urlscan.io logo urlscan.io
SecurityTrails logo

auth.uber.com Open in urlscan Pro
34.98.127.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.et.uber.com/?qs=15ef8c28053114817e85b8b41526d56e2b36b767bfe0d58043236d32b126bb39f06803772117716753df4b56f55d...
Effective URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3D...
Submission: On May 20 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 63 HTTP transactions. The main IP is 34.98.127.226, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is auth.uber.com. The Cisco Umbrella rank of the primary domain is 36722.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 30th 2022. Valid for: a year.
This is the only time auth.uber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    198.245.92.61 (United States)

ASN22606 (EXACT-7, US)
PTR: click.et.uber.com
click.et.uber.com
4    104.36.192.148 (Ashburn, United States)

ASN63086 (UBER-PROD, US)
biz.uber.com
22    52.222.196.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-196-40.cdg50.r.cloudfront.net
d3i4yxtzktqr9n.cloudfront.net
8    2600:9000:244f:400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    2a02:26f0:480:5b0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
1    23.215.22.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-209.deploy.static.akamaitechnologies.com
a745050198.cdn.optimizely.com
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    34.98.127.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.127.98.34.bc.googleusercontent.com
auth.uber.com
3    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    143.204.231.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-231-7.cdg3.r.cloudfront.net
www.cdn-net.com
1    104.102.23.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-23-137.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
1    2600:1901:0:d1c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
six.cdn-net.com
Apex Domain
Subdomains		 Transfer
22 cloudfront.net
d3i4yxtzktqr9n.cloudfront.net
1 MB
10 uber.com
click.et.uber.com — Cisco Umbrella Rank: 525368
biz.uber.com — Cisco Umbrella Rank: 350188
csp.uber.com Failed
auth.uber.com — Cisco Umbrella Rank: 36722
43 KB
8 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1027
92 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
325 KB
3 cdn-net.com
www.cdn-net.com — Cisco Umbrella Rank: 14225
six.cdn-net.com — Cisco Umbrella Rank: 12214
45 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6080
671 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
671 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
6 KB
2 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 745
a745050198.cdn.optimizely.com — Cisco Umbrella Rank: 189889
logx.optimizely.com Failed
93 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3319
17 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
28 KB
0 mixpanel.com Failed
api-js.mixpanel.com Failed
63 12
Domain Requested by
22 d3i4yxtzktqr9n.cloudfront.net biz.uber.com
d3i4yxtzktqr9n.cloudfront.net
auth.uber.com
8 tags.tiqcdn.com biz.uber.com
tags.tiqcdn.com
6 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
5 auth.uber.com d3i4yxtzktqr9n.cloudfront.net
4 biz.uber.com 2 redirects d3i4yxtzktqr9n.cloudfront.net
3 www.google.de
3 www.google.com
3 googleads.g.doubleclick.net www.googletagmanager.com
2 www.cdn-net.com d3i4yxtzktqr9n.cloudfront.net
www.cdn-net.com
1 six.cdn-net.com www.cdn-net.com
1 appleid.cdn-apple.com d3i4yxtzktqr9n.cloudfront.net
1 connect.facebook.net tags.tiqcdn.com
1 a745050198.cdn.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com biz.uber.com
1 click.et.uber.com 1 redirects
0 api-js.mixpanel.com Failed d3i4yxtzktqr9n.cloudfront.net
0 logx.optimizely.com Failed cdn.optimizely.com
0 csp.uber.com Failed tags.tiqcdn.com
63 18

This site contains no links.

Subject Issuer Validity Valid
*.uber.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-30 -
2023-10-03		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-30 -
2023-10-30		 a year crt.sh
*.cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-03 -
2023-06-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-27 -
2023-05-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.cdn-net.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-12-28		 10 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2023-05-03 -
2023-10-29		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Frame ID: EBD6B868AA41BD8749311EE3205DBB90
Requests: 63 HTTP requests in this frame

Frame: https://a745050198.cdn.optimizely.com/client_storage/a745050198.html
Frame ID: A5960C1A1D9A9F013448080677E88719
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uber

