urlscan.io logo urlscan.io
SecurityTrails logo

mein.aral.de Open in urlscan Pro
195.82.66.141  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mein.aral.de/
Effective URL: https://mein.aral.de/
Submission: On April 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 195.82.66.141, located in Germany and belongs to PIRONETNDH-AS CANCOM Managed Services GmbH, DE. The main domain is mein.aral.de.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 15th 2023. Valid for: a year.
This is the only time mein.aral.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 195.82.66.141 8469 (PIRONETND...)
17 195.82.66.145 8469 (PIRONETND...)
5 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.138 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
26 5
1    195.82.66.141 (Germany)

ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE)
PTR: www.aral-supercard.de
mein.aral.de
17    195.82.66.145 (Germany)

ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE)
PTR: ap145.antwerpes.de
dccdn.de
5    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net
maps.googleapis.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
Apex Domain
Subdomains		 Transfer
17 dccdn.de
dccdn.de — Cisco Umbrella Rank: 267432
698 KB
6 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 362
229 KB
2 gstatic.com
maps.gstatic.com
5 KB
1 aral.de
mein.aral.de
23 KB
26 4
Domain Requested by
17 dccdn.de mein.aral.de
dccdn.de
6 maps.googleapis.com mein.aral.de
maps.googleapis.com
2 maps.gstatic.com mein.aral.de
1 mein.aral.de
26 4
Subject Issuer Validity Valid
mein.aral.de
Entrust Certification Authority - L1K		 2023-08-15 -
2024-08-22		 a year crt.sh
dccdn.de
Sectigo RSA Domain Validation Secure Server CA		 2023-11-23 -
2024-11-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mein.aral.de/
Frame ID: E11C1077F518CAF3E9D8AE7214BE37BC
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mein Aral - Übersicht der Leistungen

Page URL History Show full URLs

  1. http://mein.aral.de/ HTTP 307
    https://mein.aral.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <[^>]+class=\"[^\"]+\ssvelte-[\w]*\"

Page Statistics

26
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

956 kB
Transfer

1833 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mein.aral.de/ HTTP 307
    https://mein.aral.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mein.aral.de/
Redirect Chain
  • http://mein.aral.de/
  • https://mein.aral.de/
127 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mein.aral.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.82.66.141 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
www.aral-supercard.de
Software
doccheckWebserver /
Resource Hash
e8108886b5f794881cc63926f290db5b7b10ea1a4dd14a3df47a77e86327d4ba
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; connect-src 'self' data: dccdn.de *.google-analytics.com *.doubleclick.net maps.googleapis.com *.google.com *.google.de *.google.co.uk *.aral.de payback.de navitas.demdex.net px.ads.linkedin.com www.facebook.com *.demdex.net *.loggly.com; default-src 'unsafe-inline' 'self' data: https:; form-action 'self' facebook.com www.facebook.com; frame-src 'self' www.google.com www.googletagmanager.com recaptcha.net *.aral.de *.payback.de *.demdex.net www.facebook.com *.doubleclick.net xr-stage.antwerpes.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com www.gstatic.com tagmanager.google.com www.google.com *.doubleclick.net *.googleapis.com dccdn.de *.adform.net recaptcha.net *.aral.de *.payback.de cloudfront.loggly.com connect.facebook.net snap.licdn.com; report-uri https://mein.aral.de/csp/report
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, x-requested-with, content-type
access-control-allow-methods
GET, POST, DELETE, OPTIONS
cache-control
private, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self'; connect-src 'self' data: dccdn.de *.google-analytics.com *.doubleclick.net maps.googleapis.com *.google.com *.google.de *.google.co.uk *.aral.de payback.de navitas.demdex.net px.ads.linkedin.com www.facebook.com *.demdex.net *.loggly.com; default-src 'unsafe-inline' 'self' data: https:; form-action 'self' facebook.com www.facebook.com; frame-src 'self' www.google.com www.googletagmanager.com recaptcha.net *.aral.de *.payback.de *.demdex.net www.facebook.com *.doubleclick.net xr-stage.antwerpes.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com www.gstatic.com tagmanager.google.com www.google.com *.doubleclick.net *.googleapis.com dccdn.de *.adform.net recaptcha.net *.aral.de *.payback.de cloudfront.loggly.com connect.facebook.net snap.licdn.com; report-uri https://mein.aral.de/csp/report
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 21 Apr 2024 09:44:04 GMT
expires
-1
permissions-policy
microphone=(), payment=(), sync-xhr=(self)
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
doccheckWebserver
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

