urlscan.io logo urlscan.io
SecurityTrails logo

auth.uber.com Open in urlscan Pro
34.98.127.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth.uber.com/login/
Effective URL: https://auth.uber.com/v2
Submission: On July 25 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 34.98.127.226, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is auth.uber.com. The Cisco Umbrella rank of the primary domain is 34913.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 30th 2022. Valid for: a year.
This is the only time auth.uber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 34.98.127.226 396982 (GOOGLE-CL...)
15 18.244.141.180 16509 (AMAZON-02)
2 18.66.97.80 16509 (AMAZON-02)
1 104.77.42.191 16625 (AKAMAI-AS)
1 2600:1901:0:d... 15169 (GOOGLE)
23 5
5    34.98.127.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.127.98.34.bc.googleusercontent.com
auth.uber.com
15    18.244.141.180 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-141-180.lhr50.r.cloudfront.net
d3i4yxtzktqr9n.cloudfront.net
2    18.66.97.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-80.fra56.r.cloudfront.net
www.cdn-net.com
1    104.77.42.191 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-42-191.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
1    2600:1901:0:d1c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
six.cdn-net.com
Apex Domain
Subdomains		 Transfer
15 cloudfront.net
d3i4yxtzktqr9n.cloudfront.net
357 KB
5 uber.com
auth.uber.com — Cisco Umbrella Rank: 34913
22 KB
3 cdn-net.com
www.cdn-net.com — Cisco Umbrella Rank: 13246
six.cdn-net.com — Cisco Umbrella Rank: 11445
45 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 4069
17 KB
23 4
Domain Requested by
15 d3i4yxtzktqr9n.cloudfront.net auth.uber.com
5 auth.uber.com 1 redirects d3i4yxtzktqr9n.cloudfront.net
2 www.cdn-net.com d3i4yxtzktqr9n.cloudfront.net
www.cdn-net.com
1 six.cdn-net.com www.cdn-net.com
1 appleid.cdn-apple.com d3i4yxtzktqr9n.cloudfront.net
23 5

This site contains no links.

Subject Issuer Validity Valid
*.uber.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-30 -
2023-10-03		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.cdn-net.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-12-28		 10 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2023-05-03 -
2023-10-29		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.uber.com/v2
Frame ID: 839690F5DDE1BC9B69B52EA982AC756E
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uber

Page URL History Show full URLs

  1. https://auth.uber.com/login/ HTTP 301
    https://auth.uber.com/v2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js

