urlscan.io logo urlscan.io
SecurityTrails logo

auth.uber.com Open in urlscan Pro
34.98.127.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mobby-uber.dionisio.taggy.com.br/
Effective URL: https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997...
Submission: On August 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 32 HTTP transactions. The main IP is 34.98.127.226, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is auth.uber.com. The Cisco Umbrella rank of the primary domain is 45665.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 10th 2024. Valid for: a year.
This is the only time auth.uber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 52.188.92.126 8075 (MICROSOFT...)
1 11 34.98.127.226 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.33.187.15 16509 (AMAZON-02)
1 2600:9000:264... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.196.235.139 16625 (AKAMAI-AS)
2 35.201.81.34 396982 (GOOGLE-CL...)
1 2600:9000:264... 16509 (AMAZON-02)
1 2600:1901:0:f... 15169 (GOOGLE)
32 13
4    52.188.92.126 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mobby-uber.dionisio.taggy.com.br
11    34.98.127.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.127.98.34.bc.googleusercontent.com
login.uber.com
auth.uber.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    13.33.187.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-15.fra60.r.cloudfront.net
www.cdn-net.com
1    2600:9000:2646:f000:5:57ff:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)
uber-api.arkoselabs.com
3    2a00:1450:400c:c0c::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    23.196.235.139 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-235-139.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
2    35.201.81.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.81.201.35.bc.googleusercontent.com
cn-geo1.uber.com
1    2600:9000:2646:2400:5:57ff:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)
uber-api.arkoselabs.com
1    2600:1901:0:ff7:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
six.cdn-net.com
Apex Domain
Subdomains		 Transfer
13 uber.com
login.uber.com — Cisco Umbrella Rank: 652427
auth.uber.com — Cisco Umbrella Rank: 45665
cn-geo1.uber.com — Cisco Umbrella Rank: 4010
235 KB
4 taggy.com.br
mobby-uber.dionisio.taggy.com.br
332 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 46
87 KB
3 cdn-net.com
www.cdn-net.com — Cisco Umbrella Rank: 17605
six.cdn-net.com — Cisco Umbrella Rank: 16617
49 KB
3 googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 5014
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 420 Failed
390 B
2 arkoselabs.com
uber-api.arkoselabs.com — Cisco Umbrella Rank: 78194
26 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 5013
17 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
85 KB
0 google-analytics.com Failed
region1.google-analytics.com Failed
32 9
Domain Requested by
10 auth.uber.com mobby-uber.dionisio.taggy.com.br
auth.uber.com
4 mobby-uber.dionisio.taggy.com.br mobby-uber.dionisio.taggy.com.br
3 accounts.google.com auth.uber.com
accounts.google.com
2 cn-geo1.uber.com auth.uber.com
2 uber-api.arkoselabs.com auth.uber.com
uber-api.arkoselabs.com
2 www.cdn-net.com auth.uber.com
www.cdn-net.com
2 firebase.googleapis.com mobby-uber.dionisio.taggy.com.br
1 six.cdn-net.com www.cdn-net.com
1 appleid.cdn-apple.com auth.uber.com
1 www.googletagmanager.com mobby-uber.dionisio.taggy.com.br
1 firebaseinstallations.googleapis.com mobby-uber.dionisio.taggy.com.br
1 login.uber.com 1 redirects
0 region1.google-analytics.com Failed www.googletagmanager.com
32 13

This site contains no links.

Subject Issuer Validity Valid
uber.mobby.dionisio.taggy.com.br
R11		 2024-08-12 -
2024-11-10		 3 months crt.sh
*.uber.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-10 -
2025-06-09		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.cdn-net.com
Amazon RSA 2048 M03		 2023-10-30 -
2024-11-26		 a year crt.sh
arkoselabs.com
Amazon RSA 2048 M02		 2024-04-29 -
2025-05-28		 a year crt.sh
accounts.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2024-06-06 -
2024-12-03		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Frame ID: C74AEF63464AAF9DDE28A9354B78A1DD
Requests: 28 HTTP requests in this frame

Frame: https://uber-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
Frame ID: 90355DE0E4BCADDADA16556FE5681F53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uber

Page URL History Show full URLs

  1. https://mobby-uber.dionisio.taggy.com.br/ Page URL
  2. https://login.uber.com/oauth/v2/authorize?client_id=pcDxgywzDqLYTgc3sscJR8wGWwpT3vIm&redirect_uri=h... HTTP 302
    https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytic... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

