Origin,Accept-Encoding
x-frame-options
deny
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
jquery.ui.datepicker-nl.js
eid.prod.aldi-sued.com/webcdn/scripts/thirdpartyresources/localization/datepicker/ 		922 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/webcdn/scripts/thirdpartyresources/localization/datepicker/jquery.ui.datepicker-nl.js
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
f5879fd10c096a7f0ec223f0f8f94e22b22d4f91787092121816fe436517c4da
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:14 GMT
server
etag
"0c1b248521cd81:0"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
deny
content-type
application/javascript
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
jquery-ui-timepicker-nl.js
eid.prod.aldi-sued.com/webcdn/scripts/thirdpartyresources/localization/timepicker/ 		544 B
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/webcdn/scripts/thirdpartyresources/localization/timepicker/jquery-ui-timepicker-nl.js
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
0331d4e0be15e7c261ed5e3423967a567f0251915c568c1604ee6e6355dde574
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:14 GMT
server
etag
"0c1b248521cd81:0"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
deny
content-type
application/javascript
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
eid.min.js
eid.prod.aldi-sued.com/webcdn/scripts/ 		732 KB
733 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/webcdn/scripts/eid.min.js
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
f1f2482be2cbfd43210d197c24082b9fceb8768c18e884b5268b050c5f0a9347
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Origin
https://eid.prod.aldi-sued.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 27 Aug 2024 14:17:12 GMT
server
etag
"06420cf8bf8da1:0"
vary
Origin,Accept-Encoding
x-frame-options
deny
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
lang-icon.svg
eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/lang-icon.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
4b78c7b1815e0c1d39a3c02c86451cb52d3a48dab4f147492d9936a672bc3c28
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:20 GMT
server
etag
"048464c521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
content-length
1224
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
combined-shape.svg
eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/ 		519 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/combined-shape.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
b02c727182046db654fd7bb53ebc54f30bc0afaa1f3af3de8236f75a2560c69b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:18 GMT
server
etag
"01b154b521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
content-length
519
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
combined-shape-password.svg
eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/ 		819 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/combined-shape-password.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
b4ab27b536974e3add9921c4b15e4902fe22377ad9c2f08083fe9ebcd4193621
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:18 GMT
server
etag
"01b154b521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
content-length
819
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
windowslogo.png
eid.prod.aldi-sued.com/webcdn/images/logos/ 		782 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/webcdn/images/logos/windowslogo.png
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
54567fc4344d25258cdd7cc69e7549ab1e0cb6f097ba34663fab2d9596459fd6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:12 GMT
server
etag
"0948147521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/png
accept-ranges
bytes
content-length
782
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
msazurelogo.png
eid.prod.aldi-sued.com/webcdn/images/logos/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/webcdn/images/logos/msazurelogo.png
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
2cf4d6de11f7f8b9527335dc2b5be3ddb282b15e1a8b605e722cdd543aaa21a9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:12 GMT
server
etag
"0948147521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/png
accept-ranges
bytes
content-length
10506
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
arrow-back.svg
eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/ 		405 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/arrow-back.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
7ccbb87928997611dfb6a507a03c0a7e4fc5a31fd2ac4c0979cf9949b1eb414b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:06 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:18 GMT
server
etag
"01b154b521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
content-length
405
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
Rubik-Regular.ttf
eid.prod.aldi-sued.com/webcdn/themes/empowerid/fonts/Rubik/ 		121 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/webcdn/themes/empowerid/fonts/Rubik/Rubik-Regular.ttf
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/webcdn/themes/empowerid/eid.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
3fe0574900e2c4eb4b587e8a37ce88d1918326debb4c70e73a48aac40dacb1b2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/webcdn/themes/empowerid/eid.min.css
Origin
