urlscan.io logo urlscan.io
SecurityTrails logo

login.shelf-eu.com Open in urlscan Pro
18.239.83.105  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vlhmb4yq.r.eu-central-1.awstrack.me/L0/https:%2F%2Flogin.shelf-eu.com%2Fenroll-user%2FOTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYj...
Effective URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMw...
Submission: On May 08 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 18.239.83.105, located in United States and belongs to AMAZON-02, US. The main domain is login.shelf-eu.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 3rd 2023. Valid for: a year.
This is the only time login.shelf-eu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.73.21.68 16509 (AMAZON-02)
17 18.239.83.105 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.57.48.232 16509 (AMAZON-02)
2 52.222.214.92 16509 (AMAZON-02)
24 6
1    3.73.21.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-21-68.eu-central-1.compute.amazonaws.com
vlhmb4yq.r.eu-central-1.awstrack.me
17    18.239.83.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-105.ams58.r.cloudfront.net
login.shelf-eu.com
1    2a00:1450:400c:c02::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.57.48.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-48-232.eu-central-1.compute.amazonaws.com
api.shelf-eu.com
2    52.222.214.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-92.fra56.r.cloudfront.net
static.shelf.io
Apex Domain
Subdomains		 Transfer
19 shelf-eu.com
login.shelf-eu.com
api.shelf-eu.com
512 KB
2 shelf.io
static.shelf.io — Cisco Umbrella Rank: 230049
20 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 google.com
accounts.google.com — Cisco Umbrella Rank: 20
82 KB
1 awstrack.me
vlhmb4yq.r.eu-central-1.awstrack.me
259 B
24 6
Domain Requested by
17 login.shelf-eu.com login.shelf-eu.com
2 static.shelf.io login.shelf-eu.com
2 api.shelf-eu.com login.shelf-eu.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com login.shelf-eu.com
1 accounts.google.com login.shelf-eu.com
1 vlhmb4yq.r.eu-central-1.awstrack.me 1 redirects
24 7

This site contains links to these domains. Also see Links.

Domain
go.shelf.io
Subject Issuer Validity Valid
shelf-eu.com
Amazon RSA 2048 M03		 2023-11-03 -
2024-12-01		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
shelf.io
Amazon RSA 2048 M02		 2023-10-01 -
2024-10-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Frame ID: 3FDFDB399C9505200D4BD4807D725366
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shelf Login

Page URL History Show full URLs

  1. https://vlhmb4yq.r.eu-central-1.awstrack.me/L0/https:%2F%2Flogin.shelf-eu.com%2Fenroll-user%2FOTE2YTg3YTQ2ZTAzOGNmMzU4Nz... HTTP 302
    https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNl... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Page Statistics

