redeem.uber.com Open in urlscan Pro
69.48.216.12  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request / Show response redeem.uber.com/	85 KB 22 KB	205ms 136ms	Document text/html	69.48.216.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.48.216.12 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software ufe / Resource Hash 1506fc5e0ca944a0c6ffef1e0e90c37cdb254275a01e4672b9678bb383598a6f Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-src 'self' https://payments.uber.com https://payments-staging.uber.com https://auth.uber.com/ bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self' blob: 'self' blob: https://*.mapbox.com; child-src 'self' blob: 'self' blob: https://*.mapbox.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com *.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-a8702764-f13e-4691-ac79-e1d592d499af' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://api.tiles.mapbox.com https://fonts.googleapis.com https://api.tiles.mapbox.com; img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; report-uri https://csp.uber.com/csp?a=web-employee&ro=false Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control max-age=0 content-encoding gzip content-security-policy block-all-mixed-content; frame-src 'self' https://payments.uber.com https://payments-staging.uber.com https://auth.uber.com/ bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self' blob: 'self' blob: https://*.mapbox.com; child-src 'self' blob: 'self' blob: https://*.mapbox.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com *.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-a8702764-f13e-4691-ac79-e1d592d499af' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://api.tiles.mapbox.com https://fonts.googleapis.com https://api.tiles.mapbox.com; img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; report-uri https://csp.uber.com/csp?a=web-employee&ro=false content-type text/html; charset=utf-8 date Fri, 23 Aug 2024 06:22:46 GMT server ufe strict-transport-security max-age=31536000 vary Accept-Encoding via 1.1 google x-content-type-options nosniff x-envoy-upstream-service-time 102 x-frame-options SAMEORIGIN x-uber-edge e4-dca24:w:1262899557,ufe:production-cloud-gateway:compute-0:dca11,ufe:production-cloud-ecg-l7:default:bru1 x-xss-protection 1; mode=block
GET H2	200	client-main-a3ae7abfc67b151d.js Show response d3i4yxtzktqr9n.cloudfront.net/web-employee/	500 KB 110 KB	179ms 112ms	Script application/javascript	13.33.216.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-main-a3ae7abfc67b151d.js Requested by Host: redeem.uber.com URL: https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.216.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-216-146.fra60.r.cloudfront.net Software ufe / Resource Hash de74da3a164457e3d5fcd3cd3539d25acb7fc508a25783cd52515088743ae633 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ Origin https://redeem.uber.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 11:44:02 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 via 1.1 google, 1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 67124 x-cache Hit from cloudfront x-envoy-upstream-service-time 96 content-length 111782 x-xss-protection 1; mode=block last-modified Wed, 14 Aug 2024 09:13:50 GMT server ufe x-frame-options SAMEORIGIN access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 vary Accept-Encoding timing-allow-origin * x-amz-cf-id FEP8gNzEuCFQilvIfgHks-axHlOfWnsme8EWFlKKN7KwPv5LcJPVEQ== x-uber-edge e4-dca23:w:1059108056,ufe:production-cloud-gateway:compute-0:dca24,ufe:production-cloud-ecg-l7:default:bru3
GET H2	200	client-vendor-c4f1107549542735.js Show response d3i4yxtzktqr9n.cloudfront.net/web-employee/	2 MB 401 KB	119ms 51ms	Script application/javascript	13.33.216.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-vendor-c4f1107549542735.js Requested by Host: redeem.uber.com URL: https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.216.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-216-146.fra60.r.cloudfront.net Software ufe / Resource Hash 4bb0a1bc487277435ae0d974346fcc7d822c5542cbc8f709358c2e59e0b717b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ Origin https://redeem.uber.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 11:44:02 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 via 1.1 google, 1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 67124 x-cache Hit from cloudfront x-envoy-upstream-service-time 87 content-length 409490 x-xss-protection 1; mode=block last-modified Wed, 14 Aug 2024 09:13:50 GMT server ufe x-frame-options SAMEORIGIN access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 vary Accept-Encoding timing-allow-origin * x-amz-cf-id 1Fi07cCtjZTfkp5D2ZOpC1zF7YljdWfkeaUdtSBerq4qmhFsglDpew== x-uber-edge e4-dca24:w:1261740767,ufe:production-cloud-gateway:compute-0:dca18,ufe:production-cloud-ecg-l7:default:bru1