Location
https://mein.aral.de/
Non-Authoritative-Reason
HttpsUpgrades
frontend.8a3fbf5779bb1c35df146f8198181a8d.css
dccdn.de/mein.aral.de/css/ 		129 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
d443c0ac1a2d5854eacdf154cd2fc9048b24886b740453ce2db647e87869ccdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Mar 2024 16:04:04 GMT
etag
"2058a-614baac182500-gzip"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css
access-control-allow-methods
GET, POST, DELETE, OPTIONS
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
21064
aral-100-jahre.webp
dccdn.de/mein.aral.de/vendor/octane/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccdn.de/mein.aral.de/vendor/octane/images/aral-100-jahre.webp
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
7961aa3bc15f81c942e9944ab14ba48a630619491f5b37194b9c50c2959f8d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:29:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Jan 2024 15:59:19 GMT
etag
"5d26-60df894c123c0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
image/webp
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
23846
header_480.836d5f78c2d506714d29d61dd5a9f862.webp
dccdn.de/mein.aral.de/images/teasers/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccdn.de/mein.aral.de/images/teasers/header_480.836d5f78c2d506714d29d61dd5a9f862.webp
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
c68017c39d4a420220eec4439200cfb415d3b922e077a460da7a8e8d5738ff2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 06:45:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Nov 2023 10:07:07 GMT
etag
"1cb0-609b55dc228c0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
image/webp
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
7344
js
maps.googleapis.com/maps/api/ 		229 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDcWIunfvfVrEumjUc8QIpuqfSi-jnjrFY&region=de&libraries=places&language=de&channel=aral-mein-station-finder
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
4e2436c78dffd2083edfd5a19149f6a2ed8ab2cd8b0fe13a1ab3a46b98708ba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 09:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76820
x-xss-protection
0
manifest.b8e8dff43f1a0bcf46ffd262a49cc6ea.js
dccdn.de/mein.aral.de/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dccdn.de/mein.aral.de/js/manifest.b8e8dff43f1a0bcf46ffd262a49cc6ea.js
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
cf20becb7f37e13413683e629e33864672da1aa4d9bd83c332647b573dbbda68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Jan 2024 14:49:43 GMT
etag
"7ad-60e846cbc0fc0-gzip"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, POST, DELETE, OPTIONS
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
1018
frontend.b912cdf6d2e1eb6d79b169c7884509b3.js
dccdn.de/mein.aral.de/js/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dccdn.de/mein.aral.de/js/frontend.b912cdf6d2e1eb6d79b169c7884509b3.js
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
e4c615aedd21ca78d9690d5a91abd5c26ffdd483cb33a57df23a297b89d5515a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Dec 2023 16:51:48 GMT
etag
"2061d-60bb1ef0d3100-gzip"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, POST, DELETE, OPTIONS
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
41954
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDcWIunfvfVrEumjUc8QIpuqfSi-jnjrFY&region=de&libraries=places&language=de&channel=aral-mein-station-finder
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 09:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://mein.aral.de
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
header.jpg
dccdn.de/mein.aral.de/images/teasers/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccdn.de/mein.aral.de/images/teasers/header.jpg
Requested by
Host: dccdn.de
URL: https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
8f8ae90b5592941da811b2787f867f838b7c92ac343338ea17d9422fa952ea0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 06:46:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Nov 2023 10:07:04 GMT
etag
"21731-609b55d946200"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
image/jpeg
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
137009
AralV3-Regular.woff2
dccdn.de/mein.aral.de/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dccdn.de/mein.aral.de/fonts/AralV3-Regular.woff2
Requested by
Host: dccdn.de
URL: https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
4b967d744c2ca4215548905e220e0bb53405f19143746c283b5d140a546823a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Origin
https://mein.aral.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:29:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2024 06:32:46 GMT
etag
"603c-6158ff9387f80"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
24636
aral-icons.woff2