https://eid.prod.aldi-sued.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 27 Aug 2024 14:17:12 GMT
server
etag
"06420cf8bf8da1:0"
vary
Origin,Accept-Encoding
x-frame-options
deny
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
124236
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
GetPreferredCountries
eid.prod.aldi-sued.com/api/services/v1/Settings/ 		104 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/api/services/v1/Settings/GetPreferredCountries
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/webcdn/scripts/3rdparty.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
0208adc0cdb7a54e01b995de002190a378c667abbdfd4065e9e5eee4fcf66ab8
Security Headers
Name Value
Content-Security-Policy default-src https://dc.services.visualstudio.com/v2/track https://scimempoweridapp.azurewebsites.net 'self'; font-src data: https://fonts.googleapis.com https://fonts.gstatic.com https://maps.google.com 'self' 'unsafe-inline'; frame-ancestors https://*.aldiportal.com https://*.aldisuppliers.com https://*.hoferportal.com https://*.hofersuppliers.com https://*.launchpad.cfapps.ap20.hana.ondemand.com https://*.launchpad.cfapps.eu20.hana.ondemand.com https://*.launchpad.cfapps.us21.hana.ondemand.com https://asp.prod.aldi-sued.com https://myidentity.prod.aldi-sued.com https://mytasks.prod.aldi-sued.com 'self'; frame-src https://maps.google.com https://www.google.com 'self'; img-src data: https://api.qrserver.com/ https://linkmaker.itunes.apple.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://play.google.com 'self'; script-src https://*.msecnd.net/scripts/ https://*.vo.msecnd.net/scripts/ https://maps.google.com https://maps.googleapis.com https://scimempoweridapp.azurewebsites.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'self' 'unsafe-eval' 'unsafe-inline'; style-src https://fonts.googleapis.com https://maps.google.com 'self' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

X-EmpowerID-API-Key
12345
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
mediaType
application/json
Content-Type
application/json
Accept
*/*
cache-control
no-cache
Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
X-Requested-With
XMLHttpRequest

Response headers

pragma
no-cache,no-cache
date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src https://dc.services.visualstudio.com/v2/track https://scimempoweridapp.azurewebsites.net 'self'; font-src data: https://fonts.googleapis.com https://fonts.gstatic.com https://maps.google.com 'self' 'unsafe-inline'; frame-ancestors https://*.aldiportal.com https://*.aldisuppliers.com https://*.hoferportal.com https://*.hofersuppliers.com https://*.launchpad.cfapps.ap20.hana.ondemand.com https://*.launchpad.cfapps.eu20.hana.ondemand.com https://*.launchpad.cfapps.us21.hana.ondemand.com https://asp.prod.aldi-sued.com https://myidentity.prod.aldi-sued.com https://mytasks.prod.aldi-sued.com 'self'; frame-src https://maps.google.com https://www.google.com 'self'; img-src data: https://api.qrserver.com/ https://linkmaker.itunes.apple.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://play.google.com 'self'; script-src https://*.msecnd.net/scripts/ https://*.vo.msecnd.net/scripts/ https://maps.google.com https://maps.googleapis.com https://scimempoweridapp.azurewebsites.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'self' 'unsafe-eval' 'unsafe-inline'; style-src https://fonts.googleapis.com https://maps.google.com 'self' 'unsafe-inline'
x-content-type-options
nosniff
vary
Origin,Accept-Encoding
x-frame-options
sameorigin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache,no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type,Authorization,X-EmpowerID-Api-Key,client_id,scope
content-length
104
x-xss-protection
1; mode=block
expires
-1,0
GetAllLocales
eid.prod.aldi-sued.com/api/services/v1/Login/ 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/api/services/v1/Login/GetAllLocales
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/webcdn/scripts/3rdparty.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
367dabf3221267328b2c91d0f722cd6b828ea4b9dce581ae4bcc96344975329c
Security Headers
Name Value
Content-Security-Policy default-src https://dc.services.visualstudio.com/v2/track https://scimempoweridapp.azurewebsites.net 'self'; font-src data: https://fonts.googleapis.com https://fonts.gstatic.com https://maps.google.com 'self' 'unsafe-inline'; frame-ancestors https://*.aldiportal.com https://*.aldisuppliers.com https://*.hoferportal.com https://*.hofersuppliers.com https://*.launchpad.cfapps.ap20.hana.ondemand.com https://*.launchpad.cfapps.eu20.hana.ondemand.com https://*.launchpad.cfapps.us21.hana.ondemand.com https://asp.prod.aldi-sued.com https://myidentity.prod.aldi-sued.com https://mytasks.prod.aldi-sued.com 'self'; frame-src https://maps.google.com https://www.google.com 'self'; img-src data: https://api.qrserver.com/ https://linkmaker.itunes.apple.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://play.google.com 'self'; script-src https://*.msecnd.net/scripts/ https://*.vo.msecnd.net/scripts/ https://maps.google.com https://maps.googleapis.com https://scimempoweridapp.azurewebsites.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'self' 'unsafe-eval' 'unsafe-inline'; style-src https://fonts.googleapis.com https://maps.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
