urlscan.io logo urlscan.io
SecurityTrails logo

trip.uber.com Open in urlscan Pro
34.98.127.226  Public Scan

Go To Rescan Add Verdict Report
URL: https://trip.uber.com/hjgmm0x
Submission: On February 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 35 HTTP transactions. The main IP is 34.98.127.226, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is trip.uber.com. The Cisco Umbrella rank of the primary domain is 412151.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 2nd 2023. Valid for: a year.
This is the only time trip.uber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 34.98.127.226 396982 (GOOGLE-CL...)
5 2600:9000:223... 16509 (AMAZON-02)
1 18.239.63.176 16509 (AMAZON-02)
1 2a03:2880:f08... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 130.211.34.183 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
35 8
18    34.98.127.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.127.98.34.bc.googleusercontent.com
trip.uber.com
csp.uber.com
5    2600:9000:223e:9c00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    18.239.63.176 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-63-176.ams58.r.cloudfront.net
d1a3f4spazzrp4.cloudfront.net
1    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    130.211.34.183 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.34.211.130.bc.googleusercontent.com
api-js.mixpanel.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 uber.com
trip.uber.com — Cisco Umbrella Rank: 412151
csp.uber.com — Cisco Umbrella Rank: 25591
241 KB
5 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1205
73 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
224 KB
2 mixpanel.com
api-js.mixpanel.com — Cisco Umbrella Rank: 1979
486 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 171
58 KB
1 cloudfront.net
d1a3f4spazzrp4.cloudfront.net
19 KB
0 doubleclick.net Failed
stats.g.doubleclick.net Failed
0 hotjar.com Failed
static.hotjar.com Failed
35 9
Domain Requested by
12 trip.uber.com trip.uber.com
6 csp.uber.com trip.uber.com
tags.tiqcdn.com
www.googletagmanager.com
www.google-analytics.com
5 tags.tiqcdn.com trip.uber.com
tags.tiqcdn.com
3 www.google-analytics.com www.googletagmanager.com
trip.uber.com
www.google-analytics.com
3 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
2 api-js.mixpanel.com trip.uber.com
1 connect.facebook.net tags.tiqcdn.com
1 d1a3f4spazzrp4.cloudfront.net trip.uber.com
0 stats.g.doubleclick.net Failed www.google-analytics.com
0 static.hotjar.com Failed tags.tiqcdn.com
35 10

This site contains links to these domains. Also see Links.

Domain
www.uber.com
Subject Issuer Validity Valid
*.uber.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-02 -
2024-07-31		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-21 -
2024-02-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.mixpanel.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-02-13 -
2024-03-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://trip.uber.com/hjgmm0x
Frame ID: 97F60C1D9F08FDAA1FFA608A5AC13EBF
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uber

