Submitted URL: http://redeem.uber.com/public
Effective URL: https://redeem.uber.com/public
Submission: On August 26 via manual from FR — Scanned from FR

Summary

This website contacted 18 IPs in 3 countries across 18 domains to perform 66 HTTP transactions. The main IP is 104.36.192.148, located in Ashburn, United States and belongs to UBER-PROD, US. The main domain is redeem.uber.com. The Cisco Umbrella rank of the primary domain is 476552.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 2nd 2023. Valid for: a year.
This is the only time redeem.uber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
12 uber.com
redeem.uber.com — Cisco Umbrella Rank: 476552
csp.uber.com — Cisco Umbrella Rank: 25463
21 KB
8 cloudfront.net
d3i4yxtzktqr9n.cloudfront.net
814 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
429 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
region1.google-analytics.com — Cisco Umbrella Rank: 2412
24 KB
5 google.fr
www.google.fr — Cisco Umbrella Rank: 16525
886 B
5 google.com
www.google.com — Cisco Umbrella Rank: 2
886 B
5 doubleclick.net
ad.doubleclick.net Failed
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
7 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1149
84 KB
3 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 767
a745050198.cdn.optimizely.com — Cisco Umbrella Rank: 194231
logx.optimizely.com — Cisco Umbrella Rank: 1446
93 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
88 KB
1 mixpanel.com
api-js.mixpanel.com
371 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 772
5 KB
1 tealiumiq.com
collect.tealiumiq.com — Cisco Umbrella Rank: 3376
511 B
0 facebook.com Failed
www.facebook.com Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 oribi.io Failed
cdn.linkedin.oribi.io Failed
0 criteo.com Failed
dynamic.criteo.com Failed
0 bing.com Failed
bat.bing.com Failed
66 18
Domain Requested by
9 csp.uber.com tags.tiqcdn.com
redeem.uber.com
snap.licdn.com
8 d3i4yxtzktqr9n.cloudfront.net redeem.uber.com
d3i4yxtzktqr9n.cloudfront.net
6 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
5 www.google.fr redeem.uber.com
5 www.google.com redeem.uber.com
5 www.google-analytics.com tags.tiqcdn.com
www.google-analytics.com
redeem.uber.com
4 googleads.g.doubleclick.net www.googletagmanager.com
4 tags.tiqcdn.com redeem.uber.com
tags.tiqcdn.com
3 redeem.uber.com 1 redirects d3i4yxtzktqr9n.cloudfront.net
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
1 api-js.mixpanel.com d3i4yxtzktqr9n.cloudfront.net
1 region1.google-analytics.com www.googletagmanager.com
1 logx.optimizely.com cdn.optimizely.com
1 stats.g.doubleclick.net www.google-analytics.com
1 snap.licdn.com tags.tiqcdn.com
1 collect.tealiumiq.com tags.tiqcdn.com
1 a745050198.cdn.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com redeem.uber.com
0 www.facebook.com Failed redeem.uber.com
0 px.ads.linkedin.com Failed redeem.uber.com
0 cdn.linkedin.oribi.io Failed snap.licdn.com
0 ad.doubleclick.net Failed redeem.uber.com
0 dynamic.criteo.com Failed tags.tiqcdn.com
0 bat.bing.com Failed tags.tiqcdn.com
redeem.uber.com
66 24

This site contains links to these domains. Also see Links.

Domain
www.uber.com
Subject Issuer Validity Valid
*.uber.com
DigiCert TLS RSA SHA256 2020 CA1
2023-08-02 -
2024-07-31
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01
2023-04-18 -
2024-05-17
a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-30 -
2023-10-30
a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018
2023-02-26 -
2024-02-28
a year crt.sh
*.tealiumiq.com
Amazon RSA 2048 M01
2023-07-26 -
2024-08-23
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-06-04 -
2023-09-02
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-02-01 -
2024-01-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
www.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.google.fr
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
logx.optimizely.com
Amazon RSA 2048 M01
2023-06-24 -
2024-07-22
a year crt.sh
*.mixpanel.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-02-13 -
2024-03-15
a year crt.sh

This page contains 2 frames:

Primary Page: https://redeem.uber.com/public
Frame ID: 217391A6F0E4C618FD7A2824822C1187
Requests: 66 HTTP requests in this frame

Frame: https://a745050198.cdn.optimizely.com/client_storage/a745050198.html
Frame ID: 2335486560472D1D951F8E9D056F3824
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Uber

Page URL History Show full URLs

  1. http://redeem.uber.com/public HTTP 301
    https://redeem.uber.com/public Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