cache-control
no-cache
Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
X-Requested-With
XMLHttpRequest
X-EmpowerID-API-Key
12345
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache,no-cache
date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src https://dc.services.visualstudio.com/v2/track https://scimempoweridapp.azurewebsites.net 'self'; font-src data: https://fonts.googleapis.com https://fonts.gstatic.com https://maps.google.com 'self' 'unsafe-inline'; frame-ancestors https://*.aldiportal.com https://*.aldisuppliers.com https://*.hoferportal.com https://*.hofersuppliers.com https://*.launchpad.cfapps.ap20.hana.ondemand.com https://*.launchpad.cfapps.eu20.hana.ondemand.com https://*.launchpad.cfapps.us21.hana.ondemand.com https://asp.prod.aldi-sued.com https://myidentity.prod.aldi-sued.com https://mytasks.prod.aldi-sued.com 'self'; frame-src https://maps.google.com https://www.google.com 'self'; img-src data: https://api.qrserver.com/ https://linkmaker.itunes.apple.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://play.google.com 'self'; script-src https://*.msecnd.net/scripts/ https://*.vo.msecnd.net/scripts/ https://maps.google.com https://maps.googleapis.com https://scimempoweridapp.azurewebsites.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'self' 'unsafe-eval' 'unsafe-inline'; style-src https://fonts.googleapis.com https://maps.google.com 'self' 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
vary
Origin,Accept-Encoding
x-frame-options
sameorigin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache,no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type,Authorization,X-EmpowerID-Api-Key,client_id,scope
x-xss-protection
1; mode=block
expires
-1,0
login-bg.jpg
eid.prod.aldi-sued.com/webcdn/overrides/themes/empowerid/images/ 		466 KB
467 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/webcdn/overrides/themes/empowerid/images/login-bg.jpg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/webcdn/overrides/themes/empowerid/overrides.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
ffa29be271acdcb30d78afa224dbdb31710d93d38250463089bb18e6742535a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/webcdn/overrides/themes/empowerid/overrides.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 12 Apr 2022 09:23:39 GMT
server
etag
"2ae5cefe4e4ed81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/jpeg
accept-ranges
bytes
content-length
477688
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
aldi_neutral.svg
eid.prod.aldi-sued.com/webcdn/overrides/themes/empowerid/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/webcdn/overrides/themes/empowerid/images/aldi_neutral.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/webcdn/overrides/themes/empowerid/overrides.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
ecb20552dc5c6257a6588034ef0bc63075ff2b45f4bbc2e65ff8bded9ac5ac43
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/webcdn/overrides/themes/empowerid/overrides.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Feb 2022 21:46:38 GMT
server
etag
"0b350ab3528d81:0"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
check-box.png
eid.prod.aldi-sued.com/webcdn/themes/empowerid/images/ 		169 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/webcdn/themes/empowerid/images/check-box.png
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/webcdn/themes/empowerid/eid.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
a0909f618f140a544eaf162d9b66c8e5d22022161bb28c1adc1b05f235ae3842
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/webcdn/themes/empowerid/eid.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:18 GMT
server
etag
"01b154b521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/png
accept-ranges
bytes
content-length
169
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
en.svg
eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/en.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
565a15e8e6a6454eca2e5adfc97dc01db9c908d4187c36d7371dd0cf2954ff6d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:18 GMT
server
etag
"01b154b521cd81:0"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
remember-me.svg
eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/ 		248 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/remember-me.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
7249c81891403c83293e9f7fc35a5ab2cb43bc62e06e03f49e6d4bac20c6a722
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:20 GMT
server
etag
"048464c521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
content-length
248
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
de-DE.svg
eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/de-DE.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
0ac15b71d8b14f8b5d20f745e513e3eb36bbe9abd3c8145581f706b7eb592de5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:18 GMT
server
etag
"01b154b521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
content-length
1536
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
it-IT.svg
eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/it-IT.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
ec3d01a94baed6cd15c967aec976c3acee126133e1a425758a76c23945bc57b5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:18 GMT
server
etag
