auth.uber.com Open in urlscan Pro
34.98.127.226 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.et.uber.com/?qs=5f891d7dc8ea6eb3878a1be918498d36d74b876689661b95101120ccd49bd5b6d7ad6ab19709c9d5fef40f5d8a85...
Effective URL:
https://auth.uber.com/login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCalere...
Submission Tags: falconsandbox
Submission: On October 09 via api (October 9th 2020, 4:53:33 am UTC) from US

Summary HTTP 39 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 8 domains to perform 39 HTTP transactions. The main IP is 34.98.127.226, located in United States and belongs to GOOGLE, US. The main domain is auth.uber.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 29th 2020. Valid for: 2 years.

This is the only time auth.uber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.245.92.61 198.245.92.61	22606 (EXACT-7) (EXACT-7)
1 9	104.36.195.150 104.36.195.150	63086 (UBER-PROD) (UBER-PROD)
6	13.224.186.2 13.224.186.2	16509 (AMAZON-02) (AMAZON-02)
3	104.111.215.136 104.111.215.136	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:284::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.8.4.210 23.8.4.210	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.43.116.208 23.43.116.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	34.98.127.226 34.98.127.226	15169 (GOOGLE) (GOOGLE)
5	65.9.94.152 65.9.94.152	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	143.204.94.66 143.204.94.66	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:f... 2600:1901:0:ff7::	15169 (GOOGLE) (GOOGLE)
39	14

1 198.245.92.61 (Fishers, United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.et.uber.com

click.et.uber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.36.195.150 (Ashburn, United States) 1 redirects

ASN63086 (UBER-PROD, US)

biz.uber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csp.uber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.uber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.186.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-2.fra2.r.cloudfront.net

d3i4yxtzktqr9n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.215.136 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-136.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:284::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.4.210 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-4-210.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.116.208 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-43-116-208.deploy.static.akamaitechnologies.com

a745050198.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.127.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 226.127.98.34.bc.googleusercontent.com

auth.uber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.94.152 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d1a3f4spazzrp4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.94.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-66.fra50.r.cloudfront.net

www.cdn-net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:ff7:: (United States)

ASN15169 (GOOGLE, US)

six.cdn-net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	uber.com 3 redirects click.et.uber.com biz.uber.com csp.uber.com auth.uber.com events.uber.com	37 KB
11	cloudfront.net d3i4yxtzktqr9n.cloudfront.net d1a3f4spazzrp4.cloudfront.net	1 MB
3	cdn-net.com www.cdn-net.com six.cdn-net.com	38 KB
3	optimizely.com cdn.optimizely.com cdn3.optimizely.com a745050198.cdn.optimizely.com	107 KB
3	tiqcdn.com tags.tiqcdn.com	112 KB
2	facebook.net connect.facebook.net	64 KB
1	gstatic.com www.gstatic.com	133 KB
1	google.com www.google.com	646 B
39	8

	Domain	Requested by
7	auth.uber.com	1 redirects d3i4yxtzktqr9n.cloudfront.net d1a3f4spazzrp4.cloudfront.net
6	d3i4yxtzktqr9n.cloudfront.net	biz.uber.com
5	d1a3f4spazzrp4.cloudfront.net	auth.uber.com d1a3f4spazzrp4.cloudfront.net
4	events.uber.com	d1a3f4spazzrp4.cloudfront.net
3	tags.tiqcdn.com	biz.uber.com tags.tiqcdn.com d1a3f4spazzrp4.cloudfront.net
3	biz.uber.com	1 redirects d3i4yxtzktqr9n.cloudfront.net
2	www.cdn-net.com	d1a3f4spazzrp4.cloudfront.net www.cdn-net.com
2	connect.facebook.net	d1a3f4spazzrp4.cloudfront.net connect.facebook.net
2	csp.uber.com	tags.tiqcdn.com
1	six.cdn-net.com	www.cdn-net.com
1	www.gstatic.com	www.google.com
1	www.google.com	d1a3f4spazzrp4.cloudfront.net
1	a745050198.cdn.optimizely.com	cdn.optimizely.com
1	cdn3.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	biz.uber.com
1	click.et.uber.com	1 redirects
39	16

This site contains links to these domains. Also see Links.

Domain
www.uber.com

Subject Issuer	Validity	Valid
*.uber.com DigiCert SHA2 Secure Server CA	`2020-06-29` - `2022-08-05`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.cdn-net.com Amazon	`2019-12-29` - `2021-01-29`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://auth.uber.com/login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_disclaimer%3DFalse%26uuid%3D4b414ebf-549c-4355-9157-1fcbf879e79c%26organization_domain%3Dcaleres.com%26action%3Dredeem-employee-invite%26encrypted_params%3DA8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%253D%253D%26decentralized%3DTrue%26utm_medium%3Demail%26utm_campaign%3DNA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%26utm_source%3DET%26signature_expiry%3D1602219796%26signature%3Dc37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
Frame ID: 90024D1F7990F52329F3727B43A0ECCC
Requests: 37 HTTP requests in this frame

Frame: https://a745050198.cdn.optimizely.com/client_storage/a745050198.html
Frame ID: 6C50A1ADEDB564E324F4EA551E9E5BB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.et.uber.com/?qs=5f891d7dc8ea6eb3878a1be918498d36d74b876689661b95101120ccd49bd5b6d7ad6ab1... HTTP 302
https://biz.uber.com/public/redeem-employee-invite?organization_name=Caleres+Travel&show_pp=True&... HTTP 302
https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&... Page URL
https://auth.uber.com/login?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganiz... HTTP 301
https://auth.uber.com/login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forgani... Page URL

Page Statistics

39
Requests

97 %
HTTPS

36 %
IPv6

8
Domains

16
Subdomains

14
IPs

5
Countries

1790 kB
Transfer

6423 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.uber.com/legal/privacy/users/en/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.uber.com/legal/terms/us/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.uber.com/global/en/privacy/notice/
Title: cookie statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.et.uber.com/?qs=5f891d7dc8ea6eb3878a1be918498d36d74b876689661b95101120ccd49bd5b6d7ad6ab19709c9d5fef40f5d8a85e441d683a748d5db4cc56d56b884e596dbb9 HTTP 302
https://biz.uber.com/public/redeem-employee-invite?organization_name=Caleres+Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&email=bolson%40caleres.com&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET HTTP 302
https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4 Page URL
https://auth.uber.com/login?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_disclaimer%3DFalse%26uuid%3D4b414ebf-549c-4355-9157-1fcbf879e79c%26organization_domain%3Dcaleres.com%26action%3Dredeem-employee-invite%26encrypted_params%3DA8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%253D%253D%26decentralized%3DTrue%26utm_medium%3Demail%26utm_campaign%3DNA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%26utm_source%3DET%26signature_expiry%3D1602219796%26signature%3Dc37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4 HTTP 301
https://auth.uber.com/login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_disclaimer%3DFalse%26uuid%3D4b414ebf-549c-4355-9157-1fcbf879e79c%26organization_domain%3Dcaleres.com%26action%3Dredeem-employee-invite%26encrypted_params%3DA8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%253D%253D%26decentralized%3DTrue%26utm_medium%3Demail%26utm_campaign%3DNA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%26utm_source%3DET%26signature_expiry%3D1602219796%26signature%3Dc37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://click.et.uber.com/?qs=5f891d7dc8ea6eb3878a1be918498d36d74b876689661b95101120ccd49bd5b6d7ad6ab19709c9d5fef40f5d8a85e441d683a748d5db4cc56d56b884e596dbb9 HTTP 302
https://biz.uber.com/public/redeem-employee-invite?organization_name=Caleres+Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&email=bolson%40caleres.com&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET HTTP 302
https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

XJNJAAhXFcP4 Show response
biz.uber.com/public/confirm/
Redirect Chain

https://click.et.uber.com/?qs=5f891d7dc8ea6eb3878a1be918498d36d74b876689661b95101120ccd49bd5b6d7ad6ab19709c9d5fef40f5d8a85e441d683a748d5db4cc56d56b884e596dbb9
https://biz.uber.com/public/redeem-employee-invite?organization_name=Caleres+Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c...
https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c...