Page Statistics

23
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

441 kB
Transfer

1185 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.uber.com/login/ HTTP 301
    https://auth.uber.com/v2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request v2
auth.uber.com/
Redirect Chain
  • https://auth.uber.com/login/
  • https://auth.uber.com/v2
137 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
5b71e50bc49b1c60bd86f2e5383880c6112af3b0fc098eb5ff8fb55bb4e04e7f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' https://accounts.google.com 'self' https://staticxx.facebook.com 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; worker-src 'self'; child-src 'self'; connect-src 'self' https://cn-geo1.uber.com https://accounts.google.com https://*.cdn-net.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-a4da68cf-8828-4434-84ab-af66d88fcac4' https://accounts.google.com 'self' https://apis.google.com 'self' 'unsafe-eval' https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'self' https://connect.facebook.net/en_US/sdk.js 'self' https://js.braintreegateway.com/v1/braintree.js https://*.cdn-net.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://accounts.google.com; report-uri https://csp.uber.com/csp?a=arch-web&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0
content-encoding
gzip
content-security-policy
block-all-mixed-content; frame-src 'self' https://accounts.google.com 'self' https://staticxx.facebook.com 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; worker-src 'self'; child-src 'self'; connect-src 'self' https://cn-geo1.uber.com https://accounts.google.com https://*.cdn-net.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-a4da68cf-8828-4434-84ab-af66d88fcac4' https://accounts.google.com 'self' https://apis.google.com 'self' 'unsafe-eval' https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'self' https://connect.facebook.net/en_US/sdk.js 'self' https://js.braintreegateway.com/v1/braintree.js https://*.cdn-net.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://accounts.google.com; report-uri https://csp.uber.com/csp?a=arch-web&ro=false
content-type
text/html; charset=utf-8
date
Tue, 25 Jul 2023 14:16:10 GMT
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
103
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca22:w:352321539
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0
content-length
166
content-type
text/html
date
Tue, 25 Jul 2023 14:16:10 GMT
location
https://auth.uber.com/v2
server
ufe
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
80
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca18:w:67108867
x-xss-protection
1; mode=block
client-main-2428ca7c28b71214.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		341 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-2428ca7c28b71214.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
cfae682e6292c102baea062df5fdae1eb968c42785eaaa019e471ed4a44fcd0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 20:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
64621
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
268
content-length
84302
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jul 2023 19:42:26 GMT
server
ufe
etag
"9f2bd230466a9b7a4622955264d5742f"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
VuG4hSmneTG8oKiCXwrs5aYA2x2GY8R7bcnsWXPEfpJfmTVE7OBbiA==
x-uber-edge
e4-dca22:w:352321547
client-vendor-react-a5ad80b49d60c906.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		240 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-react-a5ad80b49d60c906.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
70ef490ca05a8adfbc4d10ca37cc292ff4776cf538d993870805d3cf30248a8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 14:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
432774
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
132
content-length
82111
x-xss-protection
1; mode=block
last-modified
Thu, 20 Jul 2023 06:08:00 GMT
server
ufe
etag
"850b561bf9aff772081fd9da4acbbfcf"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
wISIpCSEWLJsZItQWoRvdS8Altcr_QJ82aaZuGnE-JwcK8ZlRh-YPw==
x-uber-edge
e4-dca23:w:33554439
client-vendor-fusion-373c7b6ef074dba5.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-fusion-373c7b6ef074dba5.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
f6b293ac4770aaecc51dc02dc42df15c7d928f555fe872ba14a31c3edcdbab2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 14:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
432774
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
179
content-length
1551
x-xss-protection
1; mode=block
last-modified
Thu, 20 Jul 2023 06:08:00 GMT
server
ufe
etag
"46adb71b90af7283d662828cea1560dd"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
deM45HaCwupTr9Cssuj5G-g6u38lPGjzJVf3uqpv6GQP1JKd0jJkAg==
x-uber-edge
e4-dca23:w:33554452
client-2443-901e6731701e62c6.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		132 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-2443-901e6731701e62c6.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
66c75208f48d2f25320013f704d3fd512025896e3d56dbf426022cd543a81cc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
408991
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
179
content-length
43594
x-xss-protection
1; mode=block
last-modified
Thu, 20 Jul 2023 18:26:52 GMT
server
ufe
etag
"2eb2537848f29b59995ba0df1a05a87d"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
-sDA4Aj2cQPO4MMLLNwWNeVbmewmFLAorQepfY8MFazmrZWYm0-1Tw==
x-uber-edge
e4-dca8:w:218103825
client-2918-b7ae7061864597bd.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-2918-b7ae7061864597bd.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
8e6ee76de684b7dd2c2c839b7c741b29f6c4a86068967c3811c0f3a6745a5475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 14:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
432769
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
505
content-length
3104
x-xss-protection
1; mode=block
last-modified
Thu, 20 Jul 2023 06:08:00 GMT
server
ufe
etag
"5749e98445886a4892952247bf686896"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
urmgTr64MIPWcFr9a1UsFSRd21x1Hw6C4Fi5TFHE07BzQE3h0F8I4A==
x-uber-edge
e4-dca23:w:33554452
client-5266-01a67d37673cbcce.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-5266-01a67d37673cbcce.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
2cbe7b98333e23727141b09da4f6873ec59eea83282205f27357b25920dc7017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 20:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
64621
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
192
content-length
5580