"01b154b521cd81:0"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
hu-HU.svg
eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/hu-HU.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
d3997d9f2bbdfa8d5b8c9502d53579a50e15c8c998118ad134289e37a992373e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:18 GMT
server
etag
"01b154b521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
content-length
1086
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
sl-SI.svg
eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eid.prod.aldi-sued.com/WebCDN/themes/empowerid/images/sl-SI.svg
Requested by
Host: eid.prod.aldi-sued.com
URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
7370c9e4894ae097353deab514b887e75ed32fb9d5ebf72fd6c7ab0c736e726d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:20 GMT
server
etag
"048464c521cd81:0"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT
favicon.ico
eid.prod.aldi-sued.com/webcdn/images/icons/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://eid.prod.aldi-sued.com/webcdn/images/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.157.100.151 Essen, Germany, ASN204724 (ALDI_IIT, DE),
Reverse DNS
Software
/
Resource Hash
60d427c86aa5d422efaf0aba718cc9b029a2e0afd264abcba0475534c2ad7e0d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 08:05:07 GMT
content-security-policy
default-src 'self'; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src https://www.google.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Feb 2022 18:41:12 GMT
server
etag
"0948147521cd81:0"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/x-icon
accept-ranges
bytes
content-length
15406
x-xss-protection
1; mode=block
expires
Mon, 31 Dec 2040 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Queue object| ua function| domReady object| cssHelper function| XMLWriter function| saveAs object| Base64 function| $ function| jQuery object| jQuery19109927802404269039 object| ko object| XSS object| html5 object| Modernizr function| Globalize object| screenfull function| Quill object| Papa object| u2f function| Plugin object| allCountries object| c string| pluginName number| id object| defaults object| keys object| regionlessNanpNumbers object| bowser object| eidResx object| eid function| Arcfour function| ARC4init function| ARC4next function| prng_newstate function| rng_seed_int function| rng_seed_time function| rng_get_byte function| rng_get_bytes function| SecureRandom function| get_random object| realFields object| realFieldsMapper object| realPasswordMapper object| tmpPasswordMapper object| passwordLenMapper object| _helper object| rng_pool number| rng_pptr number| rng_psize number| t object| crypt_obj number| num object| buf

13 Cookies

Domain/Path Name / Value
emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com/ Name: fragmentAfterLogin
Value: %23%2Foverview
emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com/ Name: locationAfterLogin
Value: %2F822ce644-a81a-4cfe-b6fa-6370b5774464.ds-mcservice.comsapaldisupplierDocuments%2Findex.html
emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com/ Name: signature
Value: OJ1h5mN7SfLEC7rCn0%2F%2B3Hfk1qs%3D
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/ Name: JSESSIONID
Value: 5FD55E52583B4737A87F2327EB0444BE
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/ Name: __VCAP_ID__
Value: 72983d19-264e-4953-549b-d7fe
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/ Name: X-Uaa-Csrf
Value: B6M0CdTIRyKkDdJJvNfRcF
ay1gdzomt.accounts.ondemand.com/ Name: __HOST-arc9c17a3
Value: AAAADEum0%2BX%2FdiD0huw0vlLiCGqXUqsSljmgEJKpBHsfOLJB1o7KvEx%2BuuohO6EIZjRepu6MC12DhbHdQkpkVhrf8GMtyY%2FlRznC1Aw2%2FjPI9BS8eYn%2FpAfGeRYN6rL8BXNTlt%2BiZdk7VVG72xuDvwVVo0x7Enogrk3EIEgNe1FmKgPDc3%2FDGjyKXXMkaxAf6AKSt3J1I%2BHc5YM5OXzsTAr5ZR2EartSoV%2B1uW%2F1NzqRbdEhSzxRPam9csVOpJGmYR1OzH8e2d2nnNOEEDHjLtGBe%2FHBnzHpMCg2Wiii%2B8kLRPQeEJL9DAP11OTwFzX09aZlhrSo7gMOd3IhN8hqKUkJEPkQ4108GjD9c9Ep%2B8zHr%2F5WtZKImcbgbbRD2yWnTl1rOT8V7xQc%2BGZb7CPIXuixjPyxV%2FkwJf5In4s%2B%2BTzkAsACvJix6mgdG94PdLv1VJl1py550NA5M0ZnGSVEUQRpWpg3fIvrzobdjgRzPrCI9hopm%2BWVyaiqaxEUtxk0EUd0w4K35J2RcFwgdzdfNfMj%2B4Eb7hzOQxg4oY0Qe%2BIqXqmH3cbH9ZzxK0lLwiR7XLsfen8zjPzt%2Bo1WaGzbFfm9CfHYpyv1uTQ851pbTY2667%2FVrONOewE6RkCLV3zcmyzC%2BddB4Ris%2B8FTzT1NfrvYVQnIQZ2pujfQusglRuFLKfiQyVjg9Wdzb0I8WVQuKC7e%2BmOK8m5OmU3RuN0oBO%2FDBhYX%2B6AOTJ0J3Ov0ahx9o71z90ePnVpu%2FC%2BYkoFcMRUf8pz4JIlgEK2spJU%3D
ay1gdzomt.accounts.ondemand.com/ Name: __HOST-XSRF_COOKIE
Value: 9pJqEzot6MQTUBriEY8j8CMnPDumqaxJr_dBM6293046MTcyNjQ3MzkwNTk4MA
ay1gdzomt.accounts.ondemand.com/ Name: JSESSIONID
Value: 0E16DD5142F67D7A351DA115A93294C4
eid.prod.aldi-sued.com/ Name: __RequestVerificationToken_L1dlYklkUEZvcm1z0
Value: 92viFF_7lBsLw6lTtaK70p5m_zeSiIwGXkTTSMHSIe4zQzaMNiafEwTJ0qLTiQoQEQoH9AQX48Tltwb-OlYuyqIY2Vc1
eid.prod.aldi-sued.com/ Name: .EidCurrentPerson
Value: JlbZMNWP0BIFI+B0dLqhr4jvBA36etVZplZwItr/IXPfcckwD9D7028UnPbp0DIs
eid.prod.aldi-sued.com/ Name: LocaleAnonymous
Value: 17
eid.prod.aldi-sued.com/ Name: Locale
Value: 17

3 Console Messages

Source Level URL
Text
network error URL: https://emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation warning URL: https://eid.prod.aldi-sued.com/webcdn/scripts/3rdparty.min.js(Line 2)
Message:
Listener added for a 'DOMNodeInserted' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.