29 KB
9 KB

133ms
132ms

Document
text/html

104.36.195.150
UBER-PROD

General

Check archive.org

Show headers Download Go to

Full URL

https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.36.195.150 Ashburn, United States, ASN63086 (UBER-PROD, US),

Reverse DNS

Software

ufe /

Resource Hash

0322e2b243466c529851aa65273b867ecaa1ab0c863bb476fdf95c42e5a12959

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com .doubleclick.net .tealiumiq.com .demdex.net .optimizely.com; worker-src 'self'; child-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com .doubleclick.net .tealiumiq.com .demdex.net; connect-src 'self' events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net .optimizely.com www.google-analytics.com .tealiumiq.com .demdex.net https://api.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-aa89f269-7652-4380-87fc-096341bd30f1' 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com .adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net .optimizely.com .tealiumiq.com .doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.mxpnl.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: biz.uber.com
:scheme: https
:path: /public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _ua={"session_id":"99c8f2b6-9f12-44f6-8b2e-3ec18e9cae60","session_time_ms":1602219196581}; jwt-session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MDIyMTkxOTYsImV4cCI6MTYwMjMwNTU5Nn0.FeBZQ9WA1m1Q9ht9RjjZvaGgAG5-wE-OID5SeuNUDgU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 09 Oct 2020 04:53:16 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-security-policy: block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self'; child-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net https://api.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-aa89f269-7652-4380-87fc-096341bd30f1' 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.mxpnl.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:26
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cache-control: max-age=0
content-encoding: gzip
x-envoy-upstream-service-time: 13
server: ufe

Redirect headers

status: 302
date: Fri, 09 Oct 2020 04:53:16 GMT
content-type: text/html; charset=utf-8
content-security-policy: block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self'; child-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net https://api.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-b0b73ba2-61b4-4e0e-a632-508e1b2cac56' 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.mxpnl.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
location: /public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
set-cookie: _ua={"session_id":"99c8f2b6-9f12-44f6-8b2e-3ec18e9cae60","session_time_ms":1602219196581}; path=/; secure oauth2_sid=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT jwt-session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MDIyMTkxOTYsImV4cCI6MTYwMjMwNTU5Nn0.FeBZQ9WA1m1Q9ht9RjjZvaGgAG5-wE-OID5SeuNUDgU; path=/; expires=Sat, 10 Oct 2020 04:53:16 GMT; secure; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:26
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cache-control: max-age=0
x-envoy-upstream-service-time: 20
vary: Accept-Encoding
content-encoding: gzip
server: ufe

GET
H2 200 client-main-808d32f212b4ab6e3ae8.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 122 KB
36 KB 124ms
50ms Script
application/javascript 13.224.186.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-main-808d32f212b4ab6e3ae8.js

Requested by

Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.186.2 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-186-2.fra2.r.cloudfront.net

Software

ufe /

Resource Hash

13421ba05dd39333cddb9f65fb2627922237686b11aa9e49d90eedd0611c7780

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://biz.uber.com
Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 17:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42495
x-cache: Hit from cloudfront
x-amz-meta-content-encoding: gzip
status: 200
x-envoy-upstream-service-time: 148
x-tb-source: terrablob
content-length: 35906
x-xss-protection: 1; mode=block
access-control-allow-origin: *
rpc-service: terrablob-gateway-tier3
last-modified: Thu, 08 Oct 2020 16:59:38 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "0fe095112907d093adc7ee2dc89fd6f0"
strict-transport-security: max-age=604800
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: r4wCMckdfI_eo7y7BDMLWLQgwZu2WPaLJVKjT6a8vL7WBJNZyLzJAg==
x-uber-app: terrablob-gateway-tier3
x-uber-edge: e4-dca1:w:22

GET
H2 200 client-vendor-b230a8b6785a8f134cd6.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 2 MB
470 KB 138ms
64ms Script
application/javascript 13.224.186.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-vendor-b230a8b6785a8f134cd6.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.186.2 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-186-2.fra2.r.cloudfront.net

Software

ufe /

Resource Hash

797cbfe33191480d2d42cc0895c3e8c41f6a12a24896af42012693e151a49778

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://biz.uber.com
Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 22:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1145451
x-cache: Hit from cloudfront
x-amz-meta-content-encoding: gzip
status: 200
x-envoy-upstream-service-time: 117
x-tb-source: terrablob
content-length: 480209
x-xss-protection: 1; mode=block
access-control-allow-origin: *
rpc-service: terrablob-gateway-tier3
last-modified: Tue, 22 Sep 2020 07:44:27 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "9572add114b5540843fcba7e0ab79db5"
strict-transport-security: max-age=604800
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: tDaOwm-qDD43BOOnGS0TkvTo199xeLWK0cbt9bnphHee1YpyW888uQ==
x-uber-app: terrablob-gateway-tier3
x-uber-edge: e4-dca1:w:4

GET
H2 200 client-runtime-31e7b180f91378b46e69.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 1 KB
1 KB 106ms
33ms Script
application/javascript 13.224.186.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-runtime-31e7b180f91378b46e69.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.186.2 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-186-2.fra2.r.cloudfront.net

Software

ufe /

Resource Hash

bca602087c6f7ef96c302b3ff196e838a49327859f4bed9b08b64d01dd0ecd3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://biz.uber.com
Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 09:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2834902
x-cache: Hit from cloudfront
x-amz-meta-content-encoding: gzip
status: 200
x-envoy-upstream-service-time: 74
x-tb-source: terrablob
content-length: 716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
rpc-service: terrablob-gateway-tier3
last-modified: Fri, 28 Aug 2020 16:20:29 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "0d89b562f4dd19c4380152f7104d5662"
strict-transport-security: max-age=604800
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: S1HSFPtemy8-aRpHCAogYqg8lpAseDlxdGgCthVqzjkTJ7v-McxtyA==
x-uber-app: terrablob-gateway-tier3
x-uber-edge: e4-dca1:w:8

GET
H2 200 a829752af51129e08130f943eaf3e568.woff2
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 28 KB
29 KB 155ms
82ms Font
font/woff2 13.224.186.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-employee/a829752af51129e08130f943eaf3e568.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.186.2 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-186-2.fra2.r.cloudfront.net

Software

ufe /

Resource Hash

4b45e0cdba61e5d00bef1dc95fabe543a8e8ef8be342bce0477f729d80238c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://biz.uber.com
Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 06:41:10 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1894326
x-cache: Hit from cloudfront
status: 200
x-envoy-upstream-service-time: 161
strict-transport-security: max-age=604800
x-tb-source: terrablob
content-length: 28520
x-xss-protection: 1; mode=block
rpc-service: terrablob-gateway-tier3
last-modified: Fri, 28 Aug 2020 16:20:29 GMT
server: ufe
etag: "a829752af51129e08130f943eaf3e568"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ADl0n6gsLkGL3iisCq65NdXXlA0GNnNwzcqAronlgHXv2R8LSbcNiA==
x-uber-app: terrablob-gateway-tier3
x-uber-edge: e4-dca1:w:13

GET
H2 200 fcb52a268777aa859b5c53bc17630487.woff2
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 29 KB
30 KB 159ms
86ms Font
font/woff2 13.224.186.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-employee/fcb52a268777aa859b5c53bc17630487.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.186.2 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-186-2.fra2.r.cloudfront.net

Software

ufe /

Resource Hash

9ad0d5b942e6ac6cb0e14c417b2a3b9536c8c6b11bc6d2c8bb7af552fe87a307

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://biz.uber.com
Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 04:51:57 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3974478
x-cache: Hit from cloudfront
status: 200
x-envoy-upstream-service-time: 91
strict-transport-security: max-age=604800
x-tb-source: terrablob
content-length: 29576
x-xss-protection: 1; mode=block
rpc-service: terrablob-gateway-tier3
last-modified: Fri, 24 Jul 2020 08:04:15 GMT
server: ufe
etag: "fcb52a268777aa859b5c53bc17630487"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mRGxtubNn2VDxzS9_La9J_9Urm7syqIQxpChkCucN-NmGWOyYQAZjA==
x-uber-app: terrablob-gateway-tier3
x-uber-edge: e4-dca1:w:1