66
Requests

88 %
HTTPS

65 %
IPv6

18
Domains

24
Subdomains

18
IPs

3
Countries

1565 kB
Transfer

5274 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://redeem.uber.com/public HTTP 301
    https://redeem.uber.com/public Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request public
redeem.uber.com/
Redirect Chain
  • http://redeem.uber.com/public
  • https://redeem.uber.com/public
81 KB
20 KB
Document
General
Full URL
https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
ca8b2305935a052d253c47851d5873973f3bb61056ea97dd3245f6990393d71b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self' blob: 'self' blob: https://*.mapbox.com; child-src 'self' blob: 'self' blob: https://*.mapbox.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-efcea37a-9012-487d-a352-ae8d29fe559b' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://api.tiles.mapbox.com https://fonts.googleapis.com https://api.tiles.mapbox.com; img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=0
content-encoding
br
content-security-policy
block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self' blob: 'self' blob: https://*.mapbox.com; child-src 'self' blob: 'self' blob: https://*.mapbox.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-efcea37a-9012-487d-a352-ae8d29fe559b' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://api.tiles.mapbox.com https://fonts.googleapis.com https://api.tiles.mapbox.com; img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
content-type
text/html; charset=utf-8
date
Sat, 26 Aug 2023 01:09:01 GMT
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
15
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca22:w:352321539
x-xss-protection
1; mode=block