dccdn.de/mein.aral.de/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dccdn.de/mein.aral.de/fonts/aral-icons.woff2
Requested by
Host: dccdn.de
URL: https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
4c88b723f44927ff7acb5d722cd90501078cff77f30406f33b474577aece39d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Origin
https://mein.aral.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:29:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2024 11:36:20 GMT
etag
"2bd4-612d42269f500"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
11220
AralV3-Light.woff2
dccdn.de/mein.aral.de/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dccdn.de/mein.aral.de/fonts/AralV3-Light.woff2
Requested by
Host: dccdn.de
URL: https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
1c6af9ec2c79632e66db295f43719702ec35fc4003ead6af9ef874ea4f4558f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Origin
https://mein.aral.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 06:45:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2024 06:32:46 GMT
etag
"5e40-6158ff9387f80"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
24128
AralV3-Bold.woff2
dccdn.de/mein.aral.de/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dccdn.de/mein.aral.de/fonts/AralV3-Bold.woff2
Requested by
Host: dccdn.de
URL: https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
a37a7b093e9168eb5acd225fdd1e3ad7556ee4652110ce8672b62694d14315d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dccdn.de/mein.aral.de/css/frontend.8a3fbf5779bb1c35df146f8198181a8d.css
Origin
https://mein.aral.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:29:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2024 06:32:46 GMT
etag
"6008-6158ff9387f80"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
24584
station.a1e85227f6e0470165291bb8ac775ba3.webp
dccdn.de/mein.aral.de/images/teasers/ 		277 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccdn.de/mein.aral.de/images/teasers/station.a1e85227f6e0470165291bb8ac775ba3.webp
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
6c7d9cb9cafd3dfd041771ddf00569a668576c757db5a5a56c88f7dc3675af63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 06:48:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Nov 2023 10:07:04 GMT
etag
"454d0-609b55d946200"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
image/webp
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
283856
promotion_100y_870.8d30492b026b57269a6d3ac2873bf13c.webp
dccdn.de/mein.aral.de/images/teasers/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccdn.de/mein.aral.de/images/teasers/promotion_100y_870.8d30492b026b57269a6d3ac2873bf13c.webp
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
63525505a34a43600bc91ef2582a05553b6479b5a9102adc10e6561d0dfde13c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 07:11:03 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2024 07:01:09 GMT
etag
"8aa6-615905eba3740"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
image/webp
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
35494
promotion_wheel_of_fortune_870.2c27ff59f1d689b5e9cefddf9d7283ec.webp
dccdn.de/mein.aral.de/images/teasers/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccdn.de/mein.aral.de/images/teasers/promotion_wheel_of_fortune_870.2c27ff59f1d689b5e9cefddf9d7283ec.webp
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
a68f0ef0cbfe7d479b86eed897e658d6fe47aedf01b946c75aeabbf79370d290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 07:11:03 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2024 07:01:11 GMT
etag
"7c9e-615905ed8bbc0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
image/webp
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
31902
toll_480.458eff8678252d857c94770abdb644fc.webp
dccdn.de/mein.aral.de/images/teasers/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccdn.de/mein.aral.de/images/teasers/toll_480.458eff8678252d857c94770abdb644fc.webp
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
07150ee63763c4c8a8ba948cbc761e13990c79a6168d922cabdd176e63743cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 10:59:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Nov 2023 10:07:16 GMT
etag
"3dd8-609b55e4b7d00"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
image/webp
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
15832
geodata_480.9f8afd46f9556b0d94fa9ae9de192b05.webp
dccdn.de/mein.aral.de/images/teasers/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccdn.de/mein.aral.de/images/teasers/geodata_480.9f8afd46f9556b0d94fa9ae9de192b05.webp
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
ec615187dc66dd5a99be32fbc8746096f43648a65e12bd64a519aede3ae817ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 10:59:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Nov 2023 10:07:07 GMT
etag
"3f00-609b55dc228c0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
