urlscan.io logo urlscan.io
SecurityTrails logo

roocompass.deliveroo.net Open in urlscan Pro
2606:4700:4400::ac40:9851  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://roocompass.deliveroo.net/
Effective URL: https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A...
Submission: On August 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 2606:4700:4400::ac40:9851, located in United States and belongs to CLOUDFLARENET, US. The main domain is roocompass.deliveroo.net.
TLS certificate: Issued by WE1 on August 15th 2024. Valid for: 3 months.
This is the only time roocompass.deliveroo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 17 2606:4700:440... 13335 (CLOUDFLAR...)
15 1
Apex Domain
Subdomains		 Transfer
17 deliveroo.net
roocompass.deliveroo.net
5 MB
15 1
Domain Requested by
17 roocompass.deliveroo.net 2 redirects roocompass.deliveroo.net
client
15 1

This site contains no links.

Subject Issuer Validity Valid
deliveroo.net
WE1		 2024-08-15 -
2024-11-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
Frame ID: C9209CEBC7E71C14CD228AD8BBC344B9
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

login

Page URL History Show full URLs

  1. https://roocompass.deliveroo.net/ HTTP 302
    https://roocompass.deliveroo.net/authorize?response_type=code&client_id=ambassador-gateway-service&state=3QhU... HTTP 302
    https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&r... Page URL

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

4767 kB
Transfer

5986 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://roocompass.deliveroo.net/ HTTP 302
    https://roocompass.deliveroo.net/authorize?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F HTTP 302
    https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
roocompass.deliveroo.net/
Redirect Chain
  • https://roocompass.deliveroo.net/
  • https://roocompass.deliveroo.net/authorize?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
  • https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03ac3f491d70fc2363f5ad257b3b4374cd54a0186fc0b414e526e40479d32f19
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b47cacb4d092bd2-FRA
content-encoding
gzip
content-language
de-DE
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
content-type
text/html;charset=UTF-8
date
Sat, 17 Aug 2024 07:01:19 GMT
expires
0
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
x-frame-options
SAMEORIGIN
x-tracing-id
9c0d2365b295d5fa
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b47cacabc8c2bd2-FRA
content-length
0
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
date
Sat, 17 Aug 2024 07:01:19 GMT
expires
0
location
https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.css
roocompass.deliveroo.net/login/static/css/ 		210 B
255 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/login/static/css/style.css
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17ea928b85720edd2a30509f4fc2f8d7fcab4c51fe40676f60d36a30964b26c2
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
cf-cache-status
REVALIDATED
content-encoding
gzip
x-tracing-id
f091182ee178ff86
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=86400, must-revalidate, public, s-maxage=86400
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cacbdd832bd2-FRA
app.js
roocompass.deliveroo.net/login/static/js-selection/ 		2 MB
667 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/login/static/js-selection/app.js
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef41138c1f29d5b0e45f38647d21755a0afced9c9479c7ece821fe1968a43ea5
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
cf-cache-status
REVALIDATED
content-encoding
gzip
x-tracing-id
c09ad84ce8d8628e
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=86400, must-revalidate, public, s-maxage=86400
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cacbdd852bd2-FRA
fonts.css
roocompass.deliveroo.net/fonts/ 		98 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/fonts/fonts.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb331f28d443f5d6880a0733bc06a4ab8edcb2e0d549b3a24d34738b87ef0dd
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
EXPIRED
content-encoding
gzip
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Aug 2024 10:15:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cacd8f482bd2-FRA
background-image
roocompass.deliveroo.net/login/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roocompass.deliveroo.net/login/background-image
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8c1096ed10de40b0259c48b9bf68cf39b0a49d8bf1cee0dc245ee18ee1c06eb
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
cf-cache-status
DYNAMIC
x-tracing-id
136e279e5606aa87
x-envoy-upstream-service-time
2
content-length
3902470
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=86400, must-revalidate, public, s-maxage=86400
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cace0fae2bd2-FRA
tenant-logo-image
roocompass.deliveroo.net/login/ 		194 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roocompass.deliveroo.net/login/tenant-logo-image
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3044c780524a5360b51bf46c668d92ea7a84bde6860fe4dd8cb559224adbb03c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
cf-cache-status
DYNAMIC
x-tracing-id
d253e08ccdcd27fb
x-envoy-upstream-service-time
2
content-length
198836
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=86400, must-revalidate, public, s-maxage=86400
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cace0fb32bd2-FRA
mls-logo-image
roocompass.deliveroo.net/login/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roocompass.deliveroo.net/login/mls-logo-image
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6148e67ef7569b49005e2e96b51b964c58fadf6b5500c88bde3856f72d4f131
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
cf-cache-status
DYNAMIC
x-tracing-id
f4443f0707fc67ed
x-envoy-upstream-service-time
2
content-length
24471
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=86400, must-revalidate, public, s-maxage=86400
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cace0fb62bd2-FRA
localization
roocompass.deliveroo.net/login/ 		143 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/login/localization
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/login/static/js-selection/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1241aa4b72b5463785df8ddf19a4c1b2075a853694733853499a380f2da0d80
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
content-encoding
gzip
cf-cache-status
DYNAMIC
x-tracing-id
c9dbb292a3b3acb5
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cace0fb82bd2-FRA
expires
0
fira-sans.css
roocompass.deliveroo.net/fonts/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/fonts/fira-sans.css
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5269570179047f47b7523ce4999b1628a48d5d81fc6863d4c791c39c2b2d8b7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/fonts/fonts.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
EXPIRED
content-encoding
gzip
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Aug 2024 10:15:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cace3fd12bd2-FRA
fira-sans-condensed.css
roocompass.deliveroo.net/fonts/ 		2 KB
364 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/fonts/fira-sans-condensed.css
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
343a2c0d5ab391b5c6f3190c1ed8aab74768a0199ae404e3e63a29a26c7bf80f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/fonts/fonts.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
EXPIRED
content-encoding
gzip
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Aug 2024 10:15:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cace3fd42bd2-FRA
matter.css
roocompass.deliveroo.net/fonts/ 		794 B
352 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/fonts/matter.css
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4defbdc6c31be7ea2937f32048844c39c85100efe5f05d4aee67d947e610b4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/fonts/fonts.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
EXPIRED
content-encoding
gzip
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Aug 2024 10:15:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cace3fd52bd2-FRA
noto.css
roocompass.deliveroo.net/fonts/ 		344 B
288 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/fonts/noto.css
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23e2d8ae56403490fb54c7752a48b4e0132de8dd6850436998bf4ec40ed0999b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/fonts/fonts.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-encoding
gzip
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Aug 2024 10:15:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cace3fd72bd2-FRA
va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
roocompass.deliveroo.net/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/fonts/va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/fonts/fira-sans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/fonts/fira-sans.css
Origin
https://roocompass.deliveroo.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:19 GMT
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
x-envoy-upstream-service-time
2
content-length
15212
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Aug 2024 10:15:50 GMT
server
cloudflare
etag
"66bdd556-3b6c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
8b47cacee8782bd2-FRA
va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
roocompass.deliveroo.net/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/fonts/va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
Requested by
Host: roocompass.deliveroo.net
URL: https://roocompass.deliveroo.net/fonts/fira-sans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/fonts/fira-sans.css
Origin
https://roocompass.deliveroo.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:20 GMT
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
REVALIDATED
x-envoy-upstream-service-time
2
content-length
15448
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Aug 2024 10:15:53 GMT
server
cloudflare
etag
"66bdd559-3c58"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
8b47cacf58ec2bd2-FRA
fav-icon
roocompass.deliveroo.net/login/ 		32 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://roocompass.deliveroo.net/login/fav-icon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2296323a9a5e60a367957c66b803dcf2e0ccb7514ade7e3b4bd991c18ede4927
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 07:01:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
cf-cache-status
DYNAMIC
x-tracing-id
0d5490d1807d2d63
x-envoy-upstream-service-time
2
content-length
32432
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=86400, must-revalidate, public, s-maxage=86400
permissions-policy
geolocation=(self),accelerometer=(),camera=(),display-capture=(),encrypted-media=(),gamepad=(),gyroscope=(),hid=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=()
cf-ray
8b47cad39cfb2bd2-FRA