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jul 2023 19:42:26 GMT
server
ufe
etag
"db4b5b503bffa0f386de1ab0dc993874"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
FCdzXp4Z0_Pn8xo6-HiBnQt4PDjJIXt-W7qsp2njJ1NWpOahtcv7AA==
x-uber-edge
e4-dca23:w:33554433
client-5912-17cc332657a3cf55.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-5912-17cc332657a3cf55.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
5e631ee423af4736ead5b0f3bc57c36889983a40bc522e22e3acedf8c16b6850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 14:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
87135
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
128
content-length
4882
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jul 2023 12:27:06 GMT
server
ufe
etag
"73b820f06b9291dd104d09baa9f07c9c"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
N9T7J74eLixEdS5ePdD127qOtYUA3uTZKGfw9eoKA-ZfRQ9sH8Hm6w==
x-uber-edge
e4-dca23:w:33554433
client-8485-c7bfebd90fa19145.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-8485-c7bfebd90fa19145.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
3ab9fe7c508d5612d2943c8da90de060e25d1aaa31695e8322c7e0a10a6dd182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 14:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
87135
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
119
content-length
5651
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jul 2023 12:27:07 GMT
server
ufe
etag
"0c4bed09279e0f1decee76d55b6faeed"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
zuWbVoROQUcYD1f7QktTs0MekPq03MFxAT4l9_dIBivDOUcAiz-fwQ==
x-uber-edge
e4-dca11:w:50331656
client-920-3c2b4d61f43e3185.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-920-3c2b4d61f43e3185.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
b8cbf0b0b36c615c0ed406f62112a431e373e3729f4f89317718d7fb1d11381e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 14:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
87135
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
112
content-length
15471
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jul 2023 12:27:06 GMT
server
ufe
etag
"bc63e59b262fbd088951644c47f3c20b"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
jFi5BC20aKNVK4anxGY8OqHqj_y5DBUtAPvtTgT3iSzAYSkYsx4yFA==
x-uber-edge
e4-dca24:w:251658244
client-947-2247e943e5305c93.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-947-2247e943e5305c93.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
14b405237c47e75e6c196cfa6d9235bd623ce749876c5090bf37b19665a48d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 20:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
64621
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
161
content-length
9813
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jul 2023 19:42:26 GMT
server
ufe
etag
"85608e3d44cd2b5c4d0a0059842d13e4"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
kF_MHqE5DZYaMmQX6oVUYDpvg2s3vY9ZISffg3rAbgFYWiVQ56jtZw==
x-uber-edge
e4-dca24:w:184549378
client-9991-d109a9d696fd1974.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-9991-d109a9d696fd1974.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
19f633df966050aa24638c55904063fd68df8172b768afe159d5cd0b6b8c52d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 20:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
64621
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
186
content-length
9536
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jul 2023 19:42:26 GMT
server
ufe
etag
"c1bb6de36ba589821d9b4c0403d8dc91"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
ISkszhEPlkJN1ZnVPG_u_SDCwvNymv9M1Nbi80r-eCXk8YUJiClJ5A==
x-uber-edge
e4-dca11:w:50331654
client-runtime-066908c7d4156f1d.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-runtime-066908c7d4156f1d.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
46be1b034d78168d6aa3f92c044db928b7b862b89a42dd29e8f9c4ff0b85fcc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 20:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
64621
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
148
content-length
2822
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jul 2023 19:42:26 GMT
server
ufe
etag
"7858d3b32c84b3f9899b51a1abdb4be2"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
CXV-Np7HRu9UiHEAYXeR5lQ8fGLN6u-7OmOtMIzqJe4dCb-D7cS50w==
x-uber-edge
e4-dca24:w:251658245
816252b1ce5a5050.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/816252b1ce5a5050.woff2
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
4927e04442677656c87e761f24d15f970516a75a88096536426a5c9325ef5ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 17:54:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
73287
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
6
content-length
32596
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jul 2023 22:24:26 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
S6GfTabHfmEWRTnG1i7eM0kJ0hh73yD0ukzoZEiyVsqflmSFQ6uBIw==
x-uber-edge
e4-dca8:w:150994949
df4998612acf89b1.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/df4998612acf89b1.woff2
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
3576315cd3d7d61ebb88904b9ecc12d4c71068753e90813efc628e8574255c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 01:37:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
131945
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
5
content-length
26584
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jul 2023 22:24:26 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
Ju-EOOiT9r-Ckdg3NCXmBZYGfzzC2XimCkqii5bODW55MDEyImSVfQ==
x-uber-edge
e4-dca11:w:100663303
cf91dd9830a4bf06.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/cf91dd9830a4bf06.woff2
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.141.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-141-180.lhr50.r.cloudfront.net
Software
ufe /
Resource Hash
e47350f76dfe82a97ab9d7104741da2fe4a96d1a63cd0599e095af351feff0a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 23:57:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
397108
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
10
content-length
27332
x-xss-protection
1; mode=block
last-modified
Thu, 20 Jul 2023 18:26:58 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
SIEOvOTX1aPZxLLVxy3GuOzj2Mc4ScwW2Y18Dv5VYPMYzUxyDmxH7w==
x-uber-edge
e4-dca8:w:218103824
_events
auth.uber.com/v2/ 		2 B
23 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_events
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-2428ca7c28b71214.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2
x-csrf-token
x
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type
application/json