Page URL History Show full URLs

  1. https://click.et.uber.com/?qs=15ef8c28053114817e85b8b41526d56e2b36b767bfe0d58043236d32b126bb39f0680377... HTTP 302
    https://biz.uber.com/public/redeem-employee-invite?action=redeem-employee-invite&confirmation_tok... HTTP 302
    https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U... Page URL
  2. https://biz.uber.com/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&d... HTTP 302
    https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2F... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

63
Requests

94 %
HTTPS

53 %
IPv6

12
Domains

18
Subdomains

15
IPs

2
Countries

1740 kB
Transfer

5662 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.et.uber.com/?qs=15ef8c28053114817e85b8b41526d56e2b36b767bfe0d58043236d32b126bb39f06803772117716753df4b56f55d4b1c790630cba4b84030e438795fac966bbd HTTP 302
    https://biz.uber.com/public/redeem-employee-invite?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant+Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_+Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET HTTP 302
    https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e Page URL
  2. https://biz.uber.com/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e HTTP 302
    https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.et.uber.com/?qs=15ef8c28053114817e85b8b41526d56e2b36b767bfe0d58043236d32b126bb39f06803772117716753df4b56f55d4b1c790630cba4b84030e438795fac966bbd HTTP 302
  • https://biz.uber.com/public/redeem-employee-invite?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant+Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_+Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET HTTP 302
  • https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
L6U9V7LG
biz.uber.com/public/confirm/
Redirect Chain
  • https://click.et.uber.com/?qs=15ef8c28053114817e85b8b41526d56e2b36b767bfe0d58043236d32b126bb39f06803772117716753df4b56f55d4b1c790630cba4b84030e438795fac966bbd
  • https://biz.uber.com/public/redeem-employee-invite?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant+Thornton&show_pp=true&show_tier_disclaimer=fa...
  • https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&...
68 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
7093e310f0c6f4c5718c4907585af9c83f8cab468cc6166bcf00a3a02822f2a9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self' blob: 'self' blob: https://*.mapbox.com; child-src 'self' blob: 'self' blob: https://*.mapbox.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-d894579d-fc33-4d6d-9ea2-ba7dd0b8238d' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://api.tiles.mapbox.com https://fonts.googleapis.com https://api.tiles.mapbox.com; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
content-encoding
br
content-security-policy
block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self' blob: 'self' blob: https://*.mapbox.com; child-src 'self' blob: 'self' blob: https://*.mapbox.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-d894579d-fc33-4d6d-9ea2-ba7dd0b8238d' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://api.tiles.mapbox.com https://fonts.googleapis.com https://api.tiles.mapbox.com; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
content-type
text/html; charset=utf-8
date
Sat, 20 May 2023 18:43:13 GMT
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1604
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca11:w:50331669
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0
content-encoding
br
content-security-policy
block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self' blob: 'self' blob: https://*.mapbox.com; child-src 'self' blob: 'self' blob: https://*.mapbox.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-9677c18c-b23a-4dd0-994d-f8a712eb6a32' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://api.tiles.mapbox.com https://fonts.googleapis.com https://api.tiles.mapbox.com; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
content-type
text/html; charset=utf-8
date
Sat, 20 May 2023 18:43:12 GMT
location
/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
10
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca24:w:251658262
x-xss-protection
1; mode=block
client-main-4050bb1647faf7b8.js
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 		453 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-main-4050bb1647faf7b8.js
Requested by
Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
ec77888f4e93a7dec9f57ca50bb448f2b9a9b4da7732d607479aaf88b4c9f788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://biz.uber.com/
Origin
https://biz.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 08:16:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
124006
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
10
x-xss-protection
1; mode=block
last-modified
Fri, 19 May 2023 06:08:37 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
FKZndOKE6zE2-zT8kuC1iFmXMXXFgUXT94zpZ0d7PBq_xGraFXLWNw==
x-uber-edge
e4-dca20:w:83886081
client-vendor-7e3924e9641007b0.js