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Base64 number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_STYLES__

3 Cookies

Domain/Path Name / Value
.deliveroo.net/ Name: __cf_bm
Value: bV6SkmWxGUsIW8bNhLgbRq3daFM0utUcK02511N2U8Y-1723878079-1.0.1.1-L0CdJVvGToCtAyNwoS8x.o15UG_sUEzMw3ad5a4VJ6dTVeAjxMr0lu4V1RA0zIpbeLWFAZMW7AiJSd_0EojfkG8pJVqm4ma4xfBSU7Mx.94
roocompass.deliveroo.net/ Name: mls-login
Value: 825b704d-86d3-4837-85ca-ab957a4cc8f3
roocompass.deliveroo.net/ Name: XSRF-TOKEN
Value: 178dd0c7-6e14-48ca-bf47-318bcc2b3dd9

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://roocompass.deliveroo.net/login?response_type=code&client_id=ambassador-gateway-service&state=3QhUja&redirect_uri=https%3A%2F%2Froocompass.deliveroo.net%2F
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'nonce-f15ds+PG9KuToz0eT0191w==' https://*.instana.io https://amp.azure.net https://*.vimeocdn.com https://*.vimeo.com https://*.zdassets.com https://*.zendesk.com https://*.livinglens.tv https://apis.google.com https://accounts.google.com https://*.bigsofa.co.uk https://maps.googleapis.com https://storage.googleapis.com; object-src 'none'; form-action 'self'; frame-ancestors 'self'; img-src 'self' * https: http: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block