91 %
HTTPS

58 %
IPv6

9
Domains

13
Subdomains

13
IPs

3
Countries

831 kB
Transfer

2007 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mobby-uber.dionisio.taggy.com.br/ Page URL
  2. https://login.uber.com/oauth/v2/authorize?client_id=pcDxgywzDqLYTgc3sscJR8wGWwpT3vIm&redirect_uri=https%3A%2F%2Fuber.mobby.dionisio.taggy.com.br%2Fauth&response_type=code&partner.accounts+partner.trips+partner.vehicles+vehicle_suppliers.partners.compliance+vehicle_suppliers.vehicles.read HTTP 302
    https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mobby-uber.dionisio.taggy.com.br/ 		761 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mobby-uber.dionisio.taggy.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.188.92.126 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a7fda3313d4eeb1c6ecedf04cc793af189b7355d2362380ef1bec9a218ddbb0d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
761
content-type
text/html
date
Mon, 12 Aug 2024 09:42:07 GMT
etag
"64df81b4-2f9"
last-modified
Fri, 18 Aug 2023 14:35:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
config.js
mobby-uber.dionisio.taggy.com.br/ 		406 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mobby-uber.dionisio.taggy.com.br/config.js
Requested by
Host: mobby-uber.dionisio.taggy.com.br
URL: https://mobby-uber.dionisio.taggy.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.188.92.126 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
010194416d1ac2df0b6dca732355dcc1c3fa5bd82a7d5493d657b7f518293f09
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://mobby-uber.dionisio.taggy.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:42:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 21 Jun 2024 19:43:59 GMT
accept-ranges
bytes
etag
"6675d7ff-196"
content-length
406
content-type
application/javascript
main.08edbe82.js
mobby-uber.dionisio.taggy.com.br/static/js/ 		308 KB
309 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mobby-uber.dionisio.taggy.com.br/static/js/main.08edbe82.js
Requested by
Host: mobby-uber.dionisio.taggy.com.br
URL: https://mobby-uber.dionisio.taggy.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.188.92.126 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5f0ba79c86b6f7a2266af9a6f2fc6dafe4623c2141fc28f77504808e6a5a6b4c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://mobby-uber.dionisio.taggy.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:42:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 18 Aug 2023 14:35:32 GMT
accept-ranges
bytes
etag
"64df81b4-4cfa4"
content-length
315300
content-type
application/javascript
main.039bf95e.css
mobby-uber.dionisio.taggy.com.br/static/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mobby-uber.dionisio.taggy.com.br/static/css/main.039bf95e.css
Requested by
Host: mobby-uber.dionisio.taggy.com.br
URL: https://mobby-uber.dionisio.taggy.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.188.92.126 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8bc0ac3ade72710f370c462586d7089f4ca4f46dd4160557f4b3279a95c3099e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://mobby-uber.dionisio.taggy.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:42:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 18 Aug 2023 14:35:32 GMT
accept-ranges
bytes
etag
"64df81b4-56cf"
content-length
22223
content-type
text/css
Primary Request /
auth.uber.com/v2/
Redirect Chain
  • https://login.uber.com/oauth/v2/authorize?client_id=pcDxgywzDqLYTgc3sscJR8wGWwpT3vIm&redirect_uri=https%3A%2F%2Fuber.mobby.dionisio.taggy.com.br%2Fauth&response_type=code&partner.accounts+partner.t...
  • https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%...
194 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Requested by
Host: mobby-uber.dionisio.taggy.com.br
URL: https://mobby-uber.dionisio.taggy.com.br/static/js/main.08edbe82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
69384428a6cb126686ba8f5b46600ab965cce04e3ac9788c7c818a0ba690d5d0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' https://accounts.google.com 'self' https://staticxx.facebook.com 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://*.arkoselabs.com; worker-src 'self'; child-src 'self'; connect-src 'self' https://cn-geo1.uber.com https://accounts.google.com https://*.cdn-net.com https://*.arkoselabs.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-6a6b9a39-9481-4b84-9879-845b5e804d31' https://accounts.google.com 'self' https://apis.google.com 'self' 'unsafe-eval' https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'self' https://connect.facebook.net/en_US/sdk.js 'self' https://js.braintreegateway.com/v1/braintree.js https://*.cdn-net.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://*.arkoselabs.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://accounts.google.com; report-uri https://csp.uber.com/csp?a=arch-web&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mobby-uber.dionisio.taggy.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0