recommendation verbose URL: https://eid.prod.aldi-sued.com/WebIdPForms/Login/SAP_Cloud_Identity_PRD
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ay1gdzomt.accounts.ondemand.com
eid.prod.aldi-sued.com
emeacentral-iit-central-prd.authentication.eu20.hana.ondemand.com
emeacentral-iit-central-prd.launchpad.cfapps.eu20.hana.ondemand.com
130.214.144.214
185.157.100.151
40.119.153.88
01d8fa246a8be0473f2bd876952fe929d13951f787b7cf643dd2edc9f471a81a
0208adc0cdb7a54e01b995de002190a378c667abbdfd4065e9e5eee4fcf66ab8
02958ee69f16ba5da34105eed6017c84baf71dc76ee6a2c27037640e693d0f1b
0331d4e0be15e7c261ed5e3423967a567f0251915c568c1604ee6e6355dde574
0ac15b71d8b14f8b5d20f745e513e3eb36bbe9abd3c8145581f706b7eb592de5
2cf4d6de11f7f8b9527335dc2b5be3ddb282b15e1a8b605e722cdd543aaa21a9
367dabf3221267328b2c91d0f722cd6b828ea4b9dce581ae4bcc96344975329c
3fe0574900e2c4eb4b587e8a37ce88d1918326debb4c70e73a48aac40dacb1b2
4b78c7b1815e0c1d39a3c02c86451cb52d3a48dab4f147492d9936a672bc3c28
54567fc4344d25258cdd7cc69e7549ab1e0cb6f097ba34663fab2d9596459fd6
565a15e8e6a6454eca2e5adfc97dc01db9c908d4187c36d7371dd0cf2954ff6d
60d427c86aa5d422efaf0aba718cc9b029a2e0afd264abcba0475534c2ad7e0d
64b6fe872fe48d52c2eb08b80008192efef8444ff394b546237adb17b2d9e393
7249c81891403c83293e9f7fc35a5ab2cb43bc62e06e03f49e6d4bac20c6a722
7370c9e4894ae097353deab514b887e75ed32fb9d5ebf72fd6c7ab0c736e726d
7cc7e491b0e7d75be886963b8e1967672f9f8e9994178b90cc762c5cbfa7b0ea
7ccbb87928997611dfb6a507a03c0a7e4fc5a31fd2ac4c0979cf9949b1eb414b
a0909f618f140a544eaf162d9b66c8e5d22022161bb28c1adc1b05f235ae3842
ad469277a6c3ff55f8ff2a8d4b2438be0105cbfa6a737b8ef423e9fb37d4722f
b02c727182046db654fd7bb53ebc54f30bc0afaa1f3af3de8236f75a2560c69b
b2e253325d7818ec6fa586bb4077d74314cb16fcc17c60a04a85bcd3b102ac53
b4ab27b536974e3add9921c4b15e4902fe22377ad9c2f08083fe9ebcd4193621
d3997d9f2bbdfa8d5b8c9502d53579a50e15c8c998118ad134289e37a992373e
e462bc5087acaffa931683c7929c3641418028c01e2e0c9573c7c01ebaa20bcb
ec3d01a94baed6cd15c967aec976c3acee126133e1a425758a76c23945bc57b5
ecb20552dc5c6257a6588034ef0bc63075ff2b45f4bbc2e65ff8bded9ac5ac43
f1f2482be2cbfd43210d197c24082b9fceb8768c18e884b5268b050c5f0a9347
f5879fd10c096a7f0ec223f0f8f94e22b22d4f91787092121816fe436517c4da
ffa29be271acdcb30d78afa224dbdb31710d93d38250463089bb18e6742535a0