GET
H2 200 f2eaaf0bc08903f5915b809ee80b04c7.woff2
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 29 KB
30 KB 177ms
103ms Font
font/woff2 13.224.186.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-employee/f2eaaf0bc08903f5915b809ee80b04c7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.186.2 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-186-2.fra2.r.cloudfront.net

Software

ufe /

Resource Hash

0ba42888b81195edfb7b2dafbdd9f3613a0553055fd33559b73a4f9bb530d4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://biz.uber.com
Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 06:41:10 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1894326
x-cache: Hit from cloudfront
status: 200
x-envoy-upstream-service-time: 115
strict-transport-security: max-age=604800
x-tb-source: terrablob
content-length: 29584
x-xss-protection: 1; mode=block
rpc-service: terrablob-gateway-tier3
last-modified: Fri, 28 Aug 2020 16:20:29 GMT
server: ufe
etag: "f2eaaf0bc08903f5915b809ee80b04c7"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: HMJw2xW_xTsGDbEt01Oj3MF_8uDAlEzUxUs0wml2kDMgH9rntIosWw==
x-uber-app: terrablob-gateway-tier3
x-uber-edge: e4-dca1:w:12

GET
H2 200 utag.js
tags.tiqcdn.com/utag/uber/main/prod/ 400 KB
56 KB 123ms
55ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Requested by: Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 04:53:17 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 15:27:48 GMT
server: AkamaiNetStorage
etag: "85f0faf6b4ab8eabfe31a4996942da64:1602084468.17712"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 09 Oct 2020 04:58:17 GMT

GET
H2 200 2192960133.js Show response
cdn.optimizely.com/js/ 378 KB
106 KB 120ms
106ms Script
text/javascript 2a02:26f0:6c00:284::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/2192960133.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:284::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

83be9bcef0e1612aba49dba2443397f10d12be1dfd37c53221f2336638674dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: IRs3gqrO2wnCsDlBK2gB7xYaC8gAO33X
content-encoding: gzip
etag: "d4f52d9349f9586301a257e855d257c4"
x-amz-request-id: 642F079740D16E9C
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:284::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 107938
x-amz-id-2: zr12qJYCrYMglAmSDMSUE5C0idYfHSUFBrq6AjJKVRqRZDuLmRY0Emm2GCRVhxKAbp7e2gmHPMw=
last-modified: Wed, 23 Sep 2020 11:36:30 GMT
server: AmazonS3
date: Fri, 09 Oct 2020 04:53:16 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 6781
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK geo2.js
cdn3.optimizely.com/js/ 292 B
699 B 104ms
32ms Script
application/javascript 23.8.4.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo2.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/2192960133.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.4.210 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-8-4-210.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server: AmazonS3
x-amz-request-id: 1M8Z6NDM8Q9RBQAM
ETag: "adadfc5d7afd13e353d9d52cec1c7827"
Content-Type: application/javascript
Cache-Control: max-age=76683
Date: Fri, 09 Oct 2020 04:53:17 GMT
Connection: keep-alive
Content-Length: 292
x-amz-id-2: e0DfpPCvduZFnb6ZciK4olb+zHMgnCYElGuy2DUyCVLgZNxhA625oXUremcgiV0JZ/jXU73n8LA=

GET
H2 200 a745050198.html
a745050198.cdn.optimizely.com/client_storage/ Frame 6C50 0
0 110ms
32ms Document
text/html 23.43.116.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://a745050198.cdn.optimizely.com/client_storage/a745050198.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/2192960133.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.43.116.208 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a23-43-116-208.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a745050198.cdn.optimizely.com
:scheme: https
:path: /client_storage/a745050198.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4

Response headers

status: 200
x-amz-id-2: +dz8sukGswCVxJ5/fz+ABhnWrAVhNi0VIDIuOdlUbQF9cSQptlaod0jg5N3WjAhla2UF0RxCfrQ=
x-amz-request-id: 4B0ECE0737C14048
x-amz-replication-status: PENDING
last-modified: Wed, 23 Sep 2020 11:36:14 GMT
etag: "ba6bc9b9ff6191b9c0cde5c57e13213a"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: CB1ru6A9aHJxgaCqS.diueVX19RTZuyR
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 767
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
date: Fri, 09 Oct 2020 04:53:17 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="13";dur=0,cdnip;desc="23.43.116.208";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

POST
H2 200 redeemTokenInApp
biz.uber.com/api/ 856 B
1 KB 154ms
153ms XHR
application/json 104.36.195.150
UBER-PROD

General

Check archive.org

Show headers Download Go to

Full URL

https://biz.uber.com/api/redeemTokenInApp

Requested by

Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-vendor-b230a8b6785a8f134cd6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.36.195.150 Ashburn, United States, ASN63086 (UBER-PROD, US),

Reverse DNS

Software

ufe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
x-csrf-token: x
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Oct 2020 04:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ufe
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
cache-control: max-age=0
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:9

POST
H2 200 csp
csp.uber.com/ 0
183 B 372ms
127ms Other
text/plain 104.36.195.150
UBER-PROD

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.uber.com/csp?a=web-employee&ro=false

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.36.195.150 Ashburn, United States, ASN63086 (UBER-PROD, US),

Reverse DNS

Software

ufe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 09 Oct 2020 04:53:17 GMT
x-content-type-options: nosniff
server: ufe
x-frame-options: SAMEORIGIN
status: 200
cache-control: max-age=0
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=604800
content-length: 0
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:1

GET
H2 200 utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 32ms
32ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=uber/main/202010071527&nocookie=1
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 04:53:17 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 09 Oct 2020 05:03:17 GMT

GET
H3-Q050

200

Primary Request / Show response
auth.uber.com/login/
Redirect Chain

https://auth.uber.com/login?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_di...
https://auth.uber.com/login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_d...

71 KB
21 KB

195ms
168ms

Document
text/html

34.98.127.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.uber.com/login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_disclaimer%3DFalse%26uuid%3D4b414ebf-549c-4355-9157-1fcbf879e79c%26organization_domain%3Dcaleres.com%26action%3Dredeem-employee-invite%26encrypted_params%3DA8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%253D%253D%26decentralized%3DTrue%26utm_medium%3Demail%26utm_campaign%3DNA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%26utm_source%3DET%26signature_expiry%3D1602219796%26signature%3Dc37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4

Requested by

Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-main-808d32f212b4ab6e3ae8.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.98.127.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.127.98.34.bc.googleusercontent.com