Response headers

date
Tue, 25 Jul 2023 14:16:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
85
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca11:w:100663308
cc.js
www.cdn-net.com/ 		42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn-net.com/cc.js
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-2443-901e6731701e62c6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-80.fra56.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
f7f60d81cd0a3825cbbcf3fd484d47a977a7e4d4e432de15dfa2eefcd0753618

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jul 2023 14:16:10 GMT
Via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
Server
openresty/1.21.4.1
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Cache-Control
private, no-cache, proxy-revalidate
X-IA-Request-ID
bf69ce9ab338dd0a17dc4678601c10a6
Connection
keep-alive
Content-Length
43129
X-Amz-Cf-Id
018VIxRJxk5LvFaW1zpeVcbVNINQ0razMuyJjR2kzIBhL-i2tFQKCw==
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-2428ca7c28b71214.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.42.191 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-42-191.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Jul 2023 14:16:11 GMT
Last-Modified
Mon, 24 Jul 2023 19:26:10 GMT
Server
Apple
ETag
W/"43171-1690226770071"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
6.js
six.cdn-net.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://six.cdn-net.com/6.js
Requested by
Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d1c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
fe9b807c82474cced02cccd87188cdb6a6aecfd554da6e7bb2db425f167ce184

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 14:16:11 GMT
cache-control
no-cache, no-store, max-age=0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
content-type
application/javascript
et.js
www.cdn-net.com/ 		98 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn-net.com/et.js
Requested by
Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-80.fra56.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
56cfdf9c33eb5e05e958e72d75e3322f90c8ccb19a8d643bf4558c2d4333120c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 14:16:11 GMT
Via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
Server
openresty/1.21.4.1
X-Amz-Cf-Pop
FRA56-P2
ETag
"MDI1NzI0YjUtYjA4OS00NGVkLTk4Y2UtMGNmMjljYmIyOTlmOjE2OTAyOTQ1NzExOTg"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
X-IA-Request-ID
fec4b7dde763a495b15035a6495807e8
Connection
keep-alive
Content-Length
98
X-Amz-Cf-Id
hiPgdkQaQj7o5iVD-MU-JYjWdefde4dzmc7OZ0aROJ2WKuoURvAKAw==
udi-meta
auth.uber.com/v2/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/udi-meta
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-2428ca7c28b71214.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2
x-csrf-token
x
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type
application/json

Response headers

date
Tue, 25 Jul 2023 14:16:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
cache-control
max-age=0
x-envoy-upstream-service-time
266
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
x-uber-edge
e4-dca22:w:419430410
_events
auth.uber.com/v2/ 		2 B
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_events
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-2428ca7c28b71214.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 25 Jul 2023 14:16:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
89
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca8:w:218103815

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __ROUTE_PREFIX__ string| __FUSION_ASSET_PATH__ string| __NONCE__ object| webpackChunkFusion function| clearImmediate function| setImmediate object| _cc object| AppleID number| script_loaded_time object| collector object| inauthNamespace string| collectorNamespaceName object| __DEFAULT_NAMESPACE