image/webp
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
16128
theory-coach_480.88bcd41638723a05f9d8a5947420d724.webp
dccdn.de/mein.aral.de/images/teasers/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccdn.de/mein.aral.de/images/teasers/theory-coach_480.88bcd41638723a05f9d8a5947420d724.webp
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
5c2ce1cb5618b09917140525924217130d5aebddca4eb3715e49b9e92f97fe03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 23:37:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Feb 2024 15:52:45 GMT
etag
"18ba-61053fc826d40"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
image/webp
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
6330
common.js
maps.googleapis.com/maps-api-v3/api/js/55/11a/intl/de_ALL/ 		255 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/11a/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDcWIunfvfVrEumjUc8QIpuqfSi-jnjrFY&region=de&libraries=places&language=de&channel=aral-mein-station-finder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9778cefa5bc916787368c4a29a3c38a2db4cda49948992b5110a5b1fe6ac7eda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 03:15:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
109698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56593
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 23:41:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Apr 2025 03:15:46 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/55/11a/intl/de_ALL/ 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/11a/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDcWIunfvfVrEumjUc8QIpuqfSi-jnjrFY&region=de&libraries=places&language=de&channel=aral-mein-station-finder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b67fa9d9cea06d520cc18c812be2a501053afad7e18fc14d3496cc12198fc08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 23:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
124953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57065
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 23:41:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Apr 2025 23:01:31 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/55/11a/intl/de_ALL/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/11a/intl/de_ALL/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDcWIunfvfVrEumjUc8QIpuqfSi-jnjrFY&region=de&libraries=places&language=de&channel=aral-mein-station-finder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebb71e406d56ad65aeb11df97a08c073292c1872309e14a42dfb985736ee0026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 03:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
109833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25224
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 23:41:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Apr 2025 03:13:31 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/55/11a/intl/de_ALL/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/11a/intl/de_ALL/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDcWIunfvfVrEumjUc8QIpuqfSi-jnjrFY&region=de&libraries=places&language=de&channel=aral-mein-station-finder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbcc9686565bdd1e964c8164fd0331ea0a3f74e18413c78c372edbcfa2dd5a99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 11:31:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
79970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17745
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 23:41:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Apr 2025 11:31:14 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 09:44:05 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1616
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Sun, 21 Apr 2024 09:44:05 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: mein.aral.de
URL: https://mein.aral.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 09:44:04 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3351
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Sun, 21 Apr 2024 09:44:04 GMT
favicon-32x32.png
dccdn.de/mein.aral.de/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dccdn.de/mein.aral.de/favicon-32x32.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.66.145 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
ap145.antwerpes.de
Software
/
Resource Hash
0b06e3dd037ddd77403bf2bcdcc1c7abc29fbc6ea8e67a54526da647e37086f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mein.aral.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 12:29:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 May 2023 10:34:55 GMT
etag
"4d0-5fc822bd8abdc"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, DELETE, OPTIONS
content-type
image/png
cache-control
max-age=259200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
content-length
1232