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 		2 MB
522 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-vendor-7e3924e9641007b0.js
Requested by
Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
36093b0eace3eea2dceb31ff9d863ce1f29f33bcda4f1198df56864cc8c1fc45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://biz.uber.com/
Origin
https://biz.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 06:58:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
301510
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
last-modified
Tue, 16 May 2023 10:27:34 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
Ps4HZZrrdlhMpXR3qcskQi-rlrCgILOAnGqorBtH2AYHZ16twq9TFQ==
x-uber-edge
e4-dca24:w:251658247
client-runtime-d4c312238c74e5f5.js
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-runtime-d4c312238c74e5f5.js
Requested by
Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
1a02632860ac1882139e2ca8c7c6f6986d1816cfecc9482db63c1922934e6e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://biz.uber.com/
Origin
https://biz.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 11:30:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
630748
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
7
x-xss-protection
1; mode=block
last-modified
Thu, 04 May 2023 11:42:45 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
7e07poHK7HOfHitl1ZeFz9kDKwtHyV2eaU5GFjM5SDwU2IPTfJfsrw==
x-uber-edge
e4-dca20:w:16777216
utag.js
tags.tiqcdn.com/utag/uber/u4b/prod/ 		192 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Requested by
Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
gbxCcnqf6WwmY5uSxv7ELTdxC2lK82Bt
content-encoding
br
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
date
Sat, 20 May 2023 18:43:14 GMT
last-modified
Tue, 09 May 2023 19:26:32 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
1
x-amz-server-side-encryption
AES256
etag
W/"e6a3cd51fce04835f7a0923543f03280"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
SYz1PkicwrdtKEH6qxPPWooxYkDS2Q1WtdvHmJtLENRIYHwwhSKMkw==
utag.js
tags.tiqcdn.com/utag/uber/main/prod/ 		225 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Requested by
Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
lJ_XPjBgn22cM0nOPblT50OU6o3IHD1c
content-encoding
br
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
date
Sat, 20 May 2023 18:41:30 GMT
last-modified
Wed, 17 May 2023 18:26:03 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
105
x-amz-server-side-encryption
AES256
etag
W/"9bbb20463e8042145cf426581069028d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
D0cOE28opJFQMuLtUu5a46xAL8WRN4LJ2ZJgQ56pBc2nALS1l-TteQ==
865f196494beefeb.woff2
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/865f196494beefeb.woff2
Requested by
Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
4b45e0cdba61e5d00bef1dc95fabe543a8e8ef8be342bce0477f729d80238c65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://biz.uber.com/
Origin
https://biz.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 05:01:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
49276
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
5
content-length
28520
x-xss-protection
1; mode=block
last-modified
Fri, 19 May 2023 06:08:37 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
6mQi9o-yAkvZwUbIaZ-KjQ3LPl6aUJGesS9f3hRE4w5ph44oNYDrIw==
x-uber-edge
e4-dca11:w:50331665
4912f83fe2d86107.woff2
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/4912f83fe2d86107.woff2
Requested by
Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
9ad0d5b942e6ac6cb0e14c417b2a3b9536c8c6b11bc6d2c8bb7af552fe87a307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://biz.uber.com/
Origin
https://biz.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 07:57:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
211534
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
5
content-length
29576
x-xss-protection
1; mode=block
last-modified
Tue, 16 May 2023 10:27:34 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
ZOi3L6Uckc6hQjSbX-_5anc2k0Q0ImgA0uOSULX5f85P6kuWaDLhhA==
x-uber-edge
e4-dca24:w:184549386
e245b8e03846a659.woff2
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/e245b8e03846a659.woff2
Requested by
Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
0ba42888b81195edfb7b2dafbdd9f3613a0553055fd33559b73a4f9bb530d4ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://biz.uber.com/
Origin
https://biz.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:55:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
362857
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
562
content-length
29584
x-xss-protection
1; mode=block
last-modified
Tue, 16 May 2023 10:27:34 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
MFeJiQD0sqj7WwXLRoamnaWKHPNRgd2OCvvS27uIaW8ityHtDp_kow==
x-uber-edge
e4-dca22:w:352321558
2192960133.js
cdn.optimizely.com/js/ 		295 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/2192960133.js
Requested by
Host: biz.uber.com