content-encoding
gzip
content-security-policy
block-all-mixed-content; frame-src 'self' https://accounts.google.com 'self' https://staticxx.facebook.com 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://*.arkoselabs.com; worker-src 'self'; child-src 'self'; connect-src 'self' https://cn-geo1.uber.com https://accounts.google.com https://*.cdn-net.com https://*.arkoselabs.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-6a6b9a39-9481-4b84-9879-845b5e804d31' https://accounts.google.com 'self' https://apis.google.com 'self' 'unsafe-eval' https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'self' https://connect.facebook.net/en_US/sdk.js 'self' https://js.braintreegateway.com/v1/braintree.js https://*.cdn-net.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://*.arkoselabs.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://accounts.google.com; report-uri https://csp.uber.com/csp?a=arch-web&ro=false
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 09:42:08 GMT
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
119
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca24:w:1269820095,ufe:production-cloud-gateway:compute-0:dca24,ufe:production-cloud-ecg-l7:default:bru2
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 09:42:08 GMT
location
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
server
ufe
strict-transport-security
max-age=31536000
vary
Cookie, Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
106
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca22:w:1331244572,ufe:production-cloud-gateway:compute-0:dca22,ufe:production-cloud-ecg-l7:default:bru3
x-xss-protection
1; mode=block
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:400826774281:web:f1455fe21fbd5bc6e099d8/ 		298 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:400826774281:web:f1455fe21fbd5bc6e099d8/webConfig
Requested by
Host: mobby-uber.dionisio.taggy.com.br
URL: https://mobby-uber.dionisio.taggy.com.br/static/js/main.08edbe82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://mobby-uber.dionisio.taggy.com.br/
x-goog-api-key
AIzaSyD1za11IT7_wpziAu1qYnMgmNi27ZH-5Ig
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://mobby-uber.dionisio.taggy.com.br
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:400826774281:web:f1455fe21fbd5bc6e099d8/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:400826774281:web:f1455fe21fbd5bc6e099d8/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://mobby-uber.dionisio.taggy.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://mobby-uber.dionisio.taggy.com.br
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 12 Aug 2024 09:42:08 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/mobby-uber-voucher-seller/ 		0
0
installations
firebaseinstallations.googleapis.com/v1/projects/mobby-uber-voucher-seller/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/mobby-uber-voucher-seller/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://mobby-uber.dionisio.taggy.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://mobby-uber.dionisio.taggy.com.br
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 12 Aug 2024 09:42:08 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		237 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-YBK8EQ3EW1
Requested by
Host: mobby-uber.dionisio.taggy.com.br
URL: https://mobby-uber.dionisio.taggy.com.br/static/js/main.08edbe82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mobby-uber.dionisio.taggy.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:42:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87051
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Aug 2024 09:42:08 GMT
collect
region1.google-analytics.com/g/ 		0
0
client-main-dfdf43a4b6247428.js
auth.uber.com/v2/_static/ 		525 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_static/client-main-dfdf43a4b6247428.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
229d86b84c33cc4322b60eef5cb9acff258628a223bb7aa90e691b3cf17d0282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Origin
https://auth.uber.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Fri, 09 Aug 2024 18:18:46 GMT
via
1.1 google
age
228202
x-tb-source
terrablob
x-envoy-upstream-service-time
198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116272
x-xss-protection