Redirect headers

content-length
0
date
Sat, 26 Aug 2023 01:09:00 GMT
location
https://redeem.uber.com/public
server
ufe
vary
Accept-Encoding
client-main-91a6d69eff709029.js
d3i4yxtzktqr9n.cloudfront.net/web-employee/
511 KB
141 KB
Script
General
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-main-91a6d69eff709029.js
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-175.fra53.r.cloudfront.net
Software
ufe /
Resource Hash
690d652f80d9cc41f9e82bbe480087d78bc8ed5a6370cb34983d46322463068a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
Origin
https://redeem.uber.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 10:55:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
396818
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
103
content-length
143936
x-xss-protection
1; mode=block
last-modified
Mon, 21 Aug 2023 06:45:07 GMT
server
ufe
etag
"e78fb0e4f6f24b83c8116a9533188341"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
G7MUAql4XmTSkPZh_gugifqdcmzM0GwgqEBgbHhlO3vmGyQHhG0TTw==
x-uber-edge
e4-dca24:w:251658240
client-vendor-cb0940547cec1a72.js
d3i4yxtzktqr9n.cloudfront.net/web-employee/
2 MB
552 KB
Script
General
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-vendor-cb0940547cec1a72.js
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-175.fra53.r.cloudfront.net
Software
ufe /
Resource Hash
eeea101c24bfed257cf9ac4023812128724d55f344582c10114863de59209b65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
Origin
https://redeem.uber.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 10:55:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
396818
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
144
content-length
563651
x-xss-protection
1; mode=block
last-modified
Mon, 21 Aug 2023 09:06:20 GMT
server
ufe
etag
"f6f1b6d361de86c3024758815adbc97c"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
KGC9I4L7qsGQ3v8Xg_vNVsjYyItnZhrXXMruGfXfvB6hF_eiPdJxBw==
x-uber-edge
e4-dca8:w:150994944
client-runtime-5a29ba3dc27f2a87.js
d3i4yxtzktqr9n.cloudfront.net/web-employee/
3 KB
2 KB
Script
General
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-runtime-5a29ba3dc27f2a87.js
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-175.fra53.r.cloudfront.net
Software
ufe /
Resource Hash
24a62fabdbf20a34ef1e3d30973072218f15ff22947d5c0b37715663a4af0f61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
Origin
https://redeem.uber.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 10:55:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
396818
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
107
content-length
1768
x-xss-protection
1; mode=block
last-modified
Mon, 21 Aug 2023 09:06:19 GMT
server
ufe
etag
"90a4df60f0ac955183fa8c7e423a8311"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
KXHsSTCUb2bPyjc93Yt5rvl9lD3cuboFJN_FGqnsg7QzLjGKa0Sjdw==
x-uber-edge
e4-dca8:w:150994947
utag.js
tags.tiqcdn.com/utag/uber/u4b/prod/
200 KB
37 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e1613a5d6f198afe86006d0a3da7c0441ae2702f6fa1c06812894022da7a25d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
xJCo4rWnFY.Dsdcs97JB5cnOfkEmDZ0M
content-encoding
br
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date
Sat, 26 Aug 2023 01:09:02 GMT
last-modified
Wed, 28 Jun 2023 17:10:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
47
x-amz-server-side-encryption
AES256
etag
W/"1507ee1cdf2aa35b4a2bf326843136cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
7zXfI1cGcoFFu_8-Mc2varxSMqgEhPpySiSzl83EbxzL6zl8XALUog==
utag.js
tags.tiqcdn.com/utag/uber/main/prod/
273 KB
41 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03327ca803354937e0113b2ad04c37813024badd9175b9432a034329959d08ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
T9W9ryUG5xgWKEr0wShiErghFmnFu8UV
content-encoding
br
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date
Sat, 26 Aug 2023 01:09:01 GMT
last-modified
Thu, 10 Aug 2023 16:31:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
19
x-amz-server-side-encryption
AES256
etag
W/"44eeb4455d704fd506cd2ee2b9b6f383"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
gkozGrq-bRH4SabjPb33cmVl1dhH4bESBuJS6L1G2-sVrt_j2ago5Q==
276edd4275dda838.woff2
d3i4yxtzktqr9n.cloudfront.net/web-employee/
28 KB
29 KB
Font
General
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/276edd4275dda838.woff2
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-175.fra53.r.cloudfront.net
Software
ufe /
Resource Hash
2765e5c2c468806af5fe1528e57116042b49a24790d8a0111615b1bcedfe13e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
Origin
https://redeem.uber.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 10:55:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
396817
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
687
content-length
28696
x-xss-protection
1; mode=block
last-modified
Mon, 21 Aug 2023 09:06:19 GMT
server
ufe
etag
"20481cb753b0f35e2be0f62d20b88f72"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
Wszg0vH8jXsABA8H3yFoYr4bBIVOWYPD872OEhxFxDKv5FZt15t1CQ==
x-uber-edge
e4-dca11:w:100663300
d769983c82bacb3c.woff2
d3i4yxtzktqr9n.cloudfront.net/web-employee/
30 KB
31 KB
Font
General
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/d769983c82bacb3c.woff2
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-175.fra53.r.cloudfront.net
Software
ufe /
Resource Hash
f566b2d8ef6c8ac1025d1825d83c7e5f0605f87a662394a8a67edc72cca5dac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
Origin
https://redeem.uber.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 10:55:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
396818
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
120
content-length
30804
x-xss-protection
1; mode=block
last-modified
Mon, 21 Aug 2023 09:06:19 GMT
server
ufe
etag
"8daa8947dd33a35013c2cc6d9f9fbc2a"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
7mW5kKTsDIkZGVHVHLMdzR5sFleRxDMJjlCYrSaRrxlu0fGcxa2Yzw==
x-uber-edge
e4-dca22:w:419430402
eee1724e2e5a8ebd.woff2
d3i4yxtzktqr9n.cloudfront.net/web-employee/
29 KB
30 KB
Font
General
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/eee1724e2e5a8ebd.woff2
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-175.fra53.r.cloudfront.net
Software
ufe /
Resource Hash
9b0d296027090ac7deaadbc7d9d7ff6fdd9ebcd95fc9afa0be5fdab1111346cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
Origin
https://redeem.uber.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 10:55:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
396818
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
105
content-length
29808
x-xss-protection
1; mode=block
last-modified
Mon, 21 Aug 2023 09:06:19 GMT
server
ufe
etag
"5174145c86f657b4d1fd691cde69fa2a"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
7GpO2qrxlfkXN_sBKj4PBSlDa85NPPkZKg-sX6ulId5ljEYFI5OWoQ==
x-uber-edge
e4-dca24:w:184549379
2192960133.js
cdn.optimizely.com/js/
295 KB
91 KB
Script
General
Full URL
https://cdn.optimizely.com/js/2192960133.js
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:58b::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14aa919d988307dcd681c2b6dd3c544ea50ff079bf5b68a8e98f9ef2013e5a77
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
Lydqmtt2fXzfzONTsfbJY99wPUCl4LX5
content-encoding
gzip
date
Sat, 26 Aug 2023 01:09:01 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
V8SWC0K185X5CAZF
x-amz-server-side-encryption
AES256
x-amz-meta-revision
6812
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=7, origin; dur=101, cdn;desc="AkamaiION";dur=0,rtt;desc="28";dur=0,cdnip;desc="2a02:26f0:480:58b::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1693012141794_35115186_1075832246_10839_1963_28_31_219";dur=1
content-length
92238
x-amz-id-2
2Fg8a4rXmog3qfn3pziIwsk3mAPIZq5ROkJm3/b8bZdF2tI/CjfjiEunYFRHER1Az1q/+Ofah8I=
last-modified
Sat, 22 Apr 2023 15:09:49 GMT
server
AmazonS3
etag
"13086a6506e573e41e60e32bfe57ea74"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
f3dc5042b86e13ac.svg
d3i4yxtzktqr9n.cloudfront.net/web-employee/
3 KB
2 KB
Image
General
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/f3dc5042b86e13ac.svg
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-175.fra53.r.cloudfront.net
Software
ufe /
Resource Hash
0e6b658ab2f7d97b426c85fcf33f02f38a7b61c2e5633e3f3219f41bb8e89eea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 05:02:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
677180
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
3
x-xss-protection
1; mode=block
last-modified
Thu, 10 Aug 2023 00:54:26 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
Z_0wK9t7C6xzb5A1dUZOLzSBK51H4YGPXMrXChTFi0-NWKe_GbY67Q==
x-uber-edge
e4-dca8:w:218103808
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/webp
client-186-b31ae25afd84f8df.js
d3i4yxtzktqr9n.cloudfront.net/web-employee/
91 KB
27 KB
Script
General
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-186-b31ae25afd84f8df.js
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-runtime-5a29ba3dc27f2a87.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-175.fra53.r.cloudfront.net
Software
ufe /
Resource Hash
4297cf4ade9499c4d568023ceda0f40dc68c27b733a871295b6287d0c02e7eed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
Origin
https://redeem.uber.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 10:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
396818
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
103
content-length
27137
x-xss-protection
1; mode=block
last-modified
Mon, 21 Aug 2023 09:06:19 GMT
server
ufe
etag
"907eb55f40be9eb5a9dde26393222f90"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
uhZwziMJeTMeLboqwDK736RnBNX7TcKmiQCAOHzj6HvtFFXC98WQFQ==
x-uber-edge
e4-dca23:w:134217729
a745050198.html
a745050198.cdn.optimizely.com/client_storage/ Frame 2335
1 KB
1 KB
Document
General
Full URL
https://a745050198.cdn.optimizely.com/client_storage/a745050198.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/2192960133.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.197.128.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-128-15.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
23cd993e359f5c05a26d2a5030f2185ae691ae8976ac9bbdd6c5f761c2953067
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://redeem.uber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
767
content-type
text/html; charset=utf-8
date
Sat, 26 Aug 2023 01:09:02 GMT
etag
"85523b184f29f8d4379a766d20dd5bb7"
last-modified
Sat, 22 Apr 2023 15:11:17 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=6 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="25";dur=0,cdnip;desc="23.197.128.15";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1693012142446_390277165_838415248_607_2466_25_30_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
NGf3Z1qH7s2LSZEBEQaUkWOu0NkD4LnhVg8hJblNpUMBj/0gfPsWI4e1XKQJWRTh5kBFVFkiWpg=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
N94NS2SZN7J37D0M
x-amz-server-side-encryption
AES256
x-amz-version-id
nw2cUrKX3ffiSLh.TohVOSAF_r_s.4TV
csp
csp.uber.com/
0
191 B
Other
General
Full URL
https://csp.uber.com/csp?a=web-employee&ro=false
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 26 Aug 2023 01:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
1
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca18:w:67108864
event
collect.tealiumiq.com/
0
511 B
XHR
General
Full URL
https://collect.tealiumiq.com/event
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.113.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-113-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 26 Aug 2023 01:09:02 GMT
x-serverid
uconnect_i-0b0943f5439d08c75
x-tid
018a2f63292e00089530a76843a303074001e06c00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
uber:main:2:event
x-region
eu-central-1
pragma
no-cache
vary
Origin
content-type
application/json
access-control-allow-origin
https://redeem.uber.com
x-ulver
585092f4a4451e15196522f4337b28abf1fac69b-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
bb4cebce-a263-4d69-bc8e-9dcf2c769823
expires
Sat, 26 Aug 2023 01:09:02 GMT
utag.45.js
tags.tiqcdn.com/utag/uber/u4b/prod/
23 KB
6 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.45.js?utv=ut4.48.202211231612
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6876924a48ca29157e9f679cf4f9a8cf42664db8b374ab95672f461e0ca49530