GET H2	200	client-runtime-085e33e5cd0c91f0.js Show response d3i4yxtzktqr9n.cloudfront.net/web-employee/	3 KB 2 KB	175ms 108ms	Script application/javascript	13.33.216.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-runtime-085e33e5cd0c91f0.js Requested by Host: redeem.uber.com URL: https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.216.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-216-146.fra60.r.cloudfront.net Software ufe / Resource Hash 899d72fc158e2dccc6652cf8a5726198bc17b077e1a04950ef0561bf75f3f75a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ Origin https://redeem.uber.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 18 Aug 2024 07:34:57 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 via 1.1 google, 1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 427669 x-cache Hit from cloudfront x-envoy-upstream-service-time 15 content-length 1565 x-xss-protection 1; mode=block last-modified Wed, 14 Aug 2024 09:13:50 GMT server ufe x-frame-options SAMEORIGIN access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 vary Accept-Encoding timing-allow-origin * x-amz-cf-id uYDs_kK2tzaux17uVOoBcWUUtIzY0BAn9W4PcARU4OV4B_eMSSTsBA== x-uber-edge e4-dca20:w:1457171573,ufe:production-cloud-gateway:canary:dca20,ufe:production-cloud-ecg-l7:canary:iad3
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/uber/u4b/prod/	70 KB 16 KB	127ms 49ms	Script application/javascript	2600:9000:235a:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js Requested by Host: redeem.uber.com URL: https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 25cf6d0395a4a0c80f5b56247208abd3d062f10dac1e8d626c1a74804836efd1 Request headers Referer https://redeem.uber.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-amz-version-id rOmeAuwaaxYWpqNW8Zyr01RTYg4LUoNs content-encoding br via 1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront) date Fri, 23 Aug 2024 06:22:46 GMT last-modified Mon, 19 Aug 2024 20:37:32 GMT server AmazonS3 x-amz-cf-pop FRA60-P9 age 21 x-amz-server-side-encryption AES256 etag W/"61b5baab1ffa49313fb93f62ed8a62d4" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id BDyp-sA47G4D4cY18O4VzORvMawA0v8i6PDSghnLq8rMlzueJlHF1g==
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/uber/main/prod/	364 KB 50 KB	103ms 26ms	Script application/javascript	2600:9000:235a:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/uber/main/prod/utag.js Requested by Host: redeem.uber.com URL: https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fd5a9f9f8e12c2a453124eab1fbf36a322392546caa52305b7f732d82eab0250 Request headers Referer https://redeem.uber.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-amz-version-id puB_7BoY42hprN7N4YRtSHuI7i1Z5xgd content-encoding br via 1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront) date Fri, 23 Aug 2024 06:21:41 GMT last-modified Thu, 22 Aug 2024 15:52:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P9 age 66 x-amz-server-side-encryption AES256 etag W/"431763137d9dd797225dae8b59751b61" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id LdlbgdEtMPyKh3POQ6vvFnme0wr4mkAXNNL6YQld1K2EPp6rkO2EpQ==