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

94 %
HTTPS

57 %
IPv6

9
Domains

10
Subdomains

8
IPs

2
Countries

636 kB
Transfer

2286 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hjgmm0x
trip.uber.com/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
e61333a29e9bf5dc26e137f51b786062cc0fb326d0d9d2cb74c91d4fe2444103
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' 'self' https://bid.g.doubleclick.net https://*.uberinternal.com https://*.uber.com https://uber.demdex.net/ https://*.google.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net http://staticxx.facebook.com https://staticxx.facebook.com https://connect.facebook.net https://connect.facebook.com https://www.facebook.com; worker-src 'self' blob:; child-src 'self' blob:; connect-src 'self' 'self' https://events.uber.com http://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://*.gstatic.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self' 'self' https://*.uberinternal.com https://*.uber.com https://uber.demdex.net/ https://*.google.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-21dbd798-30ca-4bd9-9238-dc7c3ae084c2' 'self' https://connect.facebook.net https://connect.facebook.com https://dpm.demdex.net https://uber.demdex.net https://www.googletagmanager.com https://tags.tiqcdn.com https://toolshed.uberinternal.com http://www.google-analytics.com https://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'self' https://d1a3f4spazzrp4.cloudfront.net https://fonts.googleapis.com; img-src 'self' data: blob: http://www.google-analytics.com https://www.google-analytics.com https://*.cloudfront.net https://dc.ads.linkedin.com https://www.facebook.com https://*.google.com https://stats.g.doubleclick.net https://uconnect.tealiumiq.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.gstatic.com https://maps.googleapis.com https://csi.gstatic.com https://play.google.com; report-uri https://csp.uber.com/csp?a=share&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0
content-encoding
gzip
content-security-policy
block-all-mixed-content; frame-src 'self' 'self' https://bid.g.doubleclick.net https://*.uberinternal.com https://*.uber.com https://uber.demdex.net/ https://*.google.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net http://staticxx.facebook.com https://staticxx.facebook.com https://connect.facebook.net https://connect.facebook.com https://www.facebook.com; worker-src 'self' blob:; child-src 'self' blob:; connect-src 'self' 'self' https://events.uber.com http://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://*.gstatic.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self' 'self' https://*.uberinternal.com https://*.uber.com https://uber.demdex.net/ https://*.google.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-21dbd798-30ca-4bd9-9238-dc7c3ae084c2' 'self' https://connect.facebook.net https://connect.facebook.com https://dpm.demdex.net https://uber.demdex.net https://www.googletagmanager.com https://tags.tiqcdn.com https://toolshed.uberinternal.com http://www.google-analytics.com https://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'self' https://d1a3f4spazzrp4.cloudfront.net https://fonts.googleapis.com; img-src 'self' data: blob: http://www.google-analytics.com https://www.google-analytics.com https://*.cloudfront.net https://dc.ads.linkedin.com https://www.facebook.com https://*.google.com https://stats.g.doubleclick.net https://uconnect.tealiumiq.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.gstatic.com https://maps.googleapis.com https://csi.gstatic.com https://play.google.com; report-uri https://csp.uber.com/csp?a=share&ro=false
content-type
text/html; charset=utf-8
date
Sun, 11 Feb 2024 18:40:13 GMT
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
94
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca20:w:50331649
x-xss-protection
1; mode=block
client-main-58d2fb94ab6dfb83.js
trip.uber.com/_static/ 		197 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/_static/client-main-58d2fb94ab6dfb83.js
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
4919a0812301d55420a459b4a0447ca18466002113255e80741ae33e2a82427c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/hjgmm0x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Thu, 08 Feb 2024 17:54:45 GMT
via
1.1 google
age
261928
x-tb-source
terrablob
x-envoy-upstream-service-time
197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48266
x-xss-protection
1; mode=block
last-modified
Thu, 08 Feb 2024 09:51:14 GMT
server
ufe
etag
"c70f3918412b5dc8fd3a29df934dbc65"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-uber-edge
e4-dca18:w:218103808
client-vendor-01a29703d26cf187.js
trip.uber.com/_static/ 		463 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/_static/client-vendor-01a29703d26cf187.js
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
71cea46e51629450074e550cee745857751e84f8386d7addb2c3e62919cd70ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/hjgmm0x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 google
x-envoy-upstream-service-time
84
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134822
x-xss-protection
1; mode=block
last-modified
Thu, 08 Feb 2024 09:51:15 GMT
server
ufe
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
timing-allow-origin
*
x-uber-edge
e4-dca11:w:167772164
client-runtime-e81c1b6f56d6528b.js
trip.uber.com/_static/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/_static/client-runtime-e81c1b6f56d6528b.js
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
98bcabd77603744099294fe0e3416e6edaaa50563440d056569aaa327b430b03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/hjgmm0x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Wed, 07 Feb 2024 15:00:28 GMT
via
1.1 google
age
358785
x-envoy-upstream-service-time
85
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1591
x-xss-protection
1; mode=block
last-modified
Sat, 03 Feb 2024 02:43:58 GMT
server
ufe
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
timing-allow-origin
*
x-uber-edge
e4-dca18:w:234881030
utag.js
tags.tiqcdn.com/utag/uber/main/prod/ 		381 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e96c16346c7c17120c9f3d56b3d127d40920a6f22666c779048553767efca973