Software

ufe /

Resource Hash

150cb6d76b1e439925c9489ccd18dbf79c066296ee85676cfd19d993a9411484

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content; child-src 'self' https://accounts.google.com https://apis.google.com https://staticxx.facebook.com https://www.facebook.com https://www.google.com vars.hotjar.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com .doubleclick.net .tealiumiq.com .demdex.net; connect-src 'self' 'self' .cloudfront.net .hotjar.com .mktoresp.com .optimizely.com .tealiumiq.com d1a3f4spazzrp4.cloudfront.net events.uber.com https://auth.uberinternal.com https://events.uber.com/events/web/ https://staging.cdn-net.com https://www.cdn-net.com https://www.google-analytics.com https://www.googleapis.com stats.g.doubleclick.net www.google-analytics.com events.uber.com api.mixpanel.com d1a3f4spazzrp4.cloudfront.net .optimizely.com www.google-analytics.com .tealiumiq.com .demdex.net; font-src 'self' data: data: https://d1a3f4spazzrp4.cloudfront.net; form-action 'self' ; frame-ancestors 'self'; frame-src 'self' .demdex.net .doubleclick.net .marketo.com .optimizely.com analytics.recruitics.com bs.serving-sys.com cdn.krxd.net ci.iasds01.com click.appcast.io https://accounts.google.com https://apis.google.com https://staging.cdn-net.com/ https://staticxx.facebook.com https://www.cdn-net.com/ https://www.facebook.com https://www.google.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com .doubleclick.net .tealiumiq.com .demdex.net; img-src 'self' data: 'self' https://d1w2poirtb3as9.cloudfront.net https://maps.googleapis.com https://stats.g.doubleclick.net https://www.facebook.com https://www.google-analytics.com https://www.google.com * https://d1a3f4spazzrp4.cloudfront.net; media-src 'self' https://d1a3f4spazzrp4.cloudfront.net; object-src https://www.cdn-net.com/ https://staging.cdn-net.com/; script-src 'self' 'unsafe-inline' 'nonce-520d5691-0116-4b03-9d5b-e6b0f6e3d5d3' 'self' 'unsafe-eval' 'unsafe-inline' .hotjar.com .marketo.com .marketo.net .nanigans.com .optimizely.com .tealiumiq.com connect.facebook.net d1a3f4spazzrp4.cloudfront.net https://apis.google.com https://apis.google.com https://connect.facebook.net https://six.cdn-net.com https://staging.cdn-net.com https://www.cdn-net.com https://www.google-analytics.com https://www.google.com https://www.googleapis.com https://www.gstatic.com maps.google.com maps.googleapis.com tags.tiqcdn.com https://bat.bing.com/bat.js https://js.braintreegateway.com/v1/braintree.js .googletagmanager.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com .adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net .optimizely.com .tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com https://d1a3f4spazzrp4.cloudfront.net; style-src 'self' 'unsafe-inline' 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net; report-uri https://csp.uber.com/csp?a=arch-frontend&ro=false&v=0
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: auth.uber.com
:scheme: https
:path: /login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_disclaimer%3DFalse%26uuid%3D4b414ebf-549c-4355-9157-1fcbf879e79c%26organization_domain%3Dcaleres.com%26action%3Dredeem-employee-invite%26encrypted_params%3DA8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%253D%253D%26decentralized%3DTrue%26utm_medium%3Demail%26utm_campaign%3DNA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%26utm_source%3DET%26signature_expiry%3D1602219796%26signature%3Dc37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: optimizelyEndUserId=oeu1602219196989r0.8781558800032665; OPTOUTMULTI=; utag_main=v_id:01750bb4c34d0017e601b9a5ad020007802b707000b08$_sn:1$_ss:1$_st:1602220997263$ses_id:1602219197263%3Bexp-session$_pn:1%3Bexp-session$utm_campaign:NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%3Bexp-1604638397314$utmsource:ET%3Bexp-1604638397315$utmmedium:email%3Bexp-1604638397316; segmentCookie=b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://biz.uber.com/public/confirm/XJNJAAhXFcP4?organization_name=Caleres%20Travel&show_pp=True&confirmation_token=XJNJAAhXFcP4&show_tier_disclaimer=False&uuid=4b414ebf-549c-4355-9157-1fcbf879e79c&organization_domain=caleres.com&action=redeem-employee-invite&encrypted_params=A8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%3D%3D&decentralized=True&utm_medium=email&utm_campaign=NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2&utm_source=ET&signature_expiry=1602219796&signature=c37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4

Response headers

status: 200
date: Fri, 09 Oct 2020 04:53:17 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-security-policy: default-src 'none'; block-all-mixed-content; child-src 'self' https://accounts.google.com https://apis.google.com https://staticxx.facebook.com https://www.facebook.com https://www.google.com vars.hotjar.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' 'self' *.cloudfront.net *.hotjar.com *.mktoresp.com *.optimizely.com *.tealiumiq.com d1a3f4spazzrp4.cloudfront.net events.uber.com https://auth.uberinternal.com https://events.uber.com/events/web/ https://staging.cdn-net.com https://www.cdn-net.com https://www.google-analytics.com https://www.googleapis.com stats.g.doubleclick.net www.google-analytics.com events.uber.com api.mixpanel.com d1a3f4spazzrp4.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net; font-src 'self' data: data: https://d1a3f4spazzrp4.cloudfront.net; form-action 'self' *; frame-ancestors 'self'; frame-src 'self' *.demdex.net *.doubleclick.net *.marketo.com *.optimizely.com analytics.recruitics.com bs.serving-sys.com cdn.krxd.net ci.iasds01.com click.appcast.io https://accounts.google.com https://apis.google.com https://staging.cdn-net.com/ https://staticxx.facebook.com https://www.cdn-net.com/ https://www.facebook.com https://www.google.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; img-src 'self' data: 'self' https://d1w2poirtb3as9.cloudfront.net https://maps.googleapis.com https://stats.g.doubleclick.net https://www.facebook.com https://www.google-analytics.com https://www.google.com * * https://d1a3f4spazzrp4.cloudfront.net; media-src 'self' https://d1a3f4spazzrp4.cloudfront.net; object-src https://www.cdn-net.com/ https://staging.cdn-net.com/; script-src 'self' 'unsafe-inline' 'nonce-520d5691-0116-4b03-9d5b-e6b0f6e3d5d3' 'self' 'unsafe-eval' 'unsafe-inline' *.hotjar.com *.marketo.com *.marketo.net *.nanigans.com *.optimizely.com *.tealiumiq.com connect.facebook.net d1a3f4spazzrp4.cloudfront.net https://apis.google.com https://apis.google.com https://connect.facebook.net https://six.cdn-net.com https://staging.cdn-net.com https://www.cdn-net.com https://www.google-analytics.com https://www.google.com https://www.googleapis.com https://www.gstatic.com maps.google.com maps.googleapis.com tags.tiqcdn.com https://bat.bing.com/bat.js https://js.braintreegateway.com/v1/braintree.js *.googletagmanager.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com https://d1a3f4spazzrp4.cloudfront.net; style-src 'self' 'unsafe-inline' 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net; report-uri https://csp.uber.com/csp?a=arch-frontend&ro=false&v=0
etag: W/"11b91-rOnyauDxQPnTWL84pVuqF8sEdwE"
set-cookie: marketing_vistor_id=181b1876-d00f-476f-b79e-029807b2d1a6; Domain=.uber.com; Path=/; Expires=Sat, 09 Oct 2021 04:53:17 GMT arch-frontend:sess=_oQL3slYtmL5S5la4wRVpA.aEoH5LYJR8lyl-x9XfqIQYFxocuzHVZxvILv3UO4HkI8Br2IznsFTxNrQEjUINbSOunPt7IX58Wd5XauQC3efq37yQLJ9ab9_noKDSgSmIgcc5B3G3W6QSbThXyB7pJYcs-khfyfC9grusDqqIujItaCUGjBBg1SitY26ouVhgmDp42dcCaCo7VM9rmQc18rYoQ3_SsfPiY0xVZWWm85gDxmH2uOMjdNhsz3GiyPRFKq3Ozav6choqQoNAEPytFW3ZKKMg3K38vV_6M18gdaJGSmhpnR036927NbO2k71pOkfTZ-vM_qYI72Xtkh0N_FyOacBNWQMuefKtm52dIGW0ctwhZ3y3mPHvxC-vV5pRQzTqWkPFIvxjGXcJaEhKHlLnBSOQG2KbrZ5MhKwdKqBmdfMpr_18gRIRRhz5WPc0XYDXeqrH3Uq2axAFbVZjp_UIUjq76fc-mZ0eoctzcOF_IZ7jQ_elKCK3lhIghKb1JWtvHN1dam5M5JprA2T7EA3VFOGskZI0AfLiN1Drflufh_S7I5ytmUTnUHuUhk291LM3U7r8lHfNYBxAoilaO5UlrpWhtKzkiBnl-zJp2myPYVqYRYqxL5h6XHWCAdrw2C_m_VZwXbXciGWLybLYjcRQoroWzFgeU-h68CQL8LdOW1ILXzWs7WuTxDj8dKXGj4W-pqoXWufh8av0kzqu9SJWhescIACXrcLpxBnYWhzEf0lySebuvj65bPbwcxd2FQhaGt0OMKEtEUKGDhyomss11j2h-5TVcazDIedc15Pc76WfhPg4rCtOj0l6GuOSCwPVBG2KtTV8d8_I0KZ1hW8ne4Sc_Mw10povr8BUGNi0D1u8ZUgapb3ARqmajeXNT8GnVZq9SMPmqrg6kVGMNIDnLtZRwuXtLgZFf0RBmDbP8XnibElfNytkofQ_bavSt1MWqolqz3TsDlOBO4-o0muWBqmv5wBAJxlKc7xnz-RqToVM2oDKSqXWOhdoWX5J-G3RyFh3Qh9yCWQKzOXNjPjeJ9Qo_yaREP6hu2KlyE4bA9tQ4u8u6meVZVCBVww6fT7rB6KZOiV7DWbtPfFzrJFNvfP2u7Mbkkk2q4drtczLy8FbUSEyYsuawHTNTMZxsZ2FPKX1a9fG6gLNCy6KB8VZ6AUI3g60Rr77xI0PuU_OGvmRltEm7DxQ3x68fIkENMCoQYGcSfFCdHQxaQZgUCcUH2B2rSLq4kRbelLOBEGV_qRtTscWFOkLxrgZaXS_OHv0ZtYyTF6dPzqd-vIJsOKTN9OVcr12nZv6gEHR7CMfEfq7koqspdKn5kAVZKDIc.1602219197755.1209600000.9H2IYX3RRdU1vE9HIunAUPfVQM3qlrIpaSzeubsUwpc; path=/; expires=Fri, 23 Oct 2020 04:53:18 GMT; secure; httponly
x-csrf-token: 1602219198-01-DOYgOByKCvhMadY5Z0aJHq4Hl_7gXM1S5Qn7vAfLV-Y
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:8
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cache-control: max-age=0
timing-allow-origin: *
content-encoding: gzip
x-envoy-upstream-service-time: 103
server: ufe
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 301
date: Fri, 09 Oct 2020 04:53:17 GMT
content-type: text/html
location: /login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_disclaimer%3DFalse%26uuid%3D4b414ebf-549c-4355-9157-1fcbf879e79c%26organization_domain%3Dcaleres.com%26action%3Dredeem-employee-invite%26encrypted_params%3DA8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%253D%253D%26decentralized%3DTrue%26utm_medium%3Demail%26utm_campaign%3DNA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%26utm_source%3DET%26signature_expiry%3D1602219796%26signature%3Dc37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
x-uber-edge: e4-dca1:w:10
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: max-age=0
timing-allow-origin: *
x-envoy-upstream-service-time: 96
vary: Accept-Encoding
content-encoding: gzip
server: ufe
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST _events
biz.uber.com/ 0
0