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| serverDL boolean| COOKIE_CONSENT_ENABLED object| COOKIE_DOMAINS string| CONSENT_DOMAIN string| GTM_ID boolean| LOGIN_STATUS boolean| IS_PAYBACK string| STATION_FINDER_HOST boolean| FEATURE_FLAG_WATCHLIST object| webpackChunk object| dataLayer object| DataLayer object| __e3_

2 Cookies

Domain/Path Name / Value
mein.aral.de/ Name: XSRF-TOKEN
Value: eyJpdiI6Ink5Q2w0Tk5lNjhnVE82bGhLdFRqSWc9PSIsInZhbHVlIjoia1Q2QnNTMEVTYXhLenBGMzRRbjZQWFlPUmcrSlNacTlVM3BHQWNoQUovdjY5RDlTN0RJREdBNUtaaElpYThTcUh3dHNnWWJaNFhEQllaWTFPd3ZGQ0ZMQkU2YWp6VkdYMlZHT1NhOXEvY0w4L3ZEUG9BZzJDU2ZOVXJWcFNPL2wiLCJtYWMiOiJiM2Y5ODg5ODk5YzYwNzg4NGRhZjVmODhhMzc2OGNiN2FiMGM3NGY1OTc3ZDg3NjUwMmRmNDdkZmYzMWYxZmNhIiwidGFnIjoiIn0%3D
mein.aral.de/ Name: mein_aral_session
Value: eyJpdiI6IlFFUWl4YjNWT2Fkankzb05uQ1M2Wnc9PSIsInZhbHVlIjoiTGtZbEZOMEp2ME1ieGpvL2E1c095MnliYmt4b1FMMDhid2Y2VEhuUWpQek9mc0IydFVrREFaNXM0aXJZUXZuWklUZ2pKZmdPeDNFL290aEhTVHNpdUEvM213R2N0aUh3T0UycGluVGh3TEtUTzVCaFRtaXg1S28ya3FvVnloSUUiLCJtYWMiOiI2NWY2OTJhMDJkODk5YTJhN2E2YTFkNzNmYzFmMzNiNmY0MDRjMGRhY2ZiNzJiZGNiNmRlODY2NzQyYzFlYzZlIiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; connect-src 'self' data: dccdn.de *.google-analytics.com *.doubleclick.net maps.googleapis.com *.google.com *.google.de *.google.co.uk *.aral.de payback.de navitas.demdex.net px.ads.linkedin.com www.facebook.com *.demdex.net *.loggly.com; default-src 'unsafe-inline' 'self' data: https:; form-action 'self' facebook.com www.facebook.com; frame-src 'self' www.google.com www.googletagmanager.com recaptcha.net *.aral.de *.payback.de *.demdex.net www.facebook.com *.doubleclick.net xr-stage.antwerpes.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com www.gstatic.com tagmanager.google.com www.google.com *.doubleclick.net *.googleapis.com dccdn.de *.adform.net recaptcha.net *.aral.de *.payback.de cloudfront.loggly.com connect.facebook.net snap.licdn.com; report-uri https://mein.aral.de/csp/report
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dccdn.de
maps.googleapis.com
maps.gstatic.com
mein.aral.de
172.217.16.138
195.82.66.141
195.82.66.145
2a00:1450:4001:80e::2003
2a00:1450:4001:82a::200a
07150ee63763c4c8a8ba948cbc761e13990c79a6168d922cabdd176e63743cc6
0b06e3dd037ddd77403bf2bcdcc1c7abc29fbc6ea8e67a54526da647e37086f5
1c6af9ec2c79632e66db295f43719702ec35fc4003ead6af9ef874ea4f4558f5
3b67fa9d9cea06d520cc18c812be2a501053afad7e18fc14d3496cc12198fc08
4b967d744c2ca4215548905e220e0bb53405f19143746c283b5d140a546823a1
4c88b723f44927ff7acb5d722cd90501078cff77f30406f33b474577aece39d0
4e2436c78dffd2083edfd5a19149f6a2ed8ab2cd8b0fe13a1ab3a46b98708ba1
5c2ce1cb5618b09917140525924217130d5aebddca4eb3715e49b9e92f97fe03
63525505a34a43600bc91ef2582a05553b6479b5a9102adc10e6561d0dfde13c
6c7d9cb9cafd3dfd041771ddf00569a668576c757db5a5a56c88f7dc3675af63
7961aa3bc15f81c942e9944ab14ba48a630619491f5b37194b9c50c2959f8d2b
8f8ae90b5592941da811b2787f867f838b7c92ac343338ea17d9422fa952ea0d
9778cefa5bc916787368c4a29a3c38a2db4cda49948992b5110a5b1fe6ac7eda
a37a7b093e9168eb5acd225fdd1e3ad7556ee4652110ce8672b62694d14315d4
a68f0ef0cbfe7d479b86eed897e658d6fe47aedf01b946c75aeabbf79370d290
c68017c39d4a420220eec4439200cfb415d3b922e077a460da7a8e8d5738ff2c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbcc9686565bdd1e964c8164fd0331ea0a3f74e18413c78c372edbcfa2dd5a99
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cf20becb7f37e13413683e629e33864672da1aa4d9bd83c332647b573dbbda68
d443c0ac1a2d5854eacdf154cd2fc9048b24886b740453ce2db647e87869ccdb
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
e4c615aedd21ca78d9690d5a91abd5c26ffdd483cb33a57df23a297b89d5515a
e8108886b5f794881cc63926f290db5b7b10ea1a4dd14a3df47a77e86327d4ba
ebb71e406d56ad65aeb11df97a08c073292c1872309e14a42dfb985736ee0026
ec615187dc66dd5a99be32fbc8746096f43648a65e12bd64a519aede3ae817ef