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
ACX4wpAOHm6RuSlNR8UyDD7m7ZGo2oiw
content-encoding
br
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
date
Sun, 11 Feb 2024 18:35:43 GMT
last-modified
Thu, 08 Feb 2024 16:21:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
290
x-amz-server-side-encryption
AES256
etag
W/"da61b6ae48c539e3ab9beb113733e41a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
mtBb-VgtxrQ8riB0NsJNfOOXHoVZgnEmjRC7_TVFrfXFgEFLw5a9RA==
276edd4275dda838.woff2
trip.uber.com/_static/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/_static/276edd4275dda838.woff2
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
2765e5c2c468806af5fe1528e57116042b49a24790d8a0111615b1bcedfe13e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/hjgmm0x
Origin
https://trip.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:40:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
x-envoy-upstream-service-time
85
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28696
x-xss-protection
1; mode=block
last-modified
Thu, 08 Feb 2024 09:51:15 GMT
server
ufe
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
x-uber-edge
e4-dca24:w:587202563
superfine.css
d1a3f4spazzrp4.cloudfront.net/superfine/6.2.3/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1a3f4spazzrp4.cloudfront.net/superfine/6.2.3/superfine.css
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-176.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52d04240c8b6bfce4a51c5488ea0f0b6d31ac55f8959b1a711bd2874b9a2606e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
Dh464yIi_DPblenBTUbJGTNqHUhz86zX
content-encoding
gzip
via
1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront)
date
Sun, 11 Feb 2024 10:04:54 GMT
last-modified
Tue, 18 Oct 2016 02:00:55 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
31872
etag
"cada4c587fffeef1d7ba166cb309561e"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
18996
x-amz-cf-id
F6fmtqg5W53SdmisyB07TglhQB2fhVvAfxq6TGQmscH4Lm4ERFUl2g==
266caf0bbd57e305.css
trip.uber.com/_static/ 		32 B
212 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/_static/266caf0bbd57e305.css
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
e7229295308872295c93bae897b851086e18bad1eceb754ac0aaeca5f758beb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/hjgmm0x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:40:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
x-envoy-upstream-service-time
87
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
1; mode=block
last-modified
Thu, 08 Feb 2024 09:51:15 GMT
server
ufe
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
timing-allow-origin
*
x-uber-edge
e4-dca23:w:553648132
ea7f9e6f8700731d.css
trip.uber.com/_static/ 		253 B
326 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/_static/ea7f9e6f8700731d.css
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
f46c469d181e3a952501285b85047bf0a3c131456abe4d5e82d05250a2fbbe85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/hjgmm0x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 google
x-envoy-upstream-service-time
85
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108
x-xss-protection
1; mode=block
last-modified
Thu, 08 Feb 2024 09:51:15 GMT
server
ufe
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
timing-allow-origin
*
x-uber-edge
e4-dca23:w:570425350
csp
csp.uber.com/ 		0
246 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=share&ro=false
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Feb 2024 18:40:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
82
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca24:w:587202564
csp
csp.uber.com/ 		0
63 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=share&ro=false
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
82
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca24:w:603979777
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=uber/main/202402081618&cb=1707676813997
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Sun, 11 Feb 2024 18:38:03 GMT
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
TYgrzD472ROpgQ6Byq57KxrTrvflCn3WsTdDtm-STA5tJzo2Ca2UtQ==
