www.uber.com
Open in
urlscan Pro
69.48.218.2
Public Scan
Submitted URL: https://www.uber.com/gifts/redeem?transactionId=4b6f57c5-1c99-4b8d-9127-35a0fcc57cdd&nocache=true
Effective URL: https://www.uber.com/de/de/gift-cards/redeem/?transactionId=4b6f57c5-1c99-4b8d-9127-35a0fcc57cdd
Submission: On October 07 via api from US — Scanned from DE
Effective URL: https://www.uber.com/de/de/gift-cards/redeem/?transactionId=4b6f57c5-1c99-4b8d-9127-35a0fcc57cdd
Submission: On October 07 via api from US — Scanned from DE
Summary
This website contacted 5 IPs
in 2 countries
across 4 domains to perform 16 HTTP transactions.
The main IP is 69.48.218.2, located in
United States and
belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US.
The main domain is www.uber.com.
The Cisco Umbrella rank of the primary domain is 52277.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 10th 2024. Valid for: a year.
This is the only time www.uber.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 10th 2024. Valid for: a year.
This is the only time www.uber.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 8 | 69.48.218.2 69.48.218.2 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
| 2 | 2600:9000:238... 2600:9000:238d:3c00:7:2bfb:7c00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 4 | 108.157.194.70 108.157.194.70 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2a02:26f0:480... 2a02:26f0:480:d::210:f152 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 16 | 5 |
4
108.157.194.70
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-157-194-70.mxp53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-157-194-70.mxp53.r.cloudfront.net
| d1a3f4spazzrp4.cloudfront.net |
1
2a02:26f0:480:d::210:f152
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| www.uber-assets.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
uber.com
1 redirects
www.uber.com — Cisco Umbrella Rank: 52277 |
445 KB |
| 4 |
cloudfront.net
d1a3f4spazzrp4.cloudfront.net |
116 KB |
| 2 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1314 |
42 KB |
| 1 |
uber-assets.com
www.uber-assets.com — Cisco Umbrella Rank: 90047 |
3 KB |
| 16 | 4 |
| Domain | Requested by | |
|---|---|---|
| 8 | www.uber.com |
1 redirects
www.uber.com
|
| 4 | d1a3f4spazzrp4.cloudfront.net |
www.uber.com
|
| 2 | tags.tiqcdn.com |
www.uber.com
tags.tiqcdn.com |
| 1 | www.uber-assets.com | |
| 16 | 4 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| merchants.ubereats.com |
| www.uberhealth.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.uber.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-06-10 - 2025-06-09 |
a year | crt.sh |
| tags.tiqcdn.com Amazon RSA 2048 M02 |
2024-03-19 - 2025-04-17 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2024-07-30 - 2025-07-03 |
a year | crt.sh |
| www.uber-assets.com E6 |
2024-09-05 - 2024-12-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.uber.com/de/de/gift-cards/redeem/?transactionId=4b6f57c5-1c99-4b8d-9127-35a0fcc57cdd
Frame ID: 0321DC41BEEEB242127567BA22C658C6
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Seite nicht gefunden | UberPage URL History Show full URLs
-
https://www.uber.com/gifts/redeem?transactionId=4b6f57c5-1c99-4b8d-9127-35a0fcc57cdd&nocache=true
HTTP 301
https://www.uber.com/de/de/gift-cards/redeem/?transactionId=4b6f57c5-1c99-4b8d-9127-35a0fcc57cdd Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://merchants.ubereats.com/
Title: Uber Eats für Händler aufrufen
Title: Uber Eats für Händler aufrufen
Search URL Search Domain Scan URL
URL: https://www.uberhealth.com/
Title: Uber Health aufrufen
Title: Uber Health aufrufen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.uber.com/gifts/redeem?transactionId=4b6f57c5-1c99-4b8d-9127-35a0fcc57cdd&nocache=true
HTTP 301