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
VSi7cgOqGqZb59pzTObXIZaLs2V.qupN
content-encoding
br
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date
Sat, 26 Aug 2023 01:09:03 GMT
last-modified
Wed, 28 Jun 2023 17:10:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"9fa4723a10addc8fbb4f73a6e85596b4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
j4nHvztkdBwNNDwBYn66G5AuB-spSkx6f6hZ_VZdH-AXhX_1cOpmtg==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 25 Aug 2023 23:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4759
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 26 Aug 2023 01:49:43 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
431 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=uber/u4b/202306281709&cb=1693012142834
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Sat, 26 Aug 2023 01:04:22 GMT
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
281
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
gHpsQPa-vLG3OCvfnEiDccr7zWFB8CfaIPPMssCPwF3k-BeztuWItw==
js
www.googletagmanager.com/gtag/
204 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-840270580
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f80f59d4140e5278262dfc2ae9ae1f68af98ea6e52ba84cde2d07f452bf7af4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 01:09:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74533
x-xss-protection
0
last-modified
Sat, 26 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 26 Aug 2023 01:09:02 GMT
csp
csp.uber.com/
0
43 B
Other
General
Full URL
https://csp.uber.com/csp?a=web-employee&ro=false
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 26 Aug 2023 01:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
24
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca22:w:352321540
bat.js
bat.bing.com/
0
0

fbevents.js
connect.facebook.net/en_US/
193 KB
52 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 26 Aug 2023 01:09:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
Z1DrxzKHNHqARkbMtN35YIHtVLSu7fUudUK+MIz5JvBkEDjnDz0G5kZqsckUvgErIlgKf3r6JFwidPWzj+IiQg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 01:09:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 09:07:54 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=47355
accept-ranges
bytes
content-length
4862
csp
csp.uber.com/
0
40 B
Other
General
Full URL
https://csp.uber.com/csp?a=web-employee&ro=false
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 26 Aug 2023 01:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
1
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca23:w:33554436
ld.js
dynamic.criteo.com/js/ld/
0
0

csp
csp.uber.com/
0
43 B
Other
General
Full URL
https://csp.uber.com/csp?a=web-employee&ro=false
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 26 Aug 2023 01:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
2
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca24:w:184549378
0
bat.bing.com/action/
0
0

csp
csp.uber.com/
0
43 B
Other
General
Full URL
https://csp.uber.com/csp?a=web-employee&ro=false
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 26 Aug 2023 01:09:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
0
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca18:w:385875972
B22324126.240038996;sz=1x2;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/adj/N197801.197812NSO.CODESRV/
0
0

ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 00:18:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
3039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 26 Aug 2023 01:18:23 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
811 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 00:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
1462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 26 Aug 2023 01:44:40 GMT
collect
www.google-analytics.com/j/
3 B
146 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1637142894&t=pageview&_s=1&dl=https%3A%2F%2Fredeem.uber.com%2Fpublic&ul=en-us&de=UTF-8&dt=Uber&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiAIrBAAAACgMI~&jid=517471308&gjid=42886824&cid=1183489267.1693012143&tid=UA-7157694-138&_gid=274460166.1693012143&_slc=1&cd1=u4b&cd28=%7B%22session_id%22%3A%2275dc1a65-721e-4a85-89b0-f2abed7244e6%22%2C%22session_time_ms%22%3A1693012141527%7D&z=1551119376
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redeem.uber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
349 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7157694-138&cid=1183489267.1693012143&jid=517471308&gjid=42886824&_gid=274460166.1693012143&_u=aGBAiAIrBAAAAGgMIAC~&z=1504658827
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 26 Aug 2023 01:09:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redeem.uber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1637142894&t=pageview&_s=2&dl=https%3A%2F%2Fredeem.uber.com%2Fpublic&ul=en-us&de=UTF-8&dt=Uber&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiAIrBAAAAGgMIAC~&jid=&gjid=&cid=1183489267.1693012143&tid=UA-7157694-138&_gid=274460166.1693012143&cd1=u4b&cd28=%7B%22session_id%22%3A%2275dc1a65-721e-4a85-89b0-f2abed7244e6%22%2C%22session_time_ms%22%3A1693012141527%7D&z=798577470
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 21:39:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12573
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
csp
csp.uber.com/
0
62 B
Other
General
Full URL
https://csp.uber.com/csp?a=web-employee&ro=false
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 26 Aug 2023 01:09:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
0
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca11:w:50331652
token
cdn.linkedin.oribi.io/partner/69483/domain/redeem.uber.com/
0
0

csp
csp.uber.com/
0
39 B
Other
General
Full URL
https://csp.uber.com/csp?a=web-employee&ro=false
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 26 Aug 2023 01:09:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
0
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca22:w:352321536
collect
px.ads.linkedin.com/
0
0

112615526068288
connect.facebook.net/signals/config/
136 KB
36 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/112615526068288?v=2.9.125&r=stable&domain=redeem.uber.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
973a06069eeed31eb81c2a01e7eb8208e88d446c0fa3771868bf4e402aee21a2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 26 Aug 2023 01:09:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
sNU/CazA3smgSD8lWiQAwQ10qC0t2Mz7IoGT2oHPxZp94Wp1mxRYEpZKmt3ec2QmH3/Lecy8dJLzZBs1vS6I+w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/840270580/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/840270580/?random=1693012143041&cv=11&fst=1693012143041&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&hn=www.googleadservices.com&frm=0&tiba=Uber&auid=1750697004.1693012143&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-840270580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b149ec16237d50c460bf2aa73fb74543cf78665993260cf56463d95b6c3279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1300
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
185 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-809450002&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-840270580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7fee65d288fa51d4351e2c683ded4c6c3503b2d96e76c51fbcd9c66145d8a5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 01:09:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69445
x-xss-protection
0
last-modified
Sat, 26 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 26 Aug 2023 01:09:03 GMT
js
www.googletagmanager.com/gtag/
172 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8617315&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-840270580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49f66eab73d851c5fcbc637693afdf3da6bfb8fe7298f0e88f78e9c1808be559
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 01:09:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64815
x-xss-protection
0
last-modified
Sat, 26 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 26 Aug 2023 01:09:03 GMT
js
www.googletagmanager.com/gtag/
185 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-816533418&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-840270580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d6b2e675dc5e0f3942c27758d776bb3d348c3cd42324ad08bcceaa73bacc16d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 01:09:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69402
x-xss-protection
0
last-modified
Sat, 26 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 26 Aug 2023 01:09:03 GMT
js
www.googletagmanager.com/gtag/
185 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-842942253&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-840270580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afe19a3818e660452b3e391159103112d19903e5c90b553ad56584e0f38ef9ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 01:09:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69402
x-xss-protection
0
last-modified
Sat, 26 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 26 Aug 2023 01:09:03 GMT
js
www.googletagmanager.com/gtag/
266 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W3V99WJNZ7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-840270580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9330f529a190f3fb37c3f9d2ec72928291f2b436e36eb401f951956e367b1b81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 01:09:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90489
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 26 Aug 2023 01:09:03 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7157694-138&cid=1183489267.1693012143&jid=517471308&_u=aGBAiAIrBAAAAGgMIAC~&z=1546644749
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/
42 B
408 B
Image
General
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7157694-138&cid=1183489267.1693012143&jid=517471308&_u=aGBAiAIrBAAAAGgMIAC~&z=1546644749
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
logx.optimizely.com/v1/
0
360 B
XHR
General
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/2192960133.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.227.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-227-208.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 26 Aug 2023 01:09:03 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://redeem.uber.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
a44995db-d259-4f0a-8250-2aeed558bb94
csp
csp.uber.com/
0
39 B
Other
General
Full URL
https://csp.uber.com/csp?a=web-employee&ro=false
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 26 Aug 2023 01:09:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
1
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca23:w:33554437
/
www.facebook.com/tr/
0
0