GET H2	200	276edd4275dda838.woff2 d3i4yxtzktqr9n.cloudfront.net/web-employee/	28 KB 29 KB	112ms 45ms	Font font/woff2	13.33.216.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3i4yxtzktqr9n.cloudfront.net/web-employee/276edd4275dda838.woff2 Requested by Host: redeem.uber.com URL: https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.216.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-216-146.fra60.r.cloudfront.net Software ufe / Resource Hash 2765e5c2c468806af5fe1528e57116042b49a24790d8a0111615b1bcedfe13e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ Origin https://redeem.uber.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 06:00:53 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 google, 1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 346913 x-cache Hit from cloudfront x-envoy-upstream-service-time 89 content-length 28696 x-xss-protection 1; mode=block last-modified Wed, 14 Aug 2024 09:13:50 GMT server ufe x-frame-options SAMEORIGIN access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 vary Accept-Encoding timing-allow-origin * x-amz-cf-id V-Sk48dGOrnLDtjPucOy-paJXwJ02nCB76o0w0gbSciCitjmXzOgjA== x-uber-edge e4-dca18:w:995630425,ufe:production-cloud-gateway:compute-0:dca23,ufe:production-cloud-ecg-l7:default:bru1
GET H2	200	d769983c82bacb3c.woff2 d3i4yxtzktqr9n.cloudfront.net/web-employee/	30 KB 31 KB	92ms 25ms	Font font/woff2	13.33.216.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3i4yxtzktqr9n.cloudfront.net/web-employee/d769983c82bacb3c.woff2 Requested by Host: redeem.uber.com URL: https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.216.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-216-146.fra60.r.cloudfront.net Software ufe / Resource Hash f566b2d8ef6c8ac1025d1825d83c7e5f0605f87a662394a8a67edc72cca5dac6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ Origin https://redeem.uber.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 18 Aug 2024 07:34:59 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 google, 1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 427667 x-cache Hit from cloudfront x-envoy-upstream-service-time 90 content-length 30804 x-xss-protection 1; mode=block last-modified Wed, 14 Aug 2024 09:13:50 GMT server ufe x-frame-options SAMEORIGIN access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 vary Accept-Encoding timing-allow-origin * x-amz-cf-id _7jeK7ehf-3yajGMTqbX4Dh6OOV-2nqxv-v2npbK9W6skuYS5fPMDQ== x-uber-edge e4-dca18:w:995630425,ufe:production-cloud-gateway:compute-0:dca23,ufe:production-cloud-ecg-l7:default:bru1
GET H2	200	eee1724e2e5a8ebd.woff2 d3i4yxtzktqr9n.cloudfront.net/web-employee/	29 KB 30 KB	175ms 108ms	Font font/woff2	13.33.216.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3i4yxtzktqr9n.cloudfront.net/web-employee/eee1724e2e5a8ebd.woff2 Requested by Host: redeem.uber.com URL: https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.216.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-216-146.fra60.r.cloudfront.net Software ufe / Resource Hash 9b0d296027090ac7deaadbc7d9d7ff6fdd9ebcd95fc9afa0be5fdab1111346cb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ Origin https://redeem.uber.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 18 Aug 2024 04:16:23 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 google, 1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 439583 x-cache Hit from cloudfront x-envoy-upstream-service-time 89 content-length 29808 x-xss-protection 1; mode=block last-modified Wed, 14 Aug 2024 09:13:50 GMT server ufe x-frame-options SAMEORIGIN access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 vary Accept-Encoding timing-allow-origin * x-amz-cf-id kCaNvdTdyJ5ThaShmKPURfzX--cld0QV8Wx0ceoYD88UVcZQwup-Iw== x-uber-edge e4-dca24:w:1263128837,ufe:production-cloud-gateway:compute-0:dca11,ufe:production-cloud-ecg-l7:default:bru1
GET H2	200	2192960133.js Show response cdn.optimizely.com/js/	295 KB 91 KB	85ms 33ms	Script text/javascript	2606:4700::6812:4139 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.optimizely.com/js/2192960133.js Requested by Host: redeem.uber.com URL: https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14aa919d988307dcd681c2b6dd3c544ea50ff079bf5b68a8e98f9ef2013e5a77 Request headers Referer https://redeem.uber.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-amz-meta-pci_enabled False date Fri, 23 Aug 2024 06:22:46 GMT content-encoding gzip x-amz-version-id Lydqmtt2fXzfzONTsfbJY99wPUCl4LX5 cf-cache-status HIT x-amz-request-id 9C1PR5PER2WQ1SXY age 462 x-amz-server-side-encryption AES256 x-amz-meta-revision 6812 x-amz-replication-status COMPLETED content-length 92238 x-amz-id-2 ZLqo2KnrC/xmPIPkdcHqmIlZk2nmkqILtwG42bCHvAO0r7VNaYzO/uE7Qr5wCoYaDHFrQoNFeob/NNJ5MCJ6mQ== last-modified Sat, 22 Apr 2023 15:09:49 GMT server cloudflare etag "13086a6506e573e41e60e32bfe57ea74" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers x-amz-meta-revision cache-control max-age=120 access-control-allow-credentials false access-control-max-age 86400 accept-ranges bytes timing-allow-origin * access-control-allow-headers * cf-ray 8b790296191d2c4a-FRA