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 11 Feb 2024 18:40:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
wW6/Io1EBt8Fcu0wMRVfEhB2jybIPtsjFGN+roOL+5eU4+LaLTEi4AbXj/VYJlNTLMqvO5pp6cGrQZYlNcJT1g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-7157694-157
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8367183fd16098622063601dbe7b4e03273c8b19bea4895a6bc248fd6d74ed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69892
x-xss-protection
0
last-modified
Sun, 11 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 11 Feb 2024 18:40:14 GMT
utag.1637.js
tags.tiqcdn.com/utag/uber/main/prod/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.1637.js?utv=ut4.51.202402081619
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
258cc05ad24bba6816b935a5c2d927d5c6a5893f7d45dac737f87b90fd4dc8ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
LxtIaz2pQ.F3rXZMrRMmvtVwQwMzNsC2
content-encoding
gzip
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
date
Sun, 11 Feb 2024 18:36:22 GMT
last-modified
Thu, 08 Feb 2024 16:21:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
233
x-amz-server-side-encryption
AES256
etag
W/"6fce68b6cbf74b63222e9a0744620f20"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
8cxEsRPnSqkJodGAPpx_nM2dizqZEo_571M4TNUmrQUr_9jpg8j0tA==
utag.1810.js
tags.tiqcdn.com/utag/uber/main/prod/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.1810.js?utv=ut4.51.202402081619
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3b1bcb6a29ec1df812e735d01ee54009da6aa169fcb0db19947f65481eb9b4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
gUOh0XURlII9c0KjfVNKazmSiSSU0qS2
content-encoding
gzip
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
date
Sun, 11 Feb 2024 18:40:14 GMT
last-modified
Thu, 08 Feb 2024 16:21:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
13
x-amz-server-side-encryption
AES256
etag
W/"e7d1f6fa0bb789dbaf5a2203bd2e5b70"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
qZarJRJ8rVCKmR5YXVATBT55C1Gmte3cj-5EiJKu8SYvb9vfxAdcIw==
utag.1845.js
tags.tiqcdn.com/utag/uber/main/prod/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.1845.js?utv=ut4.51.202402081619
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
394b1805a46488dc7209a8055d87d57ab9daf878d221680815e809c5749fe64f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
UZJw2d1Dr1wvf56LaUDooMb5uBaa2KGz
content-encoding
gzip
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
date
Sun, 11 Feb 2024 18:35:24 GMT
last-modified
Thu, 08 Feb 2024 16:21:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
292
x-amz-server-side-encryption
AES256
etag
W/"abdc09ea56696f1596eb65a5c3171c5c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
qmBjXLV65e9oBOUiUZDIFvfQ4dUdjw5TsKXukR2JG-lnWsD719tl4Q==
csp
csp.uber.com/ 		0
62 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=share&ro=false
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
82
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca11:w:167772164
hotjar-960703.js
static.hotjar.com/c/ 		0
0
client-448-3a83c6fd419b09a3.js
trip.uber.com/_static/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/_static/client-448-3a83c6fd419b09a3.js
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/_static/client-runtime-e81c1b6f56d6528b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
1f604db0c830df75ee7d2a3654998ea270bdf29c5a209bc479285ef83f60d28b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/hjgmm0x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Jan 2024 12:40:11 GMT
via
1.1 google
age
2354403
x-envoy-upstream-service-time
87
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23674
x-xss-protection
1; mode=block
last-modified
Thu, 11 Jan 2024 00:44:25 GMT
server
ufe
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
timing-allow-origin
*
x-uber-edge
e4-dca23:w:553648131
_events
trip.uber.com/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/_events
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/_static/client-vendor-01a29703d26cf187.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/hjgmm0x
x-csrf-token
x
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type
application/json