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/842942253/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842942253/?random=1693012143182&cv=11&fst=1693012143182&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&hn=www.googleadservices.com&frm=0&tiba=Uber&auid=1750697004.1693012143&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-842942253&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6d654ce9cba1abae231460cfbf4f8c7728a1229467d4c9f63dc4330ad224812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/816533418/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/816533418/?random=1693012143201&cv=11&fst=1693012143201&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&hn=www.googleadservices.com&frm=0&tiba=Uber&auid=1750697004.1693012143&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-816533418&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45e13b463839f5cdbede1fda7e0c99d8869163c18f4f913ed3043d132f2c2876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1303
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/809450002/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/809450002/?random=1693012143228&cv=11&fst=1693012143228&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&hn=www.googleadservices.com&frm=0&tiba=Uber&auid=1750697004.1693012143&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-809450002&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
549acabb92edb96ed5c9662ffffd8483deb4f7373d39d30fb4602e6a11869d40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W3V99WJNZ7&gtm=45je38n0&_p=1637142894&gdid=dYmQxMT&cid=1183489267.1693012143&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693012143&sct=1&seg=0&dl=https%3A%2F%2Fredeem.uber.com%2Fpublic&dt=Uber&en=page_view&_fv=1&_ss=1&_ee=1&ep.tealium_profile=u4b
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W3V99WJNZ7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redeem.uber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/840270580/
42 B
154 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/840270580/?random=1693012143041&cv=11&fst=1693011600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=809217931&rmt_tld=0&ipr=y
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/840270580/
42 B
154 B
Image
General
Full URL
https://www.google.fr/pagead/1p-user-list/840270580/?random=1693012143041&cv=11&fst=1693011600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=809217931&rmt_tld=1&ipr=y
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/842942253/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/842942253/?random=1693012143182&cv=11&fst=1693011600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=555334817&rmt_tld=0&ipr=y
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/842942253/
42 B
108 B
Image
General
Full URL
https://www.google.fr/pagead/1p-user-list/842942253/?random=1693012143182&cv=11&fst=1693011600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=555334817&rmt_tld=1&ipr=y
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/816533418/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/816533418/?random=1693012143201&cv=11&fst=1693011600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4213917873&rmt_tld=0&ipr=y
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/816533418/
42 B
108 B
Image
General
Full URL
https://www.google.fr/pagead/1p-user-list/816533418/?random=1693012143201&cv=11&fst=1693011600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4213917873&rmt_tld=1&ipr=y
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/809450002/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/809450002/?random=1693012143228&cv=11&fst=1693011600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=564081332&rmt_tld=0&ipr=y
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/809450002/
42 B
108 B
Image
General
Full URL
https://www.google.fr/pagead/1p-user-list/809450002/?random=1693012143228&cv=11&fst=1693011600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fredeem.uber.com%2Fpublic&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=564081332&rmt_tld=1&ipr=y
Requested by
Host: redeem.uber.com
URL: https://redeem.uber.com/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://redeem.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 01:09:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp
csp.uber.com/
0
68 B
Other
General
Full URL
https://csp.uber.com/csp?a=web-employee&ro=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 26 Aug 2023 01:09:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
876
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca11:w:100663297
/
www.facebook.com/tr/
0
0

_events
redeem.uber.com/
2 B
103 B
Ping
General
Full URL
https://redeem.uber.com/_events
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-main-91a6d69eff709029.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redeem.uber.com/public
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 26 Aug 2023 01:09:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
15
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca11:w:100663299
/
api-js.mixpanel.com/track/
25 B
371 B
XHR
General
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1693012147437
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-186-b31ae25afd84f8df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://redeem.uber.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Sat, 26 Aug 2023 01:09:07 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://redeem.uber.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
22
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bat.bing.com
URL
https://bat.bing.com/bat.js
Domain
dynamic.criteo.com
URL
https://dynamic.criteo.com/js/ld/ld.js?a=103675
Domain
bat.bing.com
URL
https://bat.bing.com/action/0?ti=21002034&Ver=2&_rnd=0.7674224641034693
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/ddm/adj/N197801.197812NSO.CODESRV/B22324126.240038996;sz=1x2;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?&_rnd=0.6438599219666736
Domain
cdn.linkedin.oribi.io
URL
https://cdn.linkedin.oribi.io/partner/69483/domain/redeem.uber.com/token
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=69483&time=1693012142977&url=https%3A%2F%2Fredeem.uber.com%2Fpublic
Domain
www.facebook.com
URL
https://www.facebook.com/tr/?id=112615526068288&ev=PageView&dl=https%3A%2F%2Fredeem.uber.com%2Fpublic&rl=&if=false&ts=1693012143155&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1693012143154.704764391&it=1693012143004&coo=false&tm=1&rqm=GET
Domain
www.facebook.com
URL
https://www.facebook.com/tr/?id=112615526068288&ev=Microdata&dl=https%3A%2F%2Fredeem.uber.com%2Fpublic&rl=&if=false&ts=1693012144658&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Uber%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1693012143154.704764391&it=1693012143004&coo=false&es=automatic&tm=3&rqm=GET