https://www.uber.com/de/de/gift-cards/redeem/?transactionId=4b6f57c5-1c99-4b8d-9127-35a0fcc57cdd Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.uber.com/de/de/gift-cards/redeem/ Redirect Chain
|
120 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/uber/main/prod/ |
244 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
client-main-af2f6158f2715745.js
www.uber.com/_static/ |
1 MB 211 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
client-vendor-7190ce5373b9b712.js
www.uber.com/_static/ |
662 KB 171 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
client-runtime-4f62f777e1f574ff.js
www.uber.com/_static/ |
24 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UberMove-Regular.woff2
d1a3f4spazzrp4.cloudfront.net/dotcom-assets/fonts/ |
28 KB 29 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UberMoveText-Regular.woff2
d1a3f4spazzrp4.cloudfront.net/dotcom-assets/fonts/ |
28 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UberMove-Bold.woff2
d1a3f4spazzrp4.cloudfront.net/dotcom-assets/fonts/ |
28 KB 29 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
_uwa
www.uber.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
getCurrentUser
www.uber.com/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 431 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
_track
www.uber.com/ |
104 B 384 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
99c4bc580c8b57b7.ico
www.uber.com/_static/ |
1 KB 477 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
99c4bc580c8b57b7.ico
www.uber.com/_static/ |
1 KB 0 |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UberMoveText-Medium.woff2
d1a3f4spazzrp4.cloudfront.net/dotcom-assets/fonts/ |
29 KB 29 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
page-not-found-desktop.jpg
www.uber-assets.com/image/upload/f_auto,q_auto:eco,c_fill,h_698,w_558/v1594147723/dotcom/ |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.uber.com
- URL
- https://www.uber.com/_uwa
- Domain
- www.uber.com
- URL
- https://www.uber.com/api/getCurrentUser?localeCode=de-DE
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webVitals object| __marketing_uclick_link__ string| __FUSION_ASSET_PATH__ object| webpackChunkFusion function| clearImmediate function| setImmediate function| UrateWidget object| core function| filterCSS function| filterXSS function| renderURateForm object| utag_err string| getPathingqp string| url string| lang string| domain object| utag_data string| tempLang object| utag object| _hjSettings function| hj function| getCookieValue function| getParameterByName function| _tealium_old_error string| gaAccount string| gtagRename object| dataLayer function| gtag string| TiktokAnalyticsObject object| ttq object| flatten_utag_data object| reduxState11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.uber.com/ | Name: _ua Value: {"session_id":"5261a865-8c1b-481d-8a96-3689384554b9","session_time_ms":1728312878403} |
|
| .uber.com/ | Name: marketing_vistor_id Value: 20ba3d22-a799-4b0b-8f56-facbeef56beb |
|
| www.uber.com/ | Name: jwt-session Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7InNsYXRlLWV4cGlyZXMtYXQiOjE3MjgzMTQ2Nzg0MDR9LCJpYXQiOjE3MjgzMTI4NzgsImV4cCI6MTcyODM5OTI3OH0.8ZXuEgYzKoW29wAyz7jT2fjtgWYyDX0knBqqSIU9Ak4 |
|
| .uber.com/ | Name: __cf_bm Value: CVFNvXKCTF_fe3zpEL5T3QxS1zfFDTIAZIRoJiF1H6k-1728312878-1.0.1.1-7g7W9Otl6XkrDQSc_0V_0KjPEz._YtZGXKv4NxwLZUFPQ4tPr_QIfaE2zI0ocU.pKT.qqPhwqkkgyMZbIry9LQ |
|
| .www.uber.com/ | Name: uber_sites_geolocalization Value: {%22best%22:{%22localeCode%22:%22de-DE%22%2C%22countryCode%22:%22DE%22%2C%22territoryId%22:330%2C%22territorySlug%22:%22frankfurt%22%2C%22territoryName%22:%22Frankfurt%22}%2C%22url%22:{%22localeCode%22:%22de-DE%22%2C%22countryCode%22:%22DE%22}%2C%22user%22:{%22countryCode%22:%22DE%22%2C%22territoryId%22:330%2C%22productGeofenceUUID%22:%222474b133-f7bd-4f8e-a9a4-0b98fd9f16e2%22%2C%22territoryGeoJson%22:[[{%22lat%22:50.993679%2C%22lng%22:6.3801689}%2C{%22lat%22:50.993679%2C%22lng%22:11.0439491}%2C{%22lat%22:49.4742813%2C%22lng%22:11.0439491}%2C{%22lat%22:49.4742813%2C%22lng%22:6.3801689}]]%2C%22territoryGeoPoint%22:{%22latitude%22:50.1109%2C%22longitude%22:8.6821}%2C%22territorySlug%22:%22frankfurt%22%2C%22territoryName%22:%22Frankfurt%22%2C%22localeCode%22:%22de-DE%22}} |