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
82
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca22:w:536870912
syrupFetch
trip.uber.com/api/ 		97 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/api/syrupFetch?localeCode=de-DE
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/_static/client-vendor-01a29703d26cf187.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
948c5f2fac0184033105048b6659194862ddd2f4f976ead3024298c6c2d3ae98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/hjgmm0x
x-csrf-token
x
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
89
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97
x-xss-protection
1; mode=block
x-uber-edge
e4-dca18:w:218103813
/
api-js.mixpanel.com/decide/ 		65 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=3&lib=web&token=adec770be288b16d9008c964acfba5c2&distinct_id=1f84b9d6-04cb-48bc-a117-2c95ca482470&ip=1&_=1707676814115
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/_static/client-448-3a83c6fd419b09a3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
gunicorn /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
via
1.1 google
server
gunicorn
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://trip.uber.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
alt-svc
clear
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7157694-157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Feb 2024 17:30:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4172
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 11 Feb 2024 19:30:42 GMT
js
www.googletagmanager.com/gtag/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-7157694-35&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7157694-157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2420130bc92ed07506fbf4d664e705ca04ec5fe7854dedc6947b47b7e4a935d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66693
x-xss-protection
0
last-modified
Sun, 11 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 11 Feb 2024 18:40:14 GMT
js
www.googletagmanager.com/gtag/ 		269 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XTGQLY6KPT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7157694-157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd5453899e109c48837646a405c27f1a563316ce2e7a6d3de40bbe56392d72f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92190
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Feb 2024 18:40:14 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=901489518&t=pageview&_s=1&dl=https%3A%2F%2Ftrip.uber.com%2Fhjgmm0x&ul=en-us&de=UTF-8&dt=Uber&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACUABBAAAAAAAIg~&cid=1963489277.1707676814&tid=UA-7157694-157&_gid=1984875852.1707676814&gtm=457e4270za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&did=dYmQxMT&gdid=dYmQxMT&z=1040731545
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/hjgmm0x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trip.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Feb 2024 03:01:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56343
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=901489518&t=pageview&_s=1&dl=https%3A%2F%2Ftrip.uber.com%2Fhjgmm0x&dp=%2Fhjgmm0x&ul=en-us&de=UTF-8&dt=Uber&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUABBAAAACgAIg~&jid=552734669&gjid=1262310627&cid=1963489277.1707676814&tid=UA-7157694-35&_gid=1984875852.1707676814&_r=1&gtm=457e4270za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&did=dYmQxMT&gdid=dYmQxMT&cd99=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.160%20Safari%2F537.36&cd12=1f84b9d6-04cb-48bc-a117-2c95ca482470&cd112=a79d8868-593b-4a5f-960c-485d9d2dbb29&z=1840707987
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://trip.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Feb 2024 18:40:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://trip.uber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp
csp.uber.com/ 		0
62 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=share&ro=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTGQLY6KPT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
82
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca23:w:570425344
csp
csp.uber.com/ 		0
17 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=share&ro=false
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
82
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca18:w:234881024
collect
stats.g.doubleclick.net/j/ 		0
0
syrupFetch
trip.uber.com/api/ 		97 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/api/syrupFetch?localeCode=de-DE
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/_static/client-vendor-01a29703d26cf187.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
948c5f2fac0184033105048b6659194862ddd2f4f976ead3024298c6c2d3ae98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/hjgmm0x
x-csrf-token
x
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Feb 2024 18:40:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
98
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97
x-xss-protection
1; mode=block
x-uber-edge
e4-dca11:w:201326597
_events
trip.uber.com/ 		2 B
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trip.uber.com/_events
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/_static/client-main-58d2fb94ab6dfb83.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/hjgmm0x
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 11 Feb 2024 18:40:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
90
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca23:w:570425350
/
api-js.mixpanel.com/track/ 		25 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1707676819112
Requested by
Host: trip.uber.com
URL: https://trip.uber.com/_static/client-448-3a83c6fd419b09a3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://trip.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Sun, 11 Feb 2024 18:40:19 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://trip.uber.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
45
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear
csp
csp.uber.com/ 		0
17 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=share&ro=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTGQLY6KPT&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trip.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 11 Feb 2024 18:40:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
82
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca24:w:587202562