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture string| __FUSION_ASSET_PATH__ string| __NONCE__ undefined| _ object| optimizely number| startTime number| duration object| webpackChunkFusion function| clearImmediate function| setImmediate object| Braintree function| Hammer boolean| utag_condload string| url undefined| pathNext undefined| path object| utag_data object| dataObject object| business_uber object| chameleon_uber object| bonjour_uber object| uber_eats string| tempLang string| getPathingqp boolean| isSafari string| lang string| domain undefined| metaAttr undefined| locale undefined| attrLen object| utag object| uetq object| _linkedin function| getCookieValue function| getParameterByName boolean| __tealium_twc_switch string| gaAccount object| redux_State boolean| inAppFlag boolean| __tealium_privacy string| gtagRename object| dataLayer function| gtag object| _linkedin_data_partner_ids object| criteo_q object| utag_err function| _tealium_old_error string| GoogleAnalyticsObject function| ga object| reduxState number| f number| c function| fbq function| _fbq boolean| _wait_for_lintrk string| _event object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk object| google_tag_manager object| GooglebQhCsO function| onYouTubeIframeAPIReady object| trackers

14 Cookies

Domain/Path Name / Value
redeem.uber.com/ Name: _ua
Value: {"session_id":"75dc1a65-721e-4a85-89b0-f2abed7244e6","session_time_ms":1693012141527}
redeem.uber.com/ Name: jwt-session
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2OTMwMTIxNDEsImV4cCI6MTY5MzA5ODU0MX0.LDuG1J3j7CYKTW3gg3Lcoy3H0Wcza7qhldBi6Wf8hQA
.uber.com/ Name: optimizelyEndUserId
Value: oeu1693012142096r0.14400289691257262
.uber.com/ Name: CONSENTMGR
Value: c1:1%7Cc2:1%7Cc3:1%7Cc4:1%7Cc5:1%7Cc6:1%7Cc7:1%7Cc8:1%7Cc9:1%7Cc10:1%7Cc11:1%7Cc12:1%7Cc13:1%7Cc14:1%7Cc15:1%7Cts:1693012142420%7Cconsent:true
.uber.com/ Name: mp_adec770be288b16d9008c964acfba5c2_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218a2f63296619f-0db5d0b0e481cb-653b525b-1d4c00-18a2f63296712e5%22%2C%22%24device_id%22%3A%20%2218a2f63296619f-0db5d0b0e481cb-653b525b-1d4c00-18a2f63296712e5%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.uber.com/ Name: utag_main
Value: v_id:018a2f63292e00089530a76843a303074001e06c00b08$_sn:1$_se:2$_ss:0$_st:1693013942835$ses_id:1693012142382%3Bexp-session$_pn:1%3Bexp-session
.uber.com/ Name: _gid
Value: GA1.2.274460166.1693012143
.uber.com/ Name: _gat_tealium_0
Value: 1
.uber.com/ Name: _gcl_au
Value: 1.1.1750697004.1693012143
.uber.com/ Name: _fbp
Value: fb.1.1693012143154.704764391
.doubleclick.net/ Name: IDE
Value: AHWqTUmXEVF_wvO3oGCFsIAdEWgbufG6aOpdTRmWExUYObzzBfHuhQ4UaknvZI_S
.uber.com/ Name: _ga
Value: GA1.1.1183489267.1693012143
.uber.com/ Name: _ga_W3V99WJNZ7
Value: GS1.1.1693012143.1.0.1693012143.0.0.0
redeem.uber.com/ Name: parsed_ga_cookie
Value: 1183489267.1693012143