GET
H2 200 u4b-104ae7a73d.css
d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/stylesheets/ 280 KB
139 KB 172ms
74ms Stylesheet
text/css 65.9.94.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/stylesheets/u4b-104ae7a73d.css
Requested by: Host: auth.uber.com
URL: https://auth.uber.com/login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_disclaimer%3DFalse%26uuid%3D4b414ebf-549c-4355-9157-1fcbf879e79c%26organization_domain%3Dcaleres.com%26action%3Dredeem-employee-invite%26encrypted_params%3DA8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%253D%253D%26decentralized%3DTrue%26utm_medium%3Demail%26utm_campaign%3DNA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%26utm_source%3DET%26signature_expiry%3D1602219796%26signature%3Dc37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.152 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2967a5c8e6b9b4217c1579ed3b00285c238a430f3dd72e8a66cff991d87136e4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 08:22:44 GMT
content-encoding: gzip
age: 1974634
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 141864
last-modified: Tue, 15 Sep 2020 22:12:05 GMT
server: AmazonS3
etag: "3c92e433d02faae1e2f6feb420cd7f7d"
x-amz-version-id: E1yXLhSMo_QNhWNgKdQ8I5SXiO7mIeAL
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: ObJ72VdKePIY32KDqWJ0Q-PPQdX71O3-eIYxRNGAe5jMkv9mSDj1SA==

GET
H2 200 uber-logo-black-f182f21d3e.svg
d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/u4b/ 1 KB
1011 B 147ms
132ms Image
image/svg+xml 65.9.94.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/u4b/uber-logo-black-f182f21d3e.svg
Requested by: Host: auth.uber.com
URL: https://auth.uber.com/login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_disclaimer%3DFalse%26uuid%3D4b414ebf-549c-4355-9157-1fcbf879e79c%26organization_domain%3Dcaleres.com%26action%3Dredeem-employee-invite%26encrypted_params%3DA8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%253D%253D%26decentralized%3DTrue%26utm_medium%3Demail%26utm_campaign%3DNA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%26utm_source%3DET%26signature_expiry%3D1602219796%26signature%3Dc37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.152 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff6fdbeaa671c4fd3b61054f75446a5a7e185f0ed573f0bd215d6010283889a4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 08:22:45 GMT
content-encoding: gzip
age: 1974633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 569
last-modified: Tue, 15 Sep 2020 22:12:05 GMT
server: AmazonS3
etag: "bb765c6bbf666f66affee8bf522eac5f"
x-amz-version-id: k6Hn1tjpJHHqpJg52ejf4TkOYqrlauip
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: gLhmwL1XGqTPSTeHFH28aiyZUdzvsTEPvOCnnrqT0azTDHOwmMG9pw==

GET
H2 200 main-2beb385ac0.js Show response
d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/ 2 MB
475 KB 48ms
47ms Script
application/javascript 65.9.94.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js
Requested by: Host: auth.uber.com
URL: https://auth.uber.com/login/?next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FXJNJAAhXFcP4%3Forganization_name%3DCaleres%2520Travel%26show_pp%3DTrue%26confirmation_token%3DXJNJAAhXFcP4%26show_tier_disclaimer%3DFalse%26uuid%3D4b414ebf-549c-4355-9157-1fcbf879e79c%26organization_domain%3Dcaleres.com%26action%3Dredeem-employee-invite%26encrypted_params%3DA8d526EbB1aOQ2wxzZpvzWYTRoSKkuhkBQPxElF745ygbGxj22zxR8qz8k7gOguFk0mdI6UCUI89ofInFnDNHx_L11w_4O5PW1Glnl2b0CG_-MCnnQn9UQX5UJ9-LA-OtkpaflpgMwI0UdhOs7Of509cf6KruDV2dT7nYqPOQT1N49z1oJEf5zDkwIVNJn8lRL51IUKAEKADf47GlLIauQ%253D%253D%26decentralized%3DTrue%26utm_medium%3Demail%26utm_campaign%3DNA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%26utm_source%3DET%26signature_expiry%3D1602219796%26signature%3Dc37dbf9ca1eaac2ed3464e2b53be6dfccaba7db4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.152 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa57032703f17577059828b8ff12f4b5f5a8212ccf9aaf7ddad504c964a34566

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 18:16:33 GMT
content-encoding: gzip
age: 38205
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 485904
last-modified: Mon, 28 Sep 2020 21:35:08 GMT
server: AmazonS3
etag: "8b0f249df1ecd53575424bd1a3a0ab24"
x-amz-version-id: cKkBB56uh9DQo1MBXrdHP.zhR6f4B.Ct
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: C6NPH98PA9aMJy9-UyKTJP9PsB5GCe4wF8om90m4X3OljXm3lEPaPw==

GET
H2 200 UberMoveText-Regular.woff
d1a3f4spazzrp4.cloudfront.net/fonts/ 35 KB
36 KB 173ms
83ms Font
application/font-woff 65.9.94.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1a3f4spazzrp4.cloudfront.net/fonts/UberMoveText-Regular.woff
Requested by: Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/stylesheets/u4b-104ae7a73d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.152 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62ff4acf7e27da485bd83c17495b95c95f009dbf8cd5a382331adf2bfdc9b739

Request headers

Origin: https://auth.uber.com
Referer: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/stylesheets/u4b-104ae7a73d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 05:18:14 GMT
via: 1.1 77d19519a1c9ed821ab469548b9d17f5.cloudfront.net (CloudFront)
vary: Origin
age: 84905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 35924
last-modified: Tue, 11 Sep 2018 20:30:13 GMT
server: AmazonS3
etag: "2c945e254be87b34b97c753ddf9eb744"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: GufFgWXaFCa5147uF4Iy5MYngfUF1Vuo
access-control-allow-origin: *
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: application/font-woff
x-amz-cf-id: LPjCO0Uusmv1ULfDCcaUfFQtRHwOpoU5m5E5w5h3dJTG-Rhs_C1MaQ==