URL: https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5b0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14aa919d988307dcd681c2b6dd3c544ea50ff079bf5b68a8e98f9ef2013e5a77
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
Lydqmtt2fXzfzONTsfbJY99wPUCl4LX5
content-encoding
gzip
date
Sat, 20 May 2023 18:43:14 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
V8SWC0K185X5CAZF
x-amz-server-side-encryption
AES256
x-amz-meta-revision
6812
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=5, origin; dur=103, cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2a02:26f0:480:5b0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="467946_35115186_56501643_10802_1500_7_0";dur=1
content-length
92238
x-amz-id-2
2Fg8a4rXmog3qfn3pziIwsk3mAPIZq5ROkJm3/b8bZdF2tI/CjfjiEunYFRHER1Az1q/+Ofah8I=
last-modified
Sat, 22 Apr 2023 15:09:49 GMT
server
AmazonS3
etag
"13086a6506e573e41e60e32bfe57ea74"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/webp
client-186-1ba74bfbc1f5841e.js
d3i4yxtzktqr9n.cloudfront.net/web-employee/ 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-186-1ba74bfbc1f5841e.js
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-runtime-d4c312238c74e5f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://biz.uber.com/
Origin
https://biz.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 07:57:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
211533
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
6
x-xss-protection
1; mode=block
last-modified
Tue, 16 May 2023 10:27:34 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
ZJmC2x7s017rGGyPzeOaTnlEV5bTxKYazm8Au0o3RG6W8KV15BPCVQ==
x-uber-edge
e4-dca22:w:419430407
a745050198.html
a745050198.cdn.optimizely.com/client_storage/ Frame A596 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a745050198.cdn.optimizely.com/client_storage/a745050198.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/2192960133.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-209.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://biz.uber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
767
content-type
text/html; charset=utf-8
date
Sat, 20 May 2023 18:43:15 GMT
etag
"85523b184f29f8d4379a766d20dd5bb7"
last-modified
Sat, 22 Apr 2023 15:11:17 GMT
server
AmazonS3
server-timing
cdn-cache; desc=REVALIDATE edge; dur=9 origin; dur=100 cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="23.215.22.209";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="467946_34664607_886574968_10827_1601_6_0";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
nsA3BQm8VESGIuVHBusnKP/Wrs+4cR5zZdNRk8SNKVDaPgWZIwXFSS22IR0ZnLXNkoUK5nugQnc=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
4RYJ8JKDBXHZER0V
x-amz-server-side-encryption
AES256
x-amz-version-id
nw2cUrKX3ffiSLh.TohVOSAF_r_s.4TV
redeemTokenInApp
biz.uber.com/api/ 		489 B
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://biz.uber.com/api/redeemTokenInApp?localeCode=de-DE
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-vendor-7e3924e9641007b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
x-csrf-token
x
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 May 2023 18:43:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
server
ufe
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
81
x-xss-protection
1; mode=block
x-uber-edge
e4-dca8:w:218103820
csp
csp.uber.com/ 		0
0
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=uber/main/202305171823&cb=1684608194937
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Sat, 20 May 2023 18:36:46 GMT
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P4
age
389
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
xc9cqwI8YNAfEbT__suB2JY7IMAJbXDBPVbP-_FkAR7qIdZbz-ygIg==
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 20 May 2023 18:43:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Jw8c9en6LowQmfBKyG4p/oRUoKKkI5l9gvvGOUHBymjOhuoI33I+EkzOHdRJ+KbSdWo9mf3Z4E5a0CMrz4h42g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-975102964
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 18:43:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69385
x-xss-protection
0
last-modified
Sat, 20 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 May 2023 18:43:15 GMT
utag.1507.js
tags.tiqcdn.com/utag/uber/main/prod/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.1507.js?utv=ut4.48.202305171824
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
0zRKs0bAOt3.PygvdwK1_02TkNoLsBUN
content-encoding
br
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
date
Sat, 20 May 2023 18:42:44 GMT
last-modified
Wed, 17 May 2023 18:25:54 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
44
x-amz-server-side-encryption
AES256
etag
W/"9e63d623bb772acd9cba14ecd05e4c83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
qIDTTXn0z1MoO_Ki13d0omDz65zUXWhjFCTdRyCqiXlN71divaaeDg==
utag.1508.js
tags.tiqcdn.com/utag/uber/main/prod/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.1508.js?utv=ut4.48.202305171824
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
XVhrBI9Xx.phUK_lJGdjWuHIfSs.DYqD
content-encoding
gzip