1; mode=block
last-modified
Fri, 09 Aug 2024 16:18:22 GMT
server
ufe
etag
"a001275d2bc16ce1b2e3bd83a3f2f5af"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-uber-edge
e4-dca24:w:1269820095,ufe:production-cloud-gateway:compute-0:dca11,ufe:production-cloud-ecg-l7:default:bru3
client-vendor-react-7f5626b267e8d070.js
auth.uber.com/v2/_static/ 		171 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_static/client-vendor-react-7f5626b267e8d070.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
7b1daea743771caca84d5332072ef70361efb13b20aa9e05408fca1413175f03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Origin
https://auth.uber.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Wed, 07 Aug 2024 17:28:49 GMT
via
1.1 google
age
403999
x-tb-source
terrablob
x-envoy-upstream-service-time
215
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49691
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 04:45:37 GMT
server
ufe
etag
"89ea7abb733fc423b78537b35af4c831"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-uber-edge
e4-dca22:w:1328895277,ufe:production-cloud-gateway:compute-0:dca22,ufe:production-cloud-ecg-l7:default:bru1
client-vendor-fusion-89c7ed0c4d708840.js
auth.uber.com/v2/_static/ 		151 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_static/client-vendor-fusion-89c7ed0c4d708840.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
46a64d0110d27b1ee8df0b76ad744f690420fa58bcf8988c9baffe65f85bb942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Origin
https://auth.uber.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Wed, 07 Aug 2024 17:28:49 GMT
via
1.1 google
age
403999
x-tb-source
terrablob
x-envoy-upstream-service-time
205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42347
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 04:45:37 GMT
server
ufe
etag
"ae8b89d18835d17a4fa1c26955341a1c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-uber-edge
e4-dca22:w:1328895277,ufe:production-cloud-gateway:compute-0:dca23,ufe:production-cloud-ecg-l7:default:bru3
client-642-36e8ba2583339671.js
auth.uber.com/v2/_static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_static/client-642-36e8ba2583339671.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
ac0e0eb2c68b56acc021b5394580fba3aa098f6ae81f868320b03dfb16844722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Origin
https://auth.uber.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Fri, 09 Aug 2024 15:49:41 GMT
via
1.1 google
age
237147
x-envoy-upstream-service-time
89
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1043
x-xss-protection
1; mode=block
last-modified
Fri, 09 Aug 2024 09:34:50 GMT
server
ufe
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
timing-allow-origin
*
x-uber-edge
e4-dca23:w:1062110044,ufe:production-cloud-gateway:compute-0:dca23,ufe:production-cloud-ecg-l7:default:bru2
client-runtime-f2fd9587632a3abe.js
auth.uber.com/v2/_static/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_static/client-runtime-f2fd9587632a3abe.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
ebf5805f9737df7a32d9c1dfbc4f4a20ced32e504f82d75e84396a386d71be78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
Origin
https://auth.uber.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Fri, 09 Aug 2024 18:18:46 GMT
via
1.1 google
age
228202
x-tb-source
terrablob
x-envoy-upstream-service-time
207
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2329
x-xss-protection
1; mode=block
last-modified
Fri, 09 Aug 2024 16:18:23 GMT
server
ufe
etag
"0a268576e18b7138c969ed4380f0beb0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-uber-edge
e4-dca18:w:994948405,ufe:production-cloud-gateway:compute-0:dca11,ufe:production-cloud-ecg-l7:default:bru3
_events
auth.uber.com/v2/ 		2 B
22 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_events
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/_static/client-main-dfdf43a4b6247428.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
x-csrf-token
x
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 12 Aug 2024 09:42:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
87
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca23:w:1063198725,ufe:production-cloud-gateway:compute-0:dca23,ufe:production-cloud-ecg-l7:default:bru3
cc.js
www.cdn-net.com/ 		46 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn-net.com/cc.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/_static/client-main-dfdf43a4b6247428.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-15.fra60.r.cloudfront.net
Software
openresty/1.21.4.2 /
Resource Hash
cd3c8bb436ac528b734b5407eaacfb757f19385c91a9ca144717a5bcf970f48b