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.hotjar.com
URL
https://static.hotjar.com/c/hotjar-960703.js?sv=6
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7157694-35&cid=1963489277.1707676814&jid=552734669&gjid=1262310627&_gid=1984875852.1707676814&_u=6GDACUABBAAAACgAIg~&z=637645467

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __FUSION_ASSET_PATH__ string| __NONCE__ object| utag_err boolean| utag_condload string| getPathingqp string| url undefined| pathNext undefined| path string| lang string| domain object| utag_data undefined| dataObject undefined| metaAttr undefined| locale undefined| attrLen string| tempLang object| utag object| _hjSettings function| hj function| getCookieValue function| getParameterByName function| _tealium_old_error boolean| __tealium_twc_switch boolean| inAppFlag string| gaAccount boolean| __tealium_privacy string| GoogleAnalyticsObject function| ga string| gtagRename object| dataLayer function| gtag string| TiktokAnalyticsObject object| ttq object| flatten_utag_data object| reduxState function| fbq function| _fbq object| webpackChunkFusion function| clearImmediate function| setImmediate function| _ object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

18 Cookies

Domain/Path Name / Value
trip.uber.com/ Name: _ua
Value: {"session_id":"a79d8868-593b-4a5f-960c-485d9d2dbb29","session_time_ms":1707676813839}
.uber.com/ Name: marketing_vistor_id
Value: 1f84b9d6-04cb-48bc-a117-2c95ca482470
.uber.com/ Name: utag_main__sn
Value: 1
.uber.com/ Name: utag_main_ses_id
Value: 1707676813969%3Bexp-session
.uber.com/ Name: utag_main__pn
Value: 1%3Bexp-session
.uber.com/ Name: segmentCookie
Value: a
.uber.com/ Name: utag_main_segment
Value: a
.uber.com/ Name: utag_geo_code
Value: US
.uber.com/ Name: utag_main_optimizely_segment
Value: b
.uber.com/ Name: CONSENTMGR
Value: c1:1%7Cc2:1%7Cc3:1%7Cc4:1%7Cc5:1%7Cc6:1%7Cc7:1%7Cc8:1%7Cc9:1%7Cc10:1%7Cc11:1%7Cc12:1%7Cc13:1%7Cc14:1%7Cc15:1%7Cts:1707676813996%7Cconsent:true
.uber.com/ Name: utag_main__se
Value: 2%3Bexp-session
.uber.com/ Name: utag_main__ss
Value: 0%3Bexp-session
.uber.com/ Name: utag_main__st
Value: 1707678613998%3Bexp-session
.uber.com/ Name: mp_adec770be288b16d9008c964acfba5c2_mixpanel
Value: %7B%22distinct_id%22%3A%20%221f84b9d6-04cb-48bc-a117-2c95ca482470%22%2C%22%24device_id%22%3A%20%2218d99784b211730-0b9d3d363e93ff-603a5652-1d4c00-18d99784b221cc8%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24user_id%22%3A%20%221f84b9d6-04cb-48bc-a117-2c95ca482470%22%7D
.uber.com/ Name: _gid
Value: GA1.2.1984875852.1707676814
.uber.com/ Name: _gat_gtag_UA_7157694_35
Value: 1
.uber.com/ Name: _ga
Value: GA1.1.1963489277.1707676814
.uber.com/ Name: _ga_XTGQLY6KPT
Value: GS1.1.1707676814.1.0.1707676814.0.0.0