24
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

663 kB
Transfer

1866 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vlhmb4yq.r.eu-central-1.awstrack.me/L0/https:%2F%2Flogin.shelf-eu.com%2Fenroll-user%2FOTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA%3Fsubdomain=deliveroo/1/0107018d5f9b86d5-9fbdc618-2429-480e-b846-d35a4a5d0fc3-000000/Vu4jEM_0Z8Fi6UPtN3dts7rAyJ0=140 HTTP 302
    https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA
login.shelf-eu.com/enroll-user/
Redirect Chain
  • https://vlhmb4yq.r.eu-central-1.awstrack.me/L0/https:%2F%2Flogin.shelf-eu.com%2Fenroll-user%2FOTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA%3Fsubdomain=deli...
  • https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3203fd38fd50cb691745d9a764cf7581132e86db3484de8f7ec339e8f9bf3266
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-type
text/html
date
Wed, 08 May 2024 12:38:59 GMT
etag
W/"41c9dc9557cb979f4513ce39d19946fb"
last-modified
Wed, 17 Apr 2024 09:29:06 GMT
server
AmazonS3
strict-transport-security
max-age=63113904; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 7d758b616f5473c7b4bee1c49ecfa98a.cloudfront.net (CloudFront)
x-amz-cf-id
wQX7wOpF2lD-fBvHvpCBg4bYBaQJhDyBp3HcsqxFzI8R2dlIbGPL8w==
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 08 May 2024 12:38:57 GMT
Location
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
client
accounts.google.com/gsi/ 		217 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6fc60630899ba55f78f36a49289d5ff494335176ef2d3c71b41c2ecd4b24caa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7VsxgZ1Di0lB36_w9-HKVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 12:38:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-7VsxgZ1Di0lB36_w9-HKVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 08 May 2024 12:38:58 GMT
8f6ed193c14971f5.css
login.shelf-eu.com/_next/static/css/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/css/8f6ed193c14971f5.css
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
294e60468fa3d05cb439b8435861dd4dd5cd343b788e9b474aa059b2f72c9211
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Origin
https://login.shelf-eu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 12:38:59 GMT
content-encoding
gzip
via
1.1 7d758b616f5473c7b4bee1c49ecfa98a.cloudfront.net (CloudFront)
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
x-content-type-options
nosniff
strict-transport-security
max-age=63113904; includeSubDomains; preload
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:06 GMT
server
AmazonS3
etag
W/"054999a7d36b1e9ff0eb4a96573e391c"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
x-amz-cf-id
TkHYERY8H-qj63QH6rOyif-wyIYOvJ7HuGPi8qL2b01NvkSuIx7lWg==
webpack-eb90b9d04d149bd1.js
login.shelf-eu.com/_next/static/chunks/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/webpack-eb90b9d04d149bd1.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83a7219d50451817f83690a87980799fbc2fcaf9c60814183fe7e2d378ff04b0
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Origin
https://login.shelf-eu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:06 GMT
server
AmazonS3
etag
W/"e3a9e947272ffb514c0ba8e142a9149f"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
I3KSBKS3yNr97yq8TiBsmV8hSPci4vrcjK7Nwk2PGaJQ1alBPd_2vw==
framework-5429a50ba5373c56.js
login.shelf-eu.com/_next/static/chunks/ 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/framework-5429a50ba5373c56.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a922d06946c153c130de6238a7d90e238f1341d19d42cee935017ad7495589e5
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Origin
https://login.shelf-eu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:06 GMT
server
AmazonS3
etag
W/"abba1ab5a91e57321e4e354dcf9e831a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
yuZBe8-ZZWTE3DEVYpXgtkgo-zeRg_UeMsmoOzjiHRfCe-tghVqU8A==
main-b3e5bad5ec63c840.js
login.shelf-eu.com/_next/static/chunks/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/main-b3e5bad5ec63c840.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcaae410c1a7a9f0e1d2eea98a02fc892037dd17c3f9fd7f85c69c2f7590da48
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Origin
https://login.shelf-eu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:06 GMT
server
AmazonS3
etag
W/"28a3f220e16fec60dae929291c02cdbf"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
-hP8Vh2khlTdLNNCpgwrstywyOT4z1ut4bVabHwM41S3GBCMnJ-BBQ==
_app-8f3e9fec8b53b025.js
login.shelf-eu.com/_next/static/chunks/pages/ 		457 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/pages/_app-8f3e9fec8b53b025.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78fa4c491fc881fbf4aae2d8cb14f9a60b0622b686008cc31d094aba61bf53ff
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Origin
https://login.shelf-eu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:06 GMT
server
AmazonS3
etag
W/"ca2443075ea81b064818a64f4d1c06bc"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
2x2kBeibiBMYUYgJbPG1QCLfYT0U0aNl3RMB-6FNGbOfBqBrrVEhog==
%5Btoken%5D-f35de5e9e9706c1b.js
login.shelf-eu.com/_next/static/chunks/pages/enroll-user/ 		558 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/pages/enroll-user/%5Btoken%5D-f35de5e9e9706c1b.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
175a0e40649247c15688f2a9bd5a6837d0926661131dafd8c7347e2b6cd89d54
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Origin
https://login.shelf-eu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
558
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:06 GMT
server
AmazonS3
etag
"939a996c3928e5e2cdc14eec0cfaccca"
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
UeQlh0cczLJT6FM-9tuacqGiBuO130fMmxqg-95sx9x_ac339ntHwA==
_buildManifest.js
login.shelf-eu.com/_next/static/-m9w9mO4quRBIJdAlQW6J/ 		769 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/-m9w9mO4quRBIJdAlQW6J/_buildManifest.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