GET
H2 200 UberMoveText-Medium.woff
d1a3f4spazzrp4.cloudfront.net/fonts/ 36 KB
37 KB 188ms
98ms Font
application/font-woff 65.9.94.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1a3f4spazzrp4.cloudfront.net/fonts/UberMoveText-Medium.woff
Requested by: Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/stylesheets/u4b-104ae7a73d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.152 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc4d44c65c710ab3febcedfa56b5ff814c1d6e563eebf4968a5b04948079a6c2

Request headers

Origin: https://auth.uber.com
Referer: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/stylesheets/u4b-104ae7a73d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 21:18:54 GMT
via: 1.1 77d19519a1c9ed821ab469548b9d17f5.cloudfront.net (CloudFront)
vary: Origin
age: 27265
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 37142
last-modified: Tue, 11 Sep 2018 20:30:13 GMT
server: AmazonS3
etag: "90012306e740f7bf0772b94a28cd9926"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: zVBSW7_CmYB6eddzwHhcr2kzHGDgF2Pe
access-control-allow-origin: *
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: application/font-woff
x-amz-cf-id: v_aFgefSp8eL9cuTxciXnYtt5HgtJ-h67TjKE6HbQ9eZqlCkpnIISg==

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b57312e9203c631e4435fa1c8c6d5236ac23050dc4948ef050089e80d2425bcd

Request headers

Origin: https://auth.uber.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4abf5e9e21b5b10ef5913dac3b57b944d9d66f9278c7bc4b474df15ab85b9f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tszWpDtowkpVJD+u1epVcQ==
status: 200
cross-origin-resource-policy: cross-origin
expires: Fri, 09 Oct 2020 05:04:22 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
etag: "edf43e7b101aa497c5bf9b6b4ee6e4ac"
x-fb-debug: Lv66u+GGhEz025fkvzg2c1rzfLzkvXetLekAwgE7Kj/9V79BVmDjbk/CudKyDWy9QAXkqn+JEkyoemo/lxNIyw==
x-fb-trip-id: 664085054
x-fb-content-md5: 2c3b99f0f44062be12e35ece12901598
date: Fri, 09 Oct 2020 04:53:18 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/uber/main/prod/ 400 KB
56 KB 49ms
48ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Requested by: Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fa2c148a7c44d2eba50a72a7a5c39ddb712e1ae6a26849f470d616ac0d877f79

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 04:53:18 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 15:27:48 GMT
server: AkamaiNetStorage
etag: "85f0faf6b4ab8eabfe31a4996942da64:1602084468.17712"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 09 Oct 2020 04:58:18 GMT

GET
H/1.1 200 cc.js Show response
www.cdn-net.com/ 36 KB
37 KB 236ms
141ms Script
application/javascript 143.204.94.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn-net.com/cc.js
Requested by: Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-66.fra50.r.cloudfront.net
Software: openresty/1.11.2.3 /
Resource Hash: 39e736bc91bda2e0667bd026b23bce41d67d06b704097ed14dfb44303ae83048

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Oct 2020 04:53:18 GMT
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Server: openresty/1.11.2.3
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Cache-Control: private, no-cache, proxy-revalidate
X-IA-Request-ID: 7e2590957553f744eacec1486c345a46
Connection: keep-alive
Content-Length: 36711
X-Amz-Cf-Id: 6kRGXgg2aGnNYtrEKGrZuzb49RmP5iP-eCh_MTwV6o82NBWMoCWfWA==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
646 B 21ms
21ms Script
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7148f1285575a0733bb2fb07aff9a0b99e775c2fcc5f29c44698e73086b49e8c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 04:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Fri, 09 Oct 2020 04:53:18 GMT

POST
H3-Q050 500 / Show response
auth.uber.com/login/sentry/api/arch-frontend/store/ 14 B
145 B 170ms
170ms Fetch
text/html 34.98.127.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.uber.com/login/sentry/api/arch-frontend/store/?sentry_version=7&sentry_client=raven-js%2F3.27.0&sentry_key=uber

Requested by

Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.98.127.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.127.98.34.bc.googleusercontent.com

Software

ufe / Express

Resource Hash

5ca568fafc628943b6d6b07a9a4ea96bf960850f1f3fbec820b4307a636a26d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth.uber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 09 Oct 2020 04:53:18 GMT
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
status: 500
x-envoy-upstream-service-time: 109
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 1; mode=block
server: ufe
x-frame-options: SAMEORIGIN
etag: W/"e-9h4KTw/+E295dUvoBjxzEU/uFhA"
strict-transport-security: max-age=604800
content-type: text/html; charset=utf-8
cache-control: max-age=0
x-uber-edge: e4-dca1:w:12

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 201 KB
62 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f35a81b225630ae674a652aa52ec5476&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52247e5123ee32067277d079847c17908caf56fc8b4676f13c54222b5e2893a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://auth.uber.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2q1thdlaTrKhbMdnK+VvQg==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 62400
etag: "eefd5ceff6194dbf0b0b89ae32e632a4"
x-fb-debug: FW7J0PSG7532FgQL7s/wbdi1+MdK/kfYV8DD7AaOCnA4KcaZqLl9LtQXRlZHi+7qeKf6Ir3RJHdb0g98XM8rog==
x-fb-trip-id: 664085054
x-fb-content-md5: 716167092d7cf4ac237293757a46c698
x-frame-options: DENY
date: Fri, 09 Oct 2020 04:53:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 09 Oct 2021 04:05:48 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/48TunWH-ZrLteSwFVbw6tVnx/ 341 KB
133 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/48TunWH-ZrLteSwFVbw6tVnx/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68575ad691a70cbdbe9e806567291969d2813ac54ae3a6e26f4778ba568b522e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://auth.uber.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 04:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1967
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136438
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 17:20:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Oct 2021 04:20:31 GMT

POST
H2 200 csp
csp.uber.com/ 0
60 B 126ms
126ms Other
text/plain 104.36.195.150
UBER-PROD

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.uber.com/csp?a=arch-frontend&ro=false&v=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.36.195.150 Ashburn, United States, ASN63086 (UBER-PROD, US),

Reverse DNS

Software

ufe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 09 Oct 2020 04:53:18 GMT
x-content-type-options: nosniff
server: ufe
x-frame-options: SAMEORIGIN
status: 200
cache-control: max-age=0
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=604800
content-length: 0
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:3

GET
H2 200 6.js Show response
six.cdn-net.com/ 1 KB
1 KB 46ms
27ms Script
application/javascript 2600:1901:0:ff7::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://six.cdn-net.com/6.js
Requested by: Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:ff7:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44c69ee980344de5a3fc6c1cedcad6bc49ea0c1f11abf4d3a1caebaa27a7eba1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Oct 2020 04:53:18 GMT
via: 1.1 google
content-type: application/javascript
status: 200
cache-control: no-cache, no-store, max-age=0
alt-svc: clear
content-length: 1050

GET
H/1.1 200 et.js Show response
www.cdn-net.com/ 98 B
628 B 414ms
414ms Script
application/javascript 143.204.94.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn-net.com/et.js
Requested by: Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-66.fra50.r.cloudfront.net
Software: openresty/1.11.2.3 /
Resource Hash: abdd6621ecf466e85f32baed63905dcfc59d3f9a51909ebb45634b48e33331a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 04:53:18 GMT
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Server: openresty/1.11.2.3
X-Amz-Cf-Pop: FRA50-C1
ETag: "NjJjMzZkODQtNWNmZi00ZDUyLWE2OTEtNjk0M2NmYTQxOWUxOjE2MDIyMTkxOTg5Njk"
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Cache-Control: public, max-age=31536000
X-IA-Request-ID: 13477357ffb3864b9f5bb8d786752db8
Connection: keep-alive
Content-Length: 98
X-Amz-Cf-Id: a1FbSvAm65uo7pMTlXlxl9jxHOGLc-aU1UeVQ8X4sFaqNf8C41feKw==