Request headers

Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Aug 2024 09:42:08 GMT
Via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
Server
openresty/1.21.4.2
X-Amz-Cf-Pop
FRA60-P9
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Cache-Control
private, no-cache, proxy-revalidate
X-IA-Request-ID
b8ea721f8d5295c2790ed01445901b12
Connection
keep-alive
Content-Length
47192
X-Amz-Cf-Id
rAcMe_Kc4CQVHMca4OX8ZNSAL6PaDMjUky_kbL9PSJ7AMXwas6fixg==
api.js
uber-api.arkoselabs.com/v2/30000F36-CADF-490C-929A-C6A7DD8B33C4/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uber-api.arkoselabs.com/v2/30000F36-CADF-490C-929A-C6A7DD8B33C4/api.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/_static/client-main-dfdf43a4b6247428.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:f000:5:57ff:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudfront /
Resource Hash
a39f6c840b1dc4a1dbf254e2dd5d7b828c6455ecaa34f916acdb9c5caaf257e9
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:01 GMT
content-encoding
br
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age
31568
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
capi-worker-type
cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA60-P5",cdn-rid;desc="HNM2sQsbSkinLUK4iTcHADUP4wHEmZt6Ao_IE7gO1_oNLsGYCvhPMA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jul 2024 03:14:49 GMT
server
cloudfront
etag
W/"f4996d38ad50751e7defcba7e5b54577"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=0, s-maxage=31536000
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-request-time
0
x-amz-cf-id
HNM2sQsbSkinLUK4iTcHADUP4wHEmZt6Ao_IE7gO1_oNLsGYCvhPMA==
client
accounts.google.com/gsi/ 		227 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/_static/client-main-dfdf43a4b6247428.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8cd5ded8bc5b93bb26e41f3b335dc20869fac18f76d7115afba2e7b626f6d5e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RKZLZH0zCIWqba8ZpgfAEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:42:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-RKZLZH0zCIWqba8ZpgfAEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 12 Aug 2024 09:42:08 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/_static/client-main-dfdf43a4b6247428.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.139 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-139.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Mon, 12 Aug 2024 09:42:08 GMT
Last-Modified
Tue, 30 Jul 2024 20:45:48 GMT
Server
Apple
ETag
W/"43171-1722372348510"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
get-auth-options
cn-geo1.uber.com/rt/webauthn-api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cn-geo1.uber.com/rt/webauthn-api/get-auth-options
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.81.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.81.201.35.bc.googleusercontent.com
Software
ufe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-uber-client-name,x-uber-device,x-uber-request-uuid
Access-Control-Request-Method
POST
Origin
https://auth.uber.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept, Origin, Keep-Alive, Content-Type, X-Uber-Analytics-Session-Id, X-Uber-App-Device-Id, X-Uber-App-Variant, X-Uber-Challenge-Provider, X-Uber-Challenge-Token, X-Uber-Client-Claim, X-Uber-Client-Id, X-Uber-Client-Name, X-Uber-Client-Version, X-Uber-Cold-Launch-Id, X-Uber-Dcurl, X-Uber-Device, X-Uber-Device-Epoch, X-Uber-Device-Id, X-Uber-Device-Ids, X-Uber-Device-Language, X-Uber-Device-Location-Accuracy, X-Uber-Device-Location-Altitude, X-Uber-Device-Location-Course, X-Uber-Device-Location-Latitude, X-Uber-Device-Location-Longitude, X-Uber-Device-Location-Provider, X-Uber-Device-Location-Speed, X-Uber-Device-Model, X-Uber-Device-Os, X-Uber-Device-UDID, X-Uber-Did, X-Uber-Hot-Launch-Id, X-Uber-Launch-Id, X-Uber-Marketing-Id, X-Uber-Request-UUID, X-Uber-Redirectcount, X-Uber-Privileged-Op-Url, X-Uber-Pwv-Instance-Id, X-Uber-Pwv-Client-Id, X-Uber-Sig-Status, X-Uber-Target-Location-Latitude, X-Uber-Target-Location-Longitude, X-Uber-Usl-Id, X-Uber-User-Cloud-Id, X-Uber-User-Identifier, X-Recaptcha-Token, X-Uber-Token
access-control-allow-methods
OPTIONS, GET, HEAD, POST
access-control-allow-origin
https://auth.uber.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Aug 2024 09:42:08 GMT
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
93
x-uber-edge
e4-dca22:p:1335532125,ufe:production-cloud-gateway:compute-0:dca11,ufe:production-cloud-l7:default:zrh1
x-xss-protection
1; mode=block
get-auth-options
cn-geo1.uber.com/rt/webauthn-api/ 		313 B
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cn-geo1.uber.com/rt/webauthn-api/get-auth-options
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/_static/client-main-dfdf43a4b6247428.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.81.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.81.201.35.bc.googleusercontent.com
Software
ufe /
Resource Hash
72a3ced81633738520db2b94d989ae43fc69a0dc1bcfc518d72c76c5547753b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