GET H2	200	f3dc5042b86e13ac.svg d3i4yxtzktqr9n.cloudfront.net/web-employee/	3 KB 2 KB	65ms 22ms	Image image/svg+xml	13.33.216.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3i4yxtzktqr9n.cloudfront.net/web-employee/f3dc5042b86e13ac.svg Requested by Host: redeem.uber.com URL: https://redeem.uber.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.216.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-216-146.fra60.r.cloudfront.net Software ufe / Resource Hash 0e6b658ab2f7d97b426c85fcf33f02f38a7b61c2e5633e3f3219f41bb8e89eea Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 11:03:52 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 via 1.1 google, 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 328734 x-cache Hit from cloudfront x-envoy-upstream-service-time 89 content-length 1200 x-xss-protection 1; mode=block last-modified Wed, 14 Aug 2024 09:13:50 GMT server ufe x-frame-options SAMEORIGIN access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 vary Accept-Encoding timing-allow-origin * x-amz-cf-id TTSvAmRCULawbb7YBO38YYWzPnFRHQXcROPHgeU97bWcY5mEIKhd0g== x-uber-edge e4-dca18:w:990561479,ufe:production-cloud-gateway:compute-0:dca11,ufe:production-cloud-ecg-l7:default:bru2
GET H2	200	a745050198.html a745050198.cdn.optimizely.com/client_storage/ Frame F476	0 0	99ms 43ms	Document text/html	2606:4700::6812:4139 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a745050198.cdn.optimizely.com/client_storage/a745050198.html Requested by Host: cdn.optimizely.com URL: https://cdn.optimizely.com/js/2192960133.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://redeem.uber.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 340 cache-control max-age=120 cf-cache-status HIT cf-ray 8b79029789d79962-FRA content-encoding gzip content-length 767 content-type text/html; charset=utf-8 date Fri, 23 Aug 2024 06:22:46 GMT etag "85523b184f29f8d4379a766d20dd5bb7" last-modified Sat, 22 Apr 2023 15:11:17 GMT server cloudflare vary Accept-Encoding x-amz-id-2 dLZhrFbgTvS9OKm65VkFPONPV3LtYLSkOKRhnd2GsaxrPcBo5uButrk5efq+iAANCXe4tvuPs2M= x-amz-meta-pci_enabled False x-amz-replication-status COMPLETED x-amz-request-id V7X368PTTHZ1BDXV x-amz-server-side-encryption AES256 x-amz-version-id nw2cUrKX3ffiSLh.TohVOSAF_r_s.4TV
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	client-106-bf33631fc7b57aad.js Show response d3i4yxtzktqr9n.cloudfront.net/web-employee/	91 KB 24 KB	22ms 22ms	Script application/javascript	13.33.216.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-106-bf33631fc7b57aad.js Requested by Host: d3i4yxtzktqr9n.cloudfront.net URL: https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-runtime-085e33e5cd0c91f0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.216.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-216-146.fra60.r.cloudfront.net Software ufe / Resource Hash 7c4eba2abe39cfcb0015540aebba52676d1a34310e599c56155cdd1a98c7d5e2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ Origin https://redeem.uber.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 18 Aug 2024 07:35:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 via 1.1 google, 1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 427666 x-cache Hit from cloudfront x-envoy-upstream-service-time 89 content-length 23678 x-xss-protection 1; mode=block last-modified Wed, 14 Aug 2024 09:13:50 GMT server ufe x-frame-options SAMEORIGIN access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 vary Accept-Encoding timing-allow-origin * x-amz-cf-id A4mgXk0F0pXfk_2yloOH887RuCJXHeUmDJJYQHmpAUI5qZ1UP3Qk_A== x-uber-edge e4-dca22:w:1331244572,ufe:production-cloud-gateway:compute-0:dca24,ufe:production-cloud-ecg-l7:default:bru2