451243b6c17664fd4e0b630a3891ef200da56fcca26eeb6b8934ada344f04cad
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Origin
https://login.shelf-eu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
769
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:05 GMT
server
AmazonS3
etag
"78c2b36eb1cfa0dbf2a770a8a2e51a45"
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
6CGyOziLSxVs9H4Z3y6e2E7TmYBB2vrP-ubM-n6gvpbB0rxufa_ckg==
_ssgManifest.js
login.shelf-eu.com/_next/static/-m9w9mO4quRBIJdAlQW6J/ 		77 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/-m9w9mO4quRBIJdAlQW6J/_ssgManifest.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Origin
https://login.shelf-eu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
77
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:05 GMT
server
AmazonS3
etag
"b6652df95db52feb4daf4eca35380933"
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
vszQLpY9K1c9FGMS3zpJWv1B6zJ2-pDrsKWDqhihHAgajgpPhe6OYA==
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/_next/static/css/8f6ed193c14971f5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4057a0dd932d74677ea79d1f3cbee9d007f4fd2a16ac42160186fb2243e0585c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 May 2024 12:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 May 2024 12:38:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 May 2024 12:38:58 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://login.shelf-eu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 00:50:53 GMT
x-content-type-options
nosniff
age
128885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 00:50:53 GMT
78.a98a7bdd67025e3a.js
login.shelf-eu.com/_next/static/chunks/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/78.a98a7bdd67025e3a.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/_next/static/chunks/webpack-eb90b9d04d149bd1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e39935b32ffaed92c5d18c4d8402534d40856f8d66d630ed330f2e2547c2198
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:05 GMT
server
AmazonS3
etag
W/"047d4f0cc22e668a64f38ff6165d468d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
J_K8PBXmYrztF8C-tZn7sKXuFZEmUbXKg_Bnw3QEgiX2Gepuk8FRUQ==
598.967958a865ee7d34.js
login.shelf-eu.com/_next/static/chunks/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/598.967958a865ee7d34.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/_next/static/chunks/webpack-eb90b9d04d149bd1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2224d77f44da94b0febdc66ea73609512f6d69cf8565747a0e760cb1e9cae472
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:05 GMT
server
AmazonS3
etag
W/"9e88457217fed8a18260221c6a96d6fe"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
cvjLaCpImVNgKrom-VA_Ld87KejTmsSCnqdyot1FJDVmjJgZTkyhqA==
778.847621b4ab60e596.js
login.shelf-eu.com/_next/static/chunks/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/778.847621b4ab60e596.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/_next/static/chunks/webpack-eb90b9d04d149bd1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3521710fe3195fbae57f55551a059f3e108ebcf416892e47eb8f69cadab038a3
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA?subdomain=deliveroo
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:05 GMT
server
AmazonS3
etag
W/"b07a537e40988e542a881868aecdd43d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
_PJZqxMX1NuqZn0nqH6geObJlJrrr0VFrpAuaQ2rUhZNYiFm--bqdg==
53e22601.fd7fbadc61abe93a.js
login.shelf-eu.com/_next/static/chunks/ 		285 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/53e22601.fd7fbadc61abe93a.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/_next/static/chunks/webpack-eb90b9d04d149bd1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b5c76d8522f02128ab37d7c36f4b9bfc3a27df7985e84e0493361f39fa5881c
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA/?subdomain=deliveroo
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:05 GMT
server
AmazonS3
etag
W/"48a2bab97834e5b54e3faebfaf4b8d09"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
QupdYfYwicar0MhBboilXNHjoB7aXDhb5WcB7YbWJn35oK2S-GTWHg==
c1ec9495.12d19f69af511cfa.js
login.shelf-eu.com/_next/static/chunks/ 		471 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/c1ec9495.12d19f69af511cfa.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/_next/static/chunks/webpack-eb90b9d04d149bd1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e330f2415bb6659283493e7e4fe23c654aacf5a11791cbbe032c37cb65610bf
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA/?subdomain=deliveroo
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:06 GMT
server
AmazonS3
etag
W/"d03e43645a748712a183a5d25e8bd0d6"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
Peav_IIxvAWS_-vaAfjEoNu8mZbxXpExa2ITCgEqVrQV7AKRQXX3VQ==
991.a63e9968de73e72a.js
login.shelf-eu.com/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/991.a63e9968de73e72a.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/_next/static/chunks/webpack-eb90b9d04d149bd1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07783a20cb579d8682e6574122879fdccec6e0ffe71173857d7fd89c96fb4a4b
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA/?subdomain=deliveroo
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:06 GMT
server
AmazonS3
etag
W/"f946d190fc1ce797f7e740aa64f83704"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
33frSYPp6wNXo1tAGG5fngbA-CIq1aOavTT_9AITRLW8F0fENn_quQ==
949.d84b7e2bc102e7c9.js
login.shelf-eu.com/_next/static/chunks/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/949.d84b7e2bc102e7c9.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/_next/static/chunks/webpack-eb90b9d04d149bd1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a91c034d170f9db64d1c5e13b37579b7627cb23b6f19324a326cc103b6e4784
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA/?subdomain=deliveroo
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:06 GMT
server
AmazonS3
etag