x-uber-client-name
usl_desktop
x-uber-device
undefined
Referer
https://auth.uber.com/
x-uber-request-uuid
d2b5073e-ab64-4c0c-bcbb-589565481393
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Aug 2024 09:42:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 google
load
q=124
x-envoy-upstream-service-time
103
x-uber-rtapi-duration
7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
x-request-id
814616c3-23ed-4669-976c-1292fc3a9739
server
ufe
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, HEAD, POST
content-type
application/json
access-control-allow-origin
https://auth.uber.com
access-control-max-age
86400
rpc-service
api-gateway-http
x-uber-app
api-gateway-http
access-control-allow-headers
Accept, Origin, Keep-Alive, Content-Type, X-Uber-Analytics-Session-Id, X-Uber-App-Device-Id, X-Uber-App-Variant, X-Uber-Challenge-Provider, X-Uber-Challenge-Token, X-Uber-Client-Claim, X-Uber-Client-Id, X-Uber-Client-Name, X-Uber-Client-Version, X-Uber-Cold-Launch-Id, X-Uber-Dcurl, X-Uber-Device, X-Uber-Device-Epoch, X-Uber-Device-Id, X-Uber-Device-Ids, X-Uber-Device-Language, X-Uber-Device-Location-Accuracy, X-Uber-Device-Location-Altitude, X-Uber-Device-Location-Course, X-Uber-Device-Location-Latitude, X-Uber-Device-Location-Longitude, X-Uber-Device-Location-Provider, X-Uber-Device-Location-Speed, X-Uber-Device-Model, X-Uber-Device-Os, X-Uber-Device-UDID, X-Uber-Did, X-Uber-Hot-Launch-Id, X-Uber-Launch-Id, X-Uber-Marketing-Id, X-Uber-Request-UUID, X-Uber-Redirectcount, X-Uber-Privileged-Op-Url, X-Uber-Pwv-Instance-Id, X-Uber-Pwv-Client-Id, X-Uber-Sig-Status, X-Uber-Target-Location-Latitude, X-Uber-Target-Location-Longitude, X-Uber-Usl-Id, X-Uber-User-Cloud-Id, X-Uber-User-Identifier, X-Recaptcha-Token, X-Uber-Token
x-uber-edge
e4-dca50:p:1665600132,ufe:production-cloud-gateway:compute-0:dca24,ufe:production-cloud-l7:default:zrh3
enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
uber-api.arkoselabs.com/v2/2.9.0/ Frame 9035 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://uber-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
Requested by
Host: uber-api.arkoselabs.com
URL: https://uber-api.arkoselabs.com/v2/30000F36-CADF-490C-929A-C6A7DD8B33C4/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:2400:5:57ff:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
30082
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=31536000, immutable
capi-worker-type
cloudfront
cf-request-time
1
content-length
977
content-security-policy
connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 03:15:10 GMT
etag
"e780abe27e9d6fe2204e7ec710091613"
last-modified
Mon, 22 Jul 2024 03:14:49 GMT
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
referrer-policy
strict-origin-when-cross-origin
server
cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA60-P5",cdn-rid;desc="UhZZqYK0rR75Fwv9JqDiidk5eZOY7bdTfpWda3KHKghnwn9-h4OJ5Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
x-amz-cf-id
UhZZqYK0rR75Fwv9JqDiidk5eZOY7bdTfpWda3KHKghnwn9-h4OJ5Q==
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-p8EF8TlTzhCkPNy_DvCdsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:42:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-p8EF8TlTzhCkPNy_DvCdsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 12 Aug 2024 09:42:08 GMT
status
accounts.google.com/gsi/ 		40 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=89939265457-enilmfbsacgcj2b7qq3sc7jc51u5b3ge.apps.googleusercontent.com&as=Fxe1eSrWu4%2FwFidUNbilyA&has_opted_out_fedcm=true
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7eb0de38a6cf42e3122070dad97214dc5869c801cec44588b0de6497e0cb2f8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7cri2EA9HTWyo-JaL_JCJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:42:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7cri2EA9HTWyo-JaL_JCJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.uber.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
6.js
six.cdn-net.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://six.cdn-net.com/6.js
Requested by
Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ff7:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
47e358919d34c0cc6ce54fbac29781b10a72d9eb19c663f9835f92c1ae50a3a3

Request headers

Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 09:42:09 GMT
cache-control
no-cache, no-store, max-age=0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1055
content-type
application/javascript
et.js
www.cdn-net.com/ 		98 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn-net.com/et.js
Requested by
Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-15.fra60.r.cloudfront.net
Software
openresty/1.21.4.2 /
Resource Hash
246ede99129f2ac14491233d00884c134dd6bc8a59b258a3f3e1205639f3e6ec