POST H2	200	_events Show response redeem.uber.com/	2 B 162 B	118ms 117ms	XHR text/plain	69.48.216.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://redeem.uber.com/_events Requested by Host: d3i4yxtzktqr9n.cloudfront.net URL: https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-vendor-c4f1107549542735.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.48.216.12 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software ufe / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ x-csrf-token x User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type application/json Response headers date Fri, 23 Aug 2024 06:22:47 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 google server ufe x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 cache-control max-age=0 x-envoy-upstream-service-time 85 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 x-xss-protection 1; mode=block x-uber-edge e4-dca24:w:1270156858,ufe:production-cloud-gateway:compute-0:dca22,ufe:production-cloud-ecg-l7:default:bru2
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/	2 B 432 B	23ms 22ms	Script application/javascript	2600:9000:235a:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=uber/u4b/202408192036&cb=1724394167121 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers Referer https://redeem.uber.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-amz-version-id 2XUX04X5QEw0.xFya64khU._sHTRl_Pz date Fri, 23 Aug 2024 06:16:27 GMT via 1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P9 age 381 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2 last-modified Sat, 11 Mar 2023 06:57:46 GMT server AmazonS3 etag "7bc0ee636b3b83484fc3b9348863bd22" vary Accept-Encoding content-type application/javascript cache-control max-age=300 accept-ranges bytes x-amz-cf-id ZIm-WUTHTLsS7jMqoF7yiCxlY2yqMZDb865DF3AEtRco_pHce1Z6ng==
GET H2	200	99c4bc580c8b57b7.ico d3i4yxtzktqr9n.cloudfront.net/web-employee/	1 KB 2 KB	23ms 23ms	Other image/vnd.microsoft.icon	13.33.216.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3i4yxtzktqr9n.cloudfront.net/web-employee/99c4bc580c8b57b7.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.216.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-216-146.fra60.r.cloudfront.net Software ufe / Resource Hash da7b9c9be67c8be3833c9e77f2b7a666c6d4716a7687356f6276bcc49c4fe162 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 18 Aug 2024 05:38:39 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 google, 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 434648 x-cache Hit from cloudfront x-envoy-upstream-service-time 98 content-length 1150 x-xss-protection 1; mode=block last-modified Wed, 14 Aug 2024 09:13:50 GMT server ufe x-frame-options SAMEORIGIN access-control-allow-methods GET content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=31536000 vary Accept-Encoding timing-allow-origin * x-amz-cf-id GF46aYbbquuyszDF4sBCp4-3iSY7w-fdtVQatZYvQr9-TULx3LQgFw== x-uber-edge e4-dca11:w:1312193657,ufe:production-cloud-gateway:compute-0:dca24,ufe:production-cloud-ecg-l7:default:bru1
GET H2	200	99c4bc580c8b57b7.ico d3i4yxtzktqr9n.cloudfront.net/web-employee/	1 KB 0	0ms 0ms	Other image/vnd.microsoft.icon	13.33.216.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3i4yxtzktqr9n.cloudfront.net/web-employee/99c4bc580c8b57b7.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.216.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-216-146.fra60.r.cloudfront.net Software ufe / Resource Hash da7b9c9be67c8be3833c9e77f2b7a666c6d4716a7687356f6276bcc49c4fe162 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://redeem.uber.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 18 Aug 2024 05:38:39 GMT via 1.1 google, 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop FRA60-P10 age 434648 x-cache Hit from cloudfront x-envoy-upstream-service-time 98 content-length 1150 x-xss-protection 1; mode=block last-modified Wed, 14 Aug 2024 09:13:50 GMT server ufe x-frame-options SAMEORIGIN access-control-allow-methods GET content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=31536000 vary Accept-Encoding timing-allow-origin * x-amz-cf-id GF46aYbbquuyszDF4sBCp4-3iSY7w-fdtVQatZYvQr9-TULx3LQgFw== x-uber-edge e4-dca11:w:1312193657,ufe:production-cloud-gateway:compute-0:dca24,ufe:production-cloud-ecg-l7:default:bru1
POST H2	204	events Show response logx.optimizely.com/v1/	0 386 B	270ms 128ms	XHR text/plain	34.49.241.189 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://logx.optimizely.com/v1/events Requested by Host: cdn.optimizely.com URL: https://cdn.optimizely.com/js/2192960133.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 189.241.49.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://redeem.uber.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 23 Aug 2024 06:22:48 GMT via 1.1 google access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://redeem.uber.com access-control-expose-headers X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id access-control-allow-credentials true timing-allow-origin * access-control-allow-headers X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-request-id b7eb8e74-088f-47d6-aad2-58a50913ded4