10 Console Messages

Source Level URL
Text
network error URL: https://redeem.uber.com/public
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js(Line 135)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-efcea37a-9012-487d-a352-ae8d29fe559b' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.googletagmanager.com". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security error URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js(Line 84)
Message:
Refused to load the script 'https://bat.bing.com/bat.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-efcea37a-9012-487d-a352-ae8d29fe559b' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.googletagmanager.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js(Line 84)
Message:
Refused to load the script 'https://dynamic.criteo.com/js/ld/ld.js?a=103675' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-efcea37a-9012-487d-a352-ae8d29fe559b' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.googletagmanager.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://redeem.uber.com/public
Message:
Refused to load the image 'https://bat.bing.com/action/0?ti=21002034&Ver=2&_rnd=0.7674224641034693' because it violates the following Content Security Policy directive: "img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat".
security error URL: https://redeem.uber.com/public
Message:
Refused to load the image 'https://ad.doubleclick.net/ddm/adj/N197801.197812NSO.CODESRV/B22324126.240038996;sz=1x2;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?&_rnd=0.6438599219666736' because it violates the following Content Security Policy directive: "img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat".
security error URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Message:
Refused to connect to 'https://cdn.linkedin.oribi.io/partner/69483/domain/redeem.uber.com/token' because it violates the following Content Security Policy directive: "connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat".
security error URL: https://redeem.uber.com/public
Message:
Refused to load the image 'https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=69483&time=1693012142977&url=https%3A%2F%2Fredeem.uber.com%2Fpublic' because it violates the following Content Security Policy directive: "img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat".
security error URL: https://redeem.uber.com/public
Message:
Refused to load the image 'https://www.facebook.com/tr/?id=112615526068288&ev=PageView&dl=https%3A%2F%2Fredeem.uber.com%2Fpublic&rl=&if=false&ts=1693012143155&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1693012143154.704764391&it=1693012143004&coo=false&tm=1&rqm=GET' because it violates the following Content Security Policy directive: "img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat".
security error URL: https://redeem.uber.com/public
Message:
Refused to load the image 'https://www.facebook.com/tr/?id=112615526068288&ev=Microdata&dl=https%3A%2F%2Fredeem.uber.com%2Fpublic&rl=&if=false&ts=1693012144658&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Uber%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1693012143154.704764391&it=1693012143004&coo=false&es=automatic&tm=3&rqm=GET' because it violates the following Content Security Policy directive: "img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self' blob: 'self' blob: https://*.mapbox.com; child-src 'self' blob: 'self' blob: https://*.mapbox.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-efcea37a-9012-487d-a352-ae8d29fe559b' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://*.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://api.tiles.mapbox.com https://fonts.googleapis.com https://api.tiles.mapbox.com; img-src 'self' data: https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://d1w2poirtb3as9.cloudfront.net https://tb-static.uber.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a745050198.cdn.optimizely.com
ad.doubleclick.net
api-js.mixpanel.com
bat.bing.com
cdn.linkedin.oribi.io
cdn.optimizely.com
collect.tealiumiq.com
connect.facebook.net
csp.uber.com
d3i4yxtzktqr9n.cloudfront.net
dynamic.criteo.com
googleads.g.doubleclick.net
logx.optimizely.com
px.ads.linkedin.com
redeem.uber.com
region1.google-analytics.com
snap.licdn.com
stats.g.doubleclick.net
tags.tiqcdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
ad.doubleclick.net
bat.bing.com
cdn.linkedin.oribi.io
dynamic.criteo.com
px.ads.linkedin.com
www.facebook.com
104.36.192.148
130.211.34.183
143.204.214.175
2001:4860:4802:32::36
23.197.128.15
2600:9000:223e:3800:7:2bfb:7c00:93a1
2a00:1450:4001:803::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:149b
2a02:26f0:480:58b::13b8
2a03:2880:f084:d:face:b00c:0:3
52.58.113.67
54.80.227.208
03327ca803354937e0113b2ad04c37813024badd9175b9432a034329959d08ad
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0e6b658ab2f7d97b426c85fcf33f02f38a7b61c2e5633e3f3219f41bb8e89eea
14aa919d988307dcd681c2b6dd3c544ea50ff079bf5b68a8e98f9ef2013e5a77
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23cd993e359f5c05a26d2a5030f2185ae691ae8976ac9bbdd6c5f761c2953067
24a62fabdbf20a34ef1e3d30973072218f15ff22947d5c0b37715663a4af0f61
2765e5c2c468806af5fe1528e57116042b49a24790d8a0111615b1bcedfe13e0
2d6b2e675dc5e0f3942c27758d776bb3d348c3cd42324ad08bcceaa73bacc16d
4297cf4ade9499c4d568023ceda0f40dc68c27b733a871295b6287d0c02e7eed
45e13b463839f5cdbede1fda7e0c99d8869163c18f4f913ed3043d132f2c2876
49f66eab73d851c5fcbc637693afdf3da6bfb8fe7298f0e88f78e9c1808be559
4e1613a5d6f198afe86006d0a3da7c0441ae2702f6fa1c06812894022da7a25d
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
549acabb92edb96ed5c9662ffffd8483deb4f7373d39d30fb4602e6a11869d40
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6876924a48ca29157e9f679cf4f9a8cf42664db8b374ab95672f461e0ca49530
690d652f80d9cc41f9e82bbe480087d78bc8ed5a6370cb34983d46322463068a
7fee65d288fa51d4351e2c683ded4c6c3503b2d96e76c51fbcd9c66145d8a5df
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87b149ec16237d50c460bf2aa73fb74543cf78665993260cf56463d95b6c3279
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9330f529a190f3fb37c3f9d2ec72928291f2b436e36eb401f951956e367b1b81
973a06069eeed31eb81c2a01e7eb8208e88d446c0fa3771868bf4e402aee21a2
9b0d296027090ac7deaadbc7d9d7ff6fdd9ebcd95fc9afa0be5fdab1111346cb
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
afe19a3818e660452b3e391159103112d19903e5c90b553ad56584e0f38ef9ed
c6d654ce9cba1abae231460cfbf4f8c7728a1229467d4c9f63dc4330ad224812
ca8b2305935a052d253c47851d5873973f3bb61056ea97dd3245f6990393d71b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeea101c24bfed257cf9ac4023812128724d55f344582c10114863de59209b65
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f566b2d8ef6c8ac1025d1825d83c7e5f0605f87a662394a8a67edc72cca5dac6
f80f59d4140e5278262dfc2ae9ae1f68af98ea6e52ba84cde2d07f452bf7af4f
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25