Request headers

Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:42:09 GMT
Via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
Server
openresty/1.21.4.2
X-Amz-Cf-Pop
FRA60-P9
ETag
"YmE2NGQyODMtOTU4ZC00ZDQ5LWI1OTgtYzFmZjIxNDRhNDkwOjE3MjM0NTU3MjkwNTA"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
X-IA-Request-ID
aa6498cc41d76ebf79f7e6a96b1ef805
Connection
keep-alive
Content-Length
98
X-Amz-Cf-Id
XSENZY_e8_53p8vIKG1IMnmXD0Llp6om9cq8dbrFbYRrQYsZHpLPfA==
udi-meta
auth.uber.com/v2/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/udi-meta
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/_static/client-main-dfdf43a4b6247428.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
x-csrf-token
x
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 12 Aug 2024 09:42:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
cache-control
max-age=0
x-envoy-upstream-service-time
147
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
x-uber-edge
e4-dca22:w:1326485525,ufe:production-cloud-gateway:compute-0:dca23,ufe:production-cloud-ecg-l7:default:bru3
99c4bc580c8b57b7.ico
auth.uber.com/v2/_static/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_static/99c4bc580c8b57b7.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
da7b9c9be67c8be3833c9e77f2b7a666c6d4716a7687356f6276bcc49c4fe162
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
x-content-type-options
nosniff
date
Sun, 11 Aug 2024 08:56:38 GMT
age
89131
x-envoy-upstream-service-time
89
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1150
x-xss-protection
1; mode=block
last-modified
Fri, 09 Aug 2024 16:18:31 GMT
server
ufe
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=31536000
timing-allow-origin
*
x-uber-edge
e4-dca24:w:1270751762,ufe:production-cloud-gateway:compute-0:dca11,ufe:production-cloud-ecg-l7:default:bru1
_events
auth.uber.com/v2/ 		2 B
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_events
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/_static/client-main-dfdf43a4b6247428.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?next_url=https%3A%2F%2Fauth.uber.com%2Foauth%2Fv2%2Fauthorize%3Fanalytics_session_id%3Dfa997fba-293a-4841-80ec-1ad8e95816db%26client_id%3DpcDxgywzDqLYTgc3sscJR8wGWwpT3vIm%26partner.accounts%2Bpartner.trips%2Bpartner.vehicles%2Bvehicle_suppliers.partners.compliance%2Bvehicle_suppliers.vehicles.read%3D%26redirect_uri%3Dhttps%253A%252F%252Fuber.mobby.dionisio.taggy.com.br%252Fauth%26response_type%3Dcode
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Aug 2024 09:42:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca23:w:1057037535,ufe:production-cloud-gateway:compute-0:dca24,ufe:production-cloud-ecg-l7:default:bru3
_events
auth.uber.com/v2/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
firebaseinstallations.googleapis.com
URL
https://firebaseinstallations.googleapis.com/v1/projects/mobby-uber-voucher-seller/installations
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YBK8EQ3EW1&gtm=45je4880v898640326za200&_p=1723455728352&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&_fid=fP7p3FTIDbhGZzIUp8Aasj&cid=391870004.1723455729&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723455728&sct=1&seg=0&dl=https%3A%2F%2Fmobby-uber.dionisio.taggy.com.br%2F&dt=Mobby%20-%20Uber&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=1414
Domain
auth.uber.com
URL
https://auth.uber.com/v2/_events

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| __ROUTE_PREFIX__ string| __FUSION_ASSET_PATH__ string| __NONCE__ object| webpackChunkFusion function| clearImmediate function| setImmediate object| _cc number| reactStartTime function| setupEnforcement object| arkoseLabsClientApi2e161da7 object| regeneratorRuntime object| AppleID number| __uslAppleAuthInit object| default_gsi object| _F_toggles object| google object| closure_lm_660207 object| __G_ID_CLIENT__ number| script_loaded_time object| collector object| inauthNamespace string| collectorNamespaceName object| __DEFAULT_NAMESPACE