POST
H3-Q050 204 udimeta Show response
auth.uber.com/login/ 0
457 B 430ms
427ms XHR
text/plain 34.98.127.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.uber.com/login/udimeta

Requested by

Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.98.127.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.127.98.34.bc.googleusercontent.com

Software

ufe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
x-csrf-token: 1602219198-01-DOYgOByKCvhMadY5Z0aJHq4Hl_7gXM1S5Qn7vAfLV-Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Fri, 09 Oct 2020 04:53:19 GMT
via: 1.1 google
x-content-type-options: nosniff
x-csrf-token: 1602219200-01-3arq8CrY9suvL-MJcqH3t0rxl9DwPbvFSBpLPtqLmy8
server: ufe
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-frame-options: SAMEORIGIN
status: 204
cache-control: max-age=0
x-envoy-upstream-service-time: 347
strict-transport-security: max-age=604800
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:10

POST
H3-Q050 200 performance_to_heatpipe Show response
auth.uber.com/login/ 2 B
117 B 236ms
232ms XHR
text/plain 34.98.127.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.uber.com/login/performance_to_heatpipe

Requested by

Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.98.127.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.127.98.34.bc.googleusercontent.com

Software

ufe / Express

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer
x-csrf-token: 1602219198-01-DOYgOByKCvhMadY5Z0aJHq4Hl_7gXM1S5Qn7vAfLV-Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Oct 2020 04:53:19 GMT
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
status: 200
x-envoy-upstream-service-time: 168
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 1; mode=block
server: ufe
x-frame-options: SAMEORIGIN
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=604800
content-type: text/plain; charset=utf-8
cache-control: max-age=0
timing-allow-origin: *
x-uber-edge: e4-dca1:w:15

POST
H3-Q050 200 _m3 Show response
auth.uber.com/login/ 0
40 B 293ms
293ms XHR
text/plain 34.98.127.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.uber.com/login/_m3

Requested by

Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.98.127.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.127.98.34.bc.googleusercontent.com

Software

ufe / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer
x-csrf-token: 1602219200-01-3arq8CrY9suvL-MJcqH3t0rxl9DwPbvFSBpLPtqLmy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Oct 2020 04:53:21 GMT
via: 1.1 google
x-content-type-options: nosniff
server: ufe
x-powered-by: Express
x-frame-options: SAMEORIGIN
status: 200
cache-control: max-age=0
x-envoy-upstream-service-time: 233
strict-transport-security: max-age=604800
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:20

POST
H3-Q050 200 _log Show response
auth.uber.com/login/ 0
53 B 272ms
271ms XHR
text/plain 34.98.127.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.uber.com/login/_log

Requested by

Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.98.127.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.127.98.34.bc.googleusercontent.com

Software

ufe / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer
x-csrf-token: 1602219200-01-3arq8CrY9suvL-MJcqH3t0rxl9DwPbvFSBpLPtqLmy8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Oct 2020 04:53:21 GMT
via: 1.1 google
x-content-type-options: nosniff
server: ufe
x-powered-by: Express
x-frame-options: SAMEORIGIN
status: 200
cache-control: max-age=0
x-envoy-upstream-service-time: 202
strict-transport-security: max-age=604800
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:15

OPTIONS
H2 204 /
events.uber.com/events/web/ Frame 0
0 336ms
326ms Other 104.36.195.150
UBER-PROD

General

Check archive.org

Show headers Download Go to

Full URL

https://events.uber.com/events/web/

Protocol

Server

104.36.195.150 Ashburn, United States, ASN63086 (UBER-PROD, US),

Reverse DNS

Software

ufe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://auth.uber.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
date: Fri, 09 Oct 2020 04:53:23 GMT
access-control-allow-headers: Accept, Content-Type, Keep-Alive, Origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://auth.uber.com
access-control-max-age: 86400
x-uber-edge: e4-dca1:w:15
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: max-age=0
x-envoy-upstream-service-time: 205
server: ufe

POST
H2 200 / Show response
events.uber.com/events/web/ 0
27 B 128ms
126ms XHR
text/plain 104.36.195.150
UBER-PROD

General

Check archive.org

Show headers Download Go to

Full URL

https://events.uber.com/events/web/

Requested by

Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.36.195.150 Ashburn, United States, ASN63086 (UBER-PROD, US),

Reverse DNS

Software

ufe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Oct 2020 04:53:23 GMT
x-content-type-options: nosniff
server: ufe
status: 200
x-frame-options: SAMEORIGIN
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://auth.uber.com
access-control-max-age: 86400
cache-control: max-age=0
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=604800
access-control-allow-headers: Accept, Content-Type, Keep-Alive, Origin
content-length: 0
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:3

OPTIONS
H2 204 /
events.uber.com/events/web/ Frame 0
0 330ms
324ms Other 104.36.195.150
UBER-PROD

General

Check archive.org

Show headers Download Go to

Full URL

https://events.uber.com/events/web/

Protocol

Server

104.36.195.150 Ashburn, United States, ASN63086 (UBER-PROD, US),

Reverse DNS

Software

ufe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://auth.uber.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
date: Fri, 09 Oct 2020 04:53:23 GMT
access-control-allow-headers: Accept, Content-Type, Keep-Alive, Origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://auth.uber.com
access-control-max-age: 86400
x-uber-edge: e4-dca1:w:15
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: max-age=0
x-envoy-upstream-service-time: 205
server: ufe

POST
H2 200 / Show response
events.uber.com/events/web/ 0
65 B 472ms
435ms XHR
text/plain 104.36.195.150
UBER-PROD

General

Check archive.org

Show headers Download Go to

Full URL

https://events.uber.com/events/web/

Requested by

Host: d1a3f4spazzrp4.cloudfront.net
URL: https://d1a3f4spazzrp4.cloudfront.net/arch-frontend/1.1.1/d1a3f4spazzrp4.cloudfront.net/javascripts/main-2beb385ac0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.36.195.150 Ashburn, United States, ASN63086 (UBER-PROD, US),

Reverse DNS

Software

ufe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Oct 2020 04:53:24 GMT
x-content-type-options: nosniff
server: ufe
status: 200
x-frame-options: SAMEORIGIN
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://auth.uber.com
access-control-max-age: 86400
cache-control: max-age=0
x-envoy-upstream-service-time: 142
strict-transport-security: max-age=604800
access-control-allow-headers: Accept, Content-Type, Keep-Alive, Origin
content-length: 0
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:12

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: biz.uber.com
URL: https://biz.uber.com/_events