W/"846945808d1aab87401fd405c4f6386d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
6HCeaEvvTxBYsT_3LbTVPbiXK2m79M7tY_mKfLA_jPDip96PDj8QTA==
934.3eceb7e713bca024.js
login.shelf-eu.com/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.shelf-eu.com/_next/static/chunks/934.3eceb7e713bca024.js
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/_next/static/chunks/webpack-eb90b9d04d149bd1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-105.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1331136f827609babd4e4926257041d466801801219682bbfce9504391523be
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA/?subdomain=deliveroo
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63113904; includeSubDomains; preload
date
Wed, 08 May 2024 12:38:59 GMT
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
content-encoding
gzip
x-amz-cf-pop
AMS58-P5
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Wed, 17 Apr 2024 09:29:05 GMT
server
AmazonS3
etag
W/"05aaa3ee3c0eba8fc1618442285a6a09"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
oztvpnrgNDy8xhBujjoAixUhiFFUPSUdHZm7vZiFcOl5qogdAuI0mA==
/
api.shelf-eu.com/users/v1/enroll/validate/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.shelf-eu.com/users/v1/enroll/validate/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.48.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-48-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://login.shelf-eu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,X-Amzn-Trace-Id
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 08 May 2024 12:38:58 GMT
x-amz-apigw-id
Xc7PfH8gliAFfig=
x-amzn-requestid
6be26481-f9ca-4a06-b292-b9c4d07359a7
x-amzn-trace-id
Root=1-663b7262-524b9170426642107de472ae
/
api.shelf-eu.com/users/v1/enroll/validate/ 		134 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.shelf-eu.com/users/v1/enroll/validate/
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/_next/static/chunks/pages/_app-8f3e9fec8b53b025.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.48.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-48-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
41c3300331045ffa5742aecc13f0cbe9af3b62425feed80669f552e2fd4eb0d0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://login.shelf-eu.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 12:39:00 GMT
content-encoding
gzip
x-amzn-trace-id
Root=1-663b7262-65d43f5e0db636152ed57c62
x-amzn-requestid
5e0fd479-b43f-4a7a-88bb-36a755e2957a
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Xc7PfGm-FiAFWng=
content-length
127
logo-black.svg
static.shelf.io/images/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.shelf.io/images/logo/logo-black.svg
Requested by
Host: login.shelf-eu.com
URL: https://login.shelf-eu.com/enroll-user/OTE2YTg3YTQ2ZTAzOGNmMzU4NzU3NDNmMmRlYmJiMTZkYjViZWRjNGFhZjVlMTNlZmU2MDRkZTIzNTk2MTMwOA/?subdomain=deliveroo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dff6112f084905208f77a428d66a1445bed8200984dd20eccc60e90ed1127e14
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self'; img-src data: https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; font-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; frame-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; worker-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 15:54:37 GMT
content-encoding
gzip
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
content-security-policy
default-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self'; img-src data: https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; font-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; frame-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; worker-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email blob:
x-content-type-options
nosniff
strict-transport-security
max-age=63113904; includeSubDomains; preload
x-amz-cf-pop
FRA56-P3
age
74662
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
last-modified
Tue, 07 May 2024 15:53:41 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1715097197/ctime:1715097197/gid:0/gname:root/md5:dcc802f5f3e5ba16bf8fdf0c142a89f6/mode:33188/mtime:1715097073/uid:0/uname:root
etag
W/"dcc802f5f3e5ba16bf8fdf0c142a89f6"
vary
Accept-Encoding
content-type
image/svg+xml
x-amz-cf-id
NqcfYUWgSYfiHrIrkhyA3r_8WG2eLxchid1seJTFpM37xAtnMDtOzA==
favicon.ico
static.shelf.io/images/favicon/ 		15 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.shelf.io/images/favicon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de1941579ee4ca414d978ff9de783539a4f02ca15ac4116f4486fe1f8badbe5a
Security Headers
Name Value
Content-Security-Policy default-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self'; img-src data: https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; font-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; frame-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; worker-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.shelf-eu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 15:54:19 GMT
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self'; img-src data: https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; font-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; frame-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email * 'self' http://* https://*; worker-src https://*.shelf.io https://*.shelf-ssp.com https://*.shelf.email blob:
strict-transport-security
max-age=63113904; includeSubDomains; preload
x-amz-cf-pop
FRA56-P3
age
74680
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15086
x-xss-protection
1
last-modified
Tue, 07 May 2024 15:53:40 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1715097197/ctime:1715097197/gid:0/gname:root/md5:62c8cb03406770fc1220e92179f4a805/mode:33188/mtime:1715097073/uid:0/uname:root
etag
"62c8cb03406770fc1220e92179f4a805"
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
x-amz-cf-id
yipou5iv0WPazWtF2XnyT0X1TnK6Kjdp49OrOZdGIX8P0ipwlM2Xag==