5 Console Messages

Source Level URL
Text
security error URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js(Line 167)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-21dbd798-30ca-4bd9-9238-dc7c3ae084c2' 'self' https://connect.facebook.net https://connect.facebook.com https://dpm.demdex.net https://uber.demdex.net https://www.googletagmanager.com https://tags.tiqcdn.com https://toolshed.uberinternal.com http://www.google-analytics.com https://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security error URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js(Line 109)
Message:
Refused to load the script 'https://static.hotjar.com/c/hotjar-960703.js?sv=6' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-21dbd798-30ca-4bd9-9238-dc7c3ae084c2' 'self' https://connect.facebook.net https://connect.facebook.com https://dpm.demdex.net https://uber.demdex.net https://www.googletagmanager.com https://tags.tiqcdn.com https://toolshed.uberinternal.com http://www.google-analytics.com https://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XTGQLY6KPT&l=dataLayer&cx=c(Line 186)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-XTGQLY6KPT&gtm=45je4270v867968683za200&_p=1707676813988&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1963489277.1707676814&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707676814&sct=1&seg=0&dl=https%3A%2F%2Ftrip.uber.com%2Fhjgmm0x&dt=Uber&dp=%2Fhjgmm0x&en=page_view&_fv=1&_ss=2&_ee=1&ep.tealium_profile=main&tfd=446' because it violates the following Content Security Policy directive: "connect-src 'self' 'self' https://events.uber.com http://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://*.gstatic.com https://api-js.mixpanel.com".
security error URL: https://www.google-analytics.com/analytics.js(Line 35)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7157694-35&cid=1963489277.1707676814&jid=552734669&gjid=1262310627&_gid=1984875852.1707676814&_u=6GDACUABBAAAACgAIg~&z=637645467' because it violates the following Content Security Policy directive: "connect-src 'self' 'self' https://events.uber.com http://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://*.gstatic.com https://api-js.mixpanel.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XTGQLY6KPT&l=dataLayer&cx=c(Line 186)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-XTGQLY6KPT&gtm=45je4270v867968683za200&_p=1707676813988&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1963489277.1707676814&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1707676814&sct=1&seg=0&dl=https%3A%2F%2Ftrip.uber.com%2Fhjgmm0x&dt=Uber&dp=%2Fhjgmm0x&en=scroll&epn.percent_scrolled=90&_et=9&tfd=5456' because it violates the following Content Security Policy directive: "connect-src 'self' 'self' https://events.uber.com http://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://*.gstatic.com https://api-js.mixpanel.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' 'self' https://bid.g.doubleclick.net https://*.uberinternal.com https://*.uber.com https://uber.demdex.net/ https://*.google.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net http://staticxx.facebook.com https://staticxx.facebook.com https://connect.facebook.net https://connect.facebook.com https://www.facebook.com; worker-src 'self' blob:; child-src 'self' blob:; connect-src 'self' 'self' https://events.uber.com http://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://*.gstatic.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self' 'self' https://*.uberinternal.com https://*.uber.com https://uber.demdex.net/ https://*.google.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-21dbd798-30ca-4bd9-9238-dc7c3ae084c2' 'self' https://connect.facebook.net https://connect.facebook.com https://dpm.demdex.net https://uber.demdex.net https://www.googletagmanager.com https://tags.tiqcdn.com https://toolshed.uberinternal.com http://www.google-analytics.com https://www.google-analytics.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'self' https://d1a3f4spazzrp4.cloudfront.net https://fonts.googleapis.com; img-src 'self' data: blob: http://www.google-analytics.com https://www.google-analytics.com https://*.cloudfront.net https://dc.ads.linkedin.com https://www.facebook.com https://*.google.com https://stats.g.doubleclick.net https://uconnect.tealiumiq.com http://d3dt5tsgfu6lcf.cloudfront.net http://dyguxp1m9tbrw.cloudfront.net https://maps.gstatic.com https://maps.googleapis.com https://csi.gstatic.com https://play.google.com; report-uri https://csp.uber.com/csp?a=share&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
connect.facebook.net
csp.uber.com
d1a3f4spazzrp4.cloudfront.net
static.hotjar.com
stats.g.doubleclick.net
tags.tiqcdn.com
trip.uber.com
www.google-analytics.com
www.googletagmanager.com
static.hotjar.com
stats.g.doubleclick.net
130.211.34.183
18.239.63.176
2600:9000:223e:9c00:7:2bfb:7c00:93a1
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a03:2880:f083:100:face:b00c:0:3
34.98.127.226
1f604db0c830df75ee7d2a3654998ea270bdf29c5a209bc479285ef83f60d28b
2420130bc92ed07506fbf4d664e705ca04ec5fe7854dedc6947b47b7e4a935d7
258cc05ad24bba6816b935a5c2d927d5c6a5893f7d45dac737f87b90fd4dc8ad
2765e5c2c468806af5fe1528e57116042b49a24790d8a0111615b1bcedfe13e0
394b1805a46488dc7209a8055d87d57ab9daf878d221680815e809c5749fe64f
4919a0812301d55420a459b4a0447ca18466002113255e80741ae33e2a82427c
52d04240c8b6bfce4a51c5488ea0f0b6d31ac55f8959b1a711bd2874b9a2606e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
71cea46e51629450074e550cee745857751e84f8386d7addb2c3e62919cd70ea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
948c5f2fac0184033105048b6659194862ddd2f4f976ead3024298c6c2d3ae98
98bcabd77603744099294fe0e3416e6edaaa50563440d056569aaa327b430b03
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
bd5453899e109c48837646a405c27f1a563316ce2e7a6d3de40bbe56392d72f9
c3b1bcb6a29ec1df812e735d01ee54009da6aa169fcb0db19947f65481eb9b4e
c8367183fd16098622063601dbe7b4e03273c8b19bea4895a6bc248fd6d74ed6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61333a29e9bf5dc26e137f51b786062cc0fb326d0d9d2cb74c91d4fe2444103
e7229295308872295c93bae897b851086e18bad1eceb754ac0aaeca5f758beb6
e96c16346c7c17120c9f3d56b3d127d40920a6f22666c779048553767efca973
f46c469d181e3a952501285b85047bf0a3c131456abe4d5e82d05250a2fbbe85