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| optimizely number| startTime number| duration string| __FUSION_ASSET_PATH__ string| __NONCE__ object| webpackChunkFusion function| clearImmediate function| setImmediate function| Hammer string| url object| utag_data object| dataObject string| tempLang string| lang string| domain object| utag function| getCookieValue function| getParameterByName string| gaAccount object| redux_State object| utag_err object| _hjSettings function| hj function| _tealium_old_error string| GoogleAnalyticsObject function| ga string| TiktokAnalyticsObject object| ttq object| reduxState

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			redeem.uber.com/	1969-12-31 23:59:59	Name: _ua Value: {"session_id":"e0fb1a05-b8d2-481a-a95f-4fad2d675f97","session_time_ms":1724394166584}
			redeem.uber.com/	1969-12-31 23:59:59	Name: web_employee_city_id Value: 2442
			redeem.uber.com/	1970-01-20 23:01:20	Name: jwt-session Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MjQzOTQxNjYsImV4cCI6MTcyNDQ4MDU2Nn0.f0C06Z6YHBAcyQ9XxW-mXIzxTPuxceJXWrNYhhvuZwY
			.uber.com/	1970-01-21 03:19:06	Name: optimizelyEndUserId Value: oeu1724394166814r0.6568876119993992
			.uber.com/	1970-01-21 07:45:30	Name: utag_main__sn Value: 1
			.uber.com/	1970-01-20 22:59:55	Name: utag_main__se Value: 1%3Bexp-session
			.uber.com/	1970-01-20 22:59:55	Name: utag_main__ss Value: 1%3Bexp-session
			.uber.com/	1970-01-20 22:59:55	Name: utag_main__st Value: 1724395967112%3Bexp-session
			.uber.com/	1970-01-20 22:59:55	Name: utag_main_ses_id Value: 1724394167112%3Bexp-session
			.uber.com/	1970-01-20 22:59:55	Name: utag_main__pn Value: 1%3Bexp-session
			.uber.com/	1970-01-21 07:45:30	Name: mp_adec770be288b16d9008c964acfba5c2_mixpanel Value: %7B%22distinct_id%22%3A%20%221917de6db58480-09187f99b43458-1f462c6f-1d4c00-1917de6db5917cf%22%2C%22%24device_id%22%3A%20%221917de6db58480-09187f99b43458-1f462c6f-1d4c00-1917de6db5917cf%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://redeem.uber.com/ Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-src 'self' https://payments.uber.com https://payments-staging.uber.com https://auth.uber.com/ bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self' blob: 'self' blob: https://*.mapbox.com; child-src 'self' blob: 'self' blob: https://*.mapbox.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com *.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-a8702764-f13e-4691-ac79-e1d592d499af' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://api.tiles.mapbox.com https://fonts.googleapis.com https://api.tiles.mapbox.com; img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a745050198.cdn.optimizely.com
cdn.optimizely.com
d3i4yxtzktqr9n.cloudfront.net
logx.optimizely.com
redeem.uber.com
tags.tiqcdn.com
13.33.216.146
2600:9000:235a:0:7:2bfb:7c00:93a1
2606:4700::6812:4139
34.49.241.189
69.48.216.12
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0e6b658ab2f7d97b426c85fcf33f02f38a7b61c2e5633e3f3219f41bb8e89eea
14aa919d988307dcd681c2b6dd3c544ea50ff079bf5b68a8e98f9ef2013e5a77
1506fc5e0ca944a0c6ffef1e0e90c37cdb254275a01e4672b9678bb383598a6f
25cf6d0395a4a0c80f5b56247208abd3d062f10dac1e8d626c1a74804836efd1
2765e5c2c468806af5fe1528e57116042b49a24790d8a0111615b1bcedfe13e0
4bb0a1bc487277435ae0d974346fcc7d822c5542cbc8f709358c2e59e0b717b4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
7c4eba2abe39cfcb0015540aebba52676d1a34310e599c56155cdd1a98c7d5e2
899d72fc158e2dccc6652cf8a5726198bc17b077e1a04950ef0561bf75f3f75a
9b0d296027090ac7deaadbc7d9d7ff6fdd9ebcd95fc9afa0be5fdab1111346cb
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
da7b9c9be67c8be3833c9e77f2b7a666c6d4716a7687356f6276bcc49c4fe162
de74da3a164457e3d5fcd3cd3539d25acb7fc508a25783cd52515088743ae633
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f566b2d8ef6c8ac1025d1825d83c7e5f0605f87a662394a8a67edc72cca5dac6
fd5a9f9f8e12c2a453124eab1fbf36a322392546caa52305b7f732d82eab0250