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth.uber.com/	1970-01-19 21:49:22	Name: _cc Value: AYGugPpIwoimrxPfc90txpxH
.uber.com/	1970-01-19 21:49:15	Name: utag_main Value: v_id:01750bb4c34d0017e601b9a5ad020007802b707000b08$_sn:1$_ss:0$_st:1602220998436$ses_id:1602219197263%3Bexp-session$_pn:2%3Bexp-session$utm_campaign:NA-Emp-BT-DBill-EmpLink_1_crm_usc_exen_ub_ob_dp_eplk_v2%3Bexp-1604638397314$utmsource:ET%3Bexp-1604638397315$utmmedium:email%3Bexp-1604638397316
.uber.com/	1969-12-31 23:59:59	Name: auth_ga_trigger Value: main
auth.uber.com/	1970-01-19 13:23:48	Name: arch-frontend:sess Value: _oQL3slYtmL5S5la4wRVpA.aEoH5LYJR8lyl-x9XfqIQYFxocuzHVZxvILv3UO4HkI8Br2IznsFTxNrQEjUINbSOunPt7IX58Wd5XauQC3efq37yQLJ9ab9_noKDSgSmIgcc5B3G3W6QSbThXyB7pJYcs-khfyfC9grusDqqIujItaCUGjBBg1SitY26ouVhgmDp42dcCaCo7VM9rmQc18rYoQ3_SsfPiY0xVZWWm85gDxmH2uOMjdNhsz3GiyPRFKq3Ozav6choqQoNAEPytFW3ZKKMg3K38vV_6M18gdaJGSmhpnR036927NbO2k71pOkfTZ-vM_qYI72Xtkh0N_FyOacBNWQMuefKtm52dIGW0ctwhZ3y3mPHvxC-vV5pRQzTqWkPFIvxjGXcJaEhKHlLnBSOQG2KbrZ5MhKwdKqBmdfMpr_18gRIRRhz5WPc0XYDXeqrH3Uq2axAFbVZjp_UIUjq76fc-mZ0eoctzcOF_IZ7jQ_elKCK3lhIghKb1JWtvHN1dam5M5JprA2T7EA3VFOGskZI0AfLiN1Drflufh_S7I5ytmUTnUHuUhk291LM3U7r8lHfNYBxAoilaO5UlrpWhtKzkiBnl-zJp2myPYVqYRYqxL5h6XHWCAdrw2C_m_VZwXbXciGWLybLYjcRQoroWzFgeU-h68CQL8LdOW1ILXzWs7WuTxDj8dKXGj4W-pqoXWufh8av0kzqu9SJWhescIACXrcLpxBnYWhzEf0lySebuvj65bPbwcxd2FQhaGt0OMKEtEUKGDhyomss11j2h-5TVcazDIedc15Pc76WfhPg4rCtOj0l6GuOSCwPVBG2KtTV8d8_I0KZ1hW8ne4Sc_Mw10povr8BUGNi0D1u8ZUgapb3ARqmajeXNT8GnVZq9SMPmqrg6kVGMNIDnLtZRwuXtLgZFf0RBmDbP8XnibElfNytkofQ_bavSt1MWqolqz3TsDlOBO4-o0muWBqmv5wBAJxlKc7xnz-RqToVM2oDKSqXWOhdoWX5J-G3RyFh3Qh9yCWQKzOXNjPjeJ9Qo_yaREP6hu2KlyE4bA9tQ4u8u6meVZVCBVww6fT7rB6KZOiV7DWbtPfFzrJFNvfP2u7Mbkkk2q4drtczLy8FbUSEyYsuawHTNTMZxsZ2FPKX1a9fG6gLNCy6KB8VZ6AUI3g60Rr77xI0PuU_OGvmRltEm7DxQ3x68fIkENMCoQYGcSfFCdHQxaQZgUCcUH2B2rSLq4kRbelLOBEGV_qRtTscWFOkLxrgZaXS_OHv0ZtYyTF6dPzqd-vIJsOKTN9OVcr12nZv6gEHR7CMfEfq7koqspdKn5kAVZKDIc.1602219197755.1209600000.9H2IYX3RRdU1vE9HIunAUPfVQM3qlrIpaSzeubsUwpc
.uber.com/	1970-02-17 11:32:38	Name: segmentCookie Value: b
.uber.com/	1970-01-19 17:22:51	Name: optimizelyEndUserId Value: oeu1602219196989r0.8781558800032665
auth.uber.com/	1969-12-31 23:59:59	Name: privacyStatment Value: This website uses third party cookies in order to serve you relevant ads. You can opt out of third party cookies by visiting our <a target="_blank" href="https://www.uber.com/global/en/privacy/notice/">cookie statement</a>.
.uber.com/	1970-01-19 21:49:15	Name: marketing_vistor_id Value: 181b1876-d00f-476f-b79e-029807b2d1a6
.uber.com/	1970-01-19 15:13:18	Name: OPTOUTMULTI Value:
auth.uber.com/login	1969-12-31 23:59:59	Name: _ua Value: %7B%22id%22%3A%22f3e2979a-99b3-4498-b053-bd2ba5a08570%22%2C%22ts%22%3A1602219198357%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com .doubleclick.net .tealiumiq.com .demdex.net .optimizely.com; worker-src 'self'; child-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com .doubleclick.net .tealiumiq.com .demdex.net; connect-src 'self' events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net .optimizely.com www.google-analytics.com .tealiumiq.com .demdex.net https://api.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-aa89f269-7652-4380-87fc-096341bd30f1' 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com .adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net .optimizely.com .tealiumiq.com .doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.mxpnl.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a745050198.cdn.optimizely.com
auth.uber.com
biz.uber.com
cdn.optimizely.com
cdn3.optimizely.com
click.et.uber.com
connect.facebook.net
csp.uber.com
d1a3f4spazzrp4.cloudfront.net
d3i4yxtzktqr9n.cloudfront.net
events.uber.com
six.cdn-net.com
tags.tiqcdn.com
www.cdn-net.com
www.google.com
www.gstatic.com
biz.uber.com
104.111.215.136
104.36.195.150
13.224.186.2
143.204.94.66
198.245.92.61
23.43.116.208
23.8.4.210
2600:1901:0:ff7::
2a00:1450:4001:81d::2004
2a00:1450:4001:824::2003
2a02:26f0:6c00:284::13b8
2a03:2880:f01c:8012:face:b00c:0:3
34.98.127.226
65.9.94.152
0322e2b243466c529851aa65273b867ecaa1ab0c863bb476fdf95c42e5a12959
0ba42888b81195edfb7b2dafbdd9f3613a0553055fd33559b73a4f9bb530d4ac
13421ba05dd39333cddb9f65fb2627922237686b11aa9e49d90eedd0611c7780
150cb6d76b1e439925c9489ccd18dbf79c066296ee85676cfd19d993a9411484
2967a5c8e6b9b4217c1579ed3b00285c238a430f3dd72e8a66cff991d87136e4
39e736bc91bda2e0667bd026b23bce41d67d06b704097ed14dfb44303ae83048
44c69ee980344de5a3fc6c1cedcad6bc49ea0c1f11abf4d3a1caebaa27a7eba1
4abf5e9e21b5b10ef5913dac3b57b944d9d66f9278c7bc4b474df15ab85b9f0d
4b45e0cdba61e5d00bef1dc95fabe543a8e8ef8be342bce0477f729d80238c65
52247e5123ee32067277d079847c17908caf56fc8b4676f13c54222b5e2893a3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ca568fafc628943b6d6b07a9a4ea96bf960850f1f3fbec820b4307a636a26d7
62ff4acf7e27da485bd83c17495b95c95f009dbf8cd5a382331adf2bfdc9b739
68575ad691a70cbdbe9e806567291969d2813ac54ae3a6e26f4778ba568b522e
7148f1285575a0733bb2fb07aff9a0b99e775c2fcc5f29c44698e73086b49e8c
797cbfe33191480d2d42cc0895c3e8c41f6a12a24896af42012693e151a49778
83be9bcef0e1612aba49dba2443397f10d12be1dfd37c53221f2336638674dbc
9ad0d5b942e6ac6cb0e14c417b2a3b9536c8c6b11bc6d2c8bb7af552fe87a307
aa57032703f17577059828b8ff12f4b5f5a8212ccf9aaf7ddad504c964a34566
abdd6621ecf466e85f32baed63905dcfc59d3f9a51909ebb45634b48e33331a5
b57312e9203c631e4435fa1c8c6d5236ac23050dc4948ef050089e80d2425bcd
bca602087c6f7ef96c302b3ff196e838a49327859f4bed9b08b64d01dd0ecd3c
cc4d44c65c710ab3febcedfa56b5ff814c1d6e563eebf4968a5b04948079a6c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa2c148a7c44d2eba50a72a7a5c39ddb712e1ae6a26849f470d616ac0d877f79
ff6fdbeaa671c4fd3b61054f75446a5a7e185f0ed573f0bd215d6010283889a4

auth.uber.com Open in urlscan Pro 34.98.127.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

39 Requests

97 %HTTPS

36 %IPv6

8 Domains

16 Subdomains

14 IPs

5 Countries

1790 kBTransfer

6423 kBSize

10 Cookies

3 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auth.uber.com Open in urlscan Pro
34.98.127.226 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

36 %
IPv6

8
Domains

16
Subdomains

14
IPs

5
Countries

1790 kB
Transfer

6423 kB
Size

10
Cookies

39 HTTP transactions
1 data transactions