15 Cookies

Domain/Path Name / Value
login.uber.com/oauth Name: csrf_token_v2
Value: UxadxZsYHiy3of/kV+F/6VxFbHWAD109x+eiI2Pvbuk=
.uber.com/ Name: marketing_vistor_id
Value: d155130b-fc0b-4255-a4ef-b1c5be174ffd
.taggy.com.br/ Name: _ga_YBK8EQ3EW1
Value: GS1.1.1723455728.1.0.1723455728.0.0.0
.taggy.com.br/ Name: _ga
Value: GA1.1.391870004.1723455729
auth.uber.com/ Name: _ua
Value: {"session_id":"ef01773c-8023-4c86-85f8-fb3e2b50f4ba","session_time_ms":1723455728456}
.uber.com/ Name: x-uber-analytics-session-id
Value: 9944f54c-9d1b-4802-a5ab-8484b0bd1156
.auth.uber.com/ Name: usl.territory
Value: 2441.3sWMvu59S6b3syPNruCCBb//Y8tP+uixYf5N8Db/nDI=
.uber.com/ Name: udi-id
Value: ph881TAVBFeCB8seSBUaTfoo59vR2tlH+J7/HkRpqCEpVkMYWL2UlrhSdkrBiPOHe48ojNthP5FUsuuKu4wFy7BVx/ib7MpmYPc6nxvvsI5vAJF1tpWJP05WRmzkv/IbwLX8yibYbOGNIrKDfmAYD7vjSwalSdS5jArPX2ka0SFa8l0DZxuVo9BFmz+gRNym0h53+H7Trcp3PFQOlBF/Kg==KnH3acH85/pQXqNIrU9CvA==Cp/k00t43JON1q+2uKo9kUVNqFdv29W3l4AM+uRZ/Jw=
auth.uber.com/ Name: jwt-session
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MjM0NTU3MjgsImV4cCI6MTcyMzU0MjEyOH0.LJC7m_tg9NseZnXPqxs0-JPYzlwedhuFFYwqJz67D5s
.arkoselabs.com/ Name: _cfuvid
Value: 2Tcy_EqLJ0qhYnviOGCTm_1P9sZBMu9.hAx5FSqz2z4-1717104076479-0.0.1.1-604800000
www.cdn-net.com/ Name: _cc-x
Value: YjhhZDlkNTYtMTU4Yy00ZTI2LTlkMmUtNTliNjkwNjcwM2UxOjE3MjM0NTU3Mjg4MTg
auth.uber.com/ Name: _cc
Value:
auth.uber.com/ Name: _cid_cc
Value:
.uber.com/ Name: udi-fingerprint
Value: tRoQ0AoOev6K06FVOcPpBN3JAnaXDsI/tD1A5WQEGzohrGL9Qft0eZLD8ZXqVLvufCveEbPFfp1J7xWx1/9kog==A3AgEvfpsRh8e6NcLklZ5gMvnD1XT03QKpJoCPnGyEw=
uber-api.arkoselabs.com/ Name: timestamp
Value: 172345500730199

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
appleid.cdn-apple.com
auth.uber.com
cn-geo1.uber.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
login.uber.com
mobby-uber.dionisio.taggy.com.br
region1.google-analytics.com
six.cdn-net.com
uber-api.arkoselabs.com
www.cdn-net.com
www.googletagmanager.com
auth.uber.com
firebaseinstallations.googleapis.com
region1.google-analytics.com
13.33.187.15
23.196.235.139
2600:1901:0:ff7::
2600:9000:2646:2400:5:57ff:7880:93a1
2600:9000:2646:f000:5:57ff:7880:93a1
2a00:1450:4001:809::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:828::200a
2a00:1450:400c:c0c::54
34.98.127.226
35.201.81.34
52.188.92.126
010194416d1ac2df0b6dca732355dcc1c3fa5bd82a7d5493d657b7f518293f09
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
229d86b84c33cc4322b60eef5cb9acff258628a223bb7aa90e691b3cf17d0282
246ede99129f2ac14491233d00884c134dd6bc8a59b258a3f3e1205639f3e6ec
46a64d0110d27b1ee8df0b76ad744f690420fa58bcf8988c9baffe65f85bb942
47e358919d34c0cc6ce54fbac29781b10a72d9eb19c663f9835f92c1ae50a3a3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f0ba79c86b6f7a2266af9a6f2fc6dafe4623c2141fc28f77504808e6a5a6b4c
69384428a6cb126686ba8f5b46600ab965cce04e3ac9788c7c818a0ba690d5d0
72a3ced81633738520db2b94d989ae43fc69a0dc1bcfc518d72c76c5547753b6
7b1daea743771caca84d5332072ef70361efb13b20aa9e05408fca1413175f03
7eb0de38a6cf42e3122070dad97214dc5869c801cec44588b0de6497e0cb2f8a
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8bc0ac3ade72710f370c462586d7089f4ca4f46dd4160557f4b3279a95c3099e
a39f6c840b1dc4a1dbf254e2dd5d7b828c6455ecaa34f916acdb9c5caaf257e9
a7fda3313d4eeb1c6ecedf04cc793af189b7355d2362380ef1bec9a218ddbb0d
ac0e0eb2c68b56acc021b5394580fba3aa098f6ae81f868320b03dfb16844722
cd3c8bb436ac528b734b5407eaacfb757f19385c91a9ca144717a5bcf970f48b
da7b9c9be67c8be3833c9e77f2b7a666c6d4716a7687356f6276bcc49c4fe162
e8cd5ded8bc5b93bb26e41f3b335dc20869fac18f76d7115afba2e7b626f6d5e
ebf5805f9737df7a32d9c1dfbc4f4a20ced32e504f82d75e84396a386d71be78