|
| .uber.com/ | Name: utag_main__sn Value: 1 |
|
| .uber.com/ | Name: utag_main__se Value: 1%3Bexp-session |
|
| .uber.com/ | Name: utag_main__ss Value: 1%3Bexp-session |
|
| .uber.com/ | Name: utag_main__st Value: 1728314679453%3Bexp-session |
|
| .uber.com/ | Name: utag_main_ses_id Value: 1728312879453%3Bexp-session |
|
| .uber.com/ | Name: utag_main__pn Value: 1%3Bexp-session |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | frame-ancestors 'self' 'self' blob: d1a3f4spazzrp4.cloudfront.net d1w2poirtb3as9.cloudfront.net d3i4yxtzktqr9n.cloudfront.net d1nyezh1ys8wfo.cloudfront.net d3i4yxtzktqr9n.cloudfront.net *.altrulabs.com *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.google.com *.hotjar.com *.hotjar.io *.hotjar.net *.snapchat.com *.qualtrics.com *.youtube.com analytics.pangle-ads.com analytics.tiktok.com api.company-target.com app.acuityscheduling.com atag.adgile.media *.bing.com maps.googleapis.com px.ads.linkedin.com s.company-target.com sc-static.net/scevent.min.js snap.licdn.com static.ads-twitter.com tag-logger.demandbase.com tag.demandbase.com/e353a7a2a87d1338.min.js tags.srv.stackadapt.com tags.tiqcdn.com *.mutinycdn.com https://www.googleadservices.com/pagead/ tb-static.uber.com/prod/uber-static/uber-sites/all-live-pages.json tracking.intentsify.io translate.googleapis.com uber.formstack.com uber.zappy-ride.com usage-us.talentplatform.com google-analytics.com google.fr google.ca googletagmanager.com *.yimg.jp *.yjtag.jp jometer.com *.amazon-adsystem.com *.uber.com *.yahoo.co.jp *.clarity.ms *.taboola.com block.opendns.com t.co *.uber-assets.com *.uberinternal.com *.twitter.com *.jometer.com *.ibb.co id.rlcdn.com jotrack.s3.amazonaws.com cur.cursors-4u.net *.gstatic.com google.co.in/pagead s.yimg.com/wi/ytc.js sp.analytics.yahoo.com redditstatic.com/ads/pixel.js alb.reddit.com/rp.gif s3.amazonaws.com/jotrack https://dx.mountain.com/spx https://gs.mountain.com/gs https://px.mountain.com/st 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 live.rezync.com/sync live.rezync.com/pixel idsync.rlcdn.com/ p.rfihub.com/ js.driftt.com https://munchkin.marketo.net/munchkin.js https://munchkin.marketo.net/163/munchkin.js https://js.adsrvr.org/up_loader.1.1.0.js https://tag.demandbase.com/8fd99f526b0979ce.min.js https://insight.adsrvr.org/ https://js.adsrvr.org/universal_pixel.1.1.3.js https://match.adsrvr.org *.mktoresp.com wss://*.hotjar.com https://app.mutinyhq.com report-uri https://csp.uber.com/csp?a=uber-sites&ro=false |
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d1a3f4spazzrp4.cloudfront.net
tags.tiqcdn.com
www.uber-assets.com
www.uber.com
www.uber.com
108.157.194.70
2600:9000:238d:3c00:7:2bfb:7c00:93a1
2a02:26f0:480:d::210:f152
69.48.218.2
0ba42888b81195edfb7b2dafbdd9f3613a0553055fd33559b73a4f9bb530d4ac
37476a39bcdd76badd1f81db375d2735b42139755f73ddbce9be806d9c9ad948
4b45e0cdba61e5d00bef1dc95fabe543a8e8ef8be342bce0477f729d80238c65
6128e6813f444888bddfadd66a305d601260976df06f4bf31f1045ffa68e9340
6e9a45290394275a203710661831d98d7778cb1d40491b20533055576de83387
85b770d1fe08a29a4536d82540c4f36a41d05f48bcee4ada6ffc4d4ecd051cf1
8944e8a4ff83dee713972f43ae2f32011c83aaed244c3a352c554712588eb29d
9110d9b5a3b0c9784acd54eac3e31fefb7dea9877b901c1e23c8b850537ca137
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b0109743b5dd2f78b70d19bd457826aa6d90c7c11cc7f0763ad38f8d7162a2e4
d1064c000358db07cbbcae919bb0132d29a49357df9b4467aa37aa5ceb5040b0
da7b9c9be67c8be3833c9e77f2b7a666c6d4716a7687356f6276bcc49c4fe162
ebcd3c48a297e5397bc61b75bb099badd8c90a1d3c9545aa1cd03ab1cf5aaab4