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| DD_LOGS function| __NEXT_PRELOADREADY function| _ object| DD_RUM object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| default_gsi object| _F_toggles object| google object| closure_lm_974507 object| toastr function| sweetAlert

1 Cookies

Domain/Path Name / Value
login.shelf-eu.com/ Name: _dd_s
Value: logs=1&id=741aa959-e9c9-4fe9-8e58-d9a0025e1664&created=1715171938463&expire=1715172838467&rum=0

1 Console Messages

Source Level URL
Text
network error URL: https://api.shelf-eu.com/users/v1/enroll/validate/
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://* https://*.s3.amazonaws.com; script-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com *.kustomerapp.com https://unpkg.com https://static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.amazonaws.com https://*.polyfill.io https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.getbeamer.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.jsdelivr.net https://*.s3.amazonaws.com https://*.youtube.com https://*.vimeo.com; connect-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com * 'self'; img-src data: https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' blob: chrome-extension://* https://*.s3.amazonaws.com http://* https://*; style-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' 'unsafe-inline' https://*.s3.amazonaws.com http://* https://*; object-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' https://*.amazonaws.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.intercom.io https://*.intercomcdn.com https://*.stripe.com https://*.pendo.io https://*.getbeamer.com https://*.s3.amazonaws.com; media-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; font-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; frame-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com 'self' http://* https://*; worker-src https://*.shelf-eu.com https://*.shelf-ssp-eu.com blob:
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.shelf-eu.com
fonts.googleapis.com
fonts.gstatic.com
login.shelf-eu.com
static.shelf.io
vlhmb4yq.r.eu-central-1.awstrack.me
18.239.83.105
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c02::54
3.73.21.68
52.222.214.92
52.57.48.232
07783a20cb579d8682e6574122879fdccec6e0ffe71173857d7fd89c96fb4a4b
175a0e40649247c15688f2a9bd5a6837d0926661131dafd8c7347e2b6cd89d54
1b5c76d8522f02128ab37d7c36f4b9bfc3a27df7985e84e0493361f39fa5881c
2224d77f44da94b0febdc66ea73609512f6d69cf8565747a0e760cb1e9cae472
294e60468fa3d05cb439b8435861dd4dd5cd343b788e9b474aa059b2f72c9211
2a91c034d170f9db64d1c5e13b37579b7627cb23b6f19324a326cc103b6e4784
2e330f2415bb6659283493e7e4fe23c654aacf5a11791cbbe032c37cb65610bf
3203fd38fd50cb691745d9a764cf7581132e86db3484de8f7ec339e8f9bf3266
3521710fe3195fbae57f55551a059f3e108ebcf416892e47eb8f69cadab038a3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4057a0dd932d74677ea79d1f3cbee9d007f4fd2a16ac42160186fb2243e0585c
41c3300331045ffa5742aecc13f0cbe9af3b62425feed80669f552e2fd4eb0d0
451243b6c17664fd4e0b630a3891ef200da56fcca26eeb6b8934ada344f04cad
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
78fa4c491fc881fbf4aae2d8cb14f9a60b0622b686008cc31d094aba61bf53ff
7e39935b32ffaed92c5d18c4d8402534d40856f8d66d630ed330f2e2547c2198
83a7219d50451817f83690a87980799fbc2fcaf9c60814183fe7e2d378ff04b0
a922d06946c153c130de6238a7d90e238f1341d19d42cee935017ad7495589e5
bcaae410c1a7a9f0e1d2eea98a02fc892037dd17c3f9fd7f85c69c2f7590da48
d1331136f827609babd4e4926257041d466801801219682bbfce9504391523be
d6fc60630899ba55f78f36a49289d5ff494335176ef2d3c71b41c2ecd4b24caa
de1941579ee4ca414d978ff9de783539a4f02ca15ac4116f4486fe1f8badbe5a
dff6112f084905208f77a428d66a1445bed8200984dd20eccc60e90ed1127e14