9 Cookies

Domain/Path Name / Value
auth.uber.com/ Name: _ua
Value: {"session_id":"05680bf3-f7d6-46e2-a800-39cfe9ae985f","session_time_ms":1690294570315}
.uber.com/ Name: marketing_vistor_id
Value: 21207c7d-fda9-4d6c-bc38-3d2a74706e72
.uber.com/ Name: x-uber-analytics-session-id
Value: f1edf974-228a-4bfe-92cb-98efcb13b978
auth.uber.com/ Name: udi-id
Value: W/TL+yeG8uka13w5njpsEvEMqgjUhRkKDnRy5dItYrI465cXPWf18xjTnuhlrNy0br6KWnIyqzMaXNfv9p40WXwGB37TQ9wqAiWb3FHYTpEbjEO/HGjF0vzVwKQZ4t60rVUEPXxC4W9SCjAegMjJRJpGJyjX8FUCcjQodh+JLIW2ssdCQL4APIXpWZ2ToRzRa/4lBDqA7c8BVPV2ZDCr8A==Iq2PuedBnhjI3R3cGkOenw==MJjzMtfnD1W41rG63+0F5DsiR9Cxh0rkVJkW7L/2jGY=
auth.uber.com/ Name: jwt-session
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2OTAyOTQ1NzAsImV4cCI6MTY5MDM4MDk3MH0.nGl1JTkECLWYTM82iORptJRQtgetKeJhAp83Hj9gfOo
www.cdn-net.com/ Name: _cc-x
Value: MDRiMTllODEtZTNiMC00ZTkyLWJhYmMtZTE5ZWRhMjA3NTA5OjE2OTAyOTQ1NzA5NjM
auth.uber.com/ Name: _cc
Value: AZcvKuDbRLEueFQkGgcZFZQc
auth.uber.com/ Name: _cid_cc
Value: AZcvKuDbRLEueFQkGgcZFZQc
auth.uber.com/ Name: udi-fingerprint
Value: qMicW34d7fPe51yB1EN34UeEQVu9+jv2MbRmL07GTQqw5F9Uz2Dfqkl/U8uV0GUo1SRR51AH1d6rgHyNevq7zw==Djj+JUDdU1lLom+5R51VKp4oTV9uQ65X970JcqiFWaI=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' https://accounts.google.com 'self' https://staticxx.facebook.com 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; worker-src 'self'; child-src 'self'; connect-src 'self' https://cn-geo1.uber.com https://accounts.google.com https://*.cdn-net.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-a4da68cf-8828-4434-84ab-af66d88fcac4' https://accounts.google.com 'self' https://apis.google.com 'self' 'unsafe-eval' https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'self' https://connect.facebook.net/en_US/sdk.js 'self' https://js.braintreegateway.com/v1/braintree.js https://*.cdn-net.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://accounts.google.com; report-uri https://csp.uber.com/csp?a=arch-web&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appleid.cdn-apple.com
auth.uber.com
d3i4yxtzktqr9n.cloudfront.net
six.cdn-net.com
www.cdn-net.com
104.77.42.191
18.244.141.180
18.66.97.80
2600:1901:0:d1c::
34.98.127.226
14b405237c47e75e6c196cfa6d9235bd623ce749876c5090bf37b19665a48d09
19f633df966050aa24638c55904063fd68df8172b768afe159d5cd0b6b8c52d2
2cbe7b98333e23727141b09da4f6873ec59eea83282205f27357b25920dc7017
3576315cd3d7d61ebb88904b9ecc12d4c71068753e90813efc628e8574255c5c
3ab9fe7c508d5612d2943c8da90de060e25d1aaa31695e8322c7e0a10a6dd182
46be1b034d78168d6aa3f92c044db928b7b862b89a42dd29e8f9c4ff0b85fcc2
4927e04442677656c87e761f24d15f970516a75a88096536426a5c9325ef5ca6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56cfdf9c33eb5e05e958e72d75e3322f90c8ccb19a8d643bf4558c2d4333120c
5b71e50bc49b1c60bd86f2e5383880c6112af3b0fc098eb5ff8fb55bb4e04e7f
5e631ee423af4736ead5b0f3bc57c36889983a40bc522e22e3acedf8c16b6850
66c75208f48d2f25320013f704d3fd512025896e3d56dbf426022cd543a81cc8
70ef490ca05a8adfbc4d10ca37cc292ff4776cf538d993870805d3cf30248a8b
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8e6ee76de684b7dd2c2c839b7c741b29f6c4a86068967c3811c0f3a6745a5475
b8cbf0b0b36c615c0ed406f62112a431e373e3729f4f89317718d7fb1d11381e
cfae682e6292c102baea062df5fdae1eb968c42785eaaa019e471ed4a44fcd0a
e47350f76dfe82a97ab9d7104741da2fe4a96d1a63cd0599e095af351feff0a8
f6b293ac4770aaecc51dc02dc42df15c7d928f555fe872ba14a31c3edcdbab2f
f7f60d81cd0a3825cbbcf3fd484d47a977a7e4d4e432de15dfa2eefcd0753618
fe9b807c82474cced02cccd87188cdb6a6aecfd554da6e7bb2db425f167ce184