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
date
Sat, 20 May 2023 18:41:36 GMT
last-modified
Wed, 17 May 2023 18:26:00 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
99
x-amz-server-side-encryption
AES256
etag
W/"8233aa1d5c27b57940b5e7d9be275e17"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
4KjW343dFuvwf1ga3Gzz7sHkcnixnKe3IumGQcBFYWppwMpUitCLJA==
utag.1509.js
tags.tiqcdn.com/utag/uber/main/prod/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.1509.js?utv=ut4.48.202305171824
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
YUJMTyTO8uxnC4gRGwvEt8Er.6HUdaNZ
content-encoding
br
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
date
Sat, 20 May 2023 18:38:50 GMT
last-modified
Wed, 17 May 2023 18:25:59 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
266
x-amz-server-side-encryption
AES256
etag
W/"c2f235ee4c16739e048a45c8cb6e2b30"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
RNaT0YpXELFtbrBZAlL1GOTwUWQL3hY6HIcHdtzpTZwG-d8JfEhypw==
utag.1555.js
tags.tiqcdn.com/utag/uber/main/prod/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.1555.js?utv=ut4.48.202305171824
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
xoyTjSAwbxDG_RFmwLm8TfXi3_2p4NuV
content-encoding
br
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
date
Sat, 20 May 2023 18:38:50 GMT
last-modified
Wed, 17 May 2023 18:26:03 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
266
x-amz-server-side-encryption
AES256
etag
W/"df5a992ed9ea11218083eb23eb5bc4f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
zYTjuhTGr8YpFHgRczelZI93Pfwi_BetQVdfUuQFTxFM05MyA-i-aA==
utag.1786.js
tags.tiqcdn.com/utag/uber/main/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.1786.js?utv=ut4.48.202305171824
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244f:400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
h.sfOTOH4JrUophMLy.CMVmH.calE3WQ
content-encoding
br
via
1.1 e47c282d2c53705a367f9e376a2eab28.cloudfront.net (CloudFront)
date
Sat, 20 May 2023 18:42:44 GMT
last-modified
Wed, 17 May 2023 18:25:51 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
44
x-amz-server-side-encryption
AES256
etag
W/"0fcbf8553b47f1855ab47b77d0466f24"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
H2rH70xd18NEuuTe3MmDzGLABmIxRSPjUdfiA_auJmxwOqsaFfGPaw==
Primary Request /
auth.uber.com/v2/
Redirect Chain
  • https://biz.uber.com/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7...
  • https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%2...
142 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-employee/client-main-4050bb1647faf7b8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
0fdb966718d30b821c5b0de812956b147d91721ba5cb07fa254bd72a7c9e46e0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' https://accounts.google.com 'self' https://staticxx.facebook.com 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; worker-src 'self'; child-src 'self'; connect-src 'self' https://cn-geo1.uber.com https://accounts.google.com https://*.cdn-net.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-0b15a58d-fb5e-4769-8ca4-ddceeaf18a2f' https://accounts.google.com 'self' https://apis.google.com 'self' 'unsafe-eval' https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'self' https://connect.facebook.net/en_US/sdk.js 'self' https://js.braintreegateway.com/v1/braintree.js https://*.cdn-net.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://accounts.google.com; report-uri https://csp.uber.com/csp?a=arch-web&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://biz.uber.com/public/confirm/L6U9V7LG?action=redeem-employee-invite&confirmation_token=L6U9V7LG&decentralized=true&organization_name=Grant%20Thornton&show_pp=true&show_tier_disclaimer=false&uuid=b7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&source_id=email&utm_medium=email&utm_campaign=U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4&utm_source=ET&signature_expiry=1684608792&signature=66ff422de8d6ada71398c3e00fb7d60f1d910e2e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0
content-encoding
gzip
content-security-policy
block-all-mixed-content; frame-src 'self' https://accounts.google.com 'self' https://staticxx.facebook.com 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; worker-src 'self'; child-src 'self'; connect-src 'self' https://cn-geo1.uber.com https://accounts.google.com https://*.cdn-net.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-0b15a58d-fb5e-4769-8ca4-ddceeaf18a2f' https://accounts.google.com 'self' https://apis.google.com 'self' 'unsafe-eval' https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'self' https://connect.facebook.net/en_US/sdk.js 'self' https://js.braintreegateway.com/v1/braintree.js https://*.cdn-net.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://accounts.google.com; report-uri https://csp.uber.com/csp?a=arch-web&ro=false
content-type
text/html; charset=utf-8
date
Sat, 20 May 2023 18:43:15 GMT
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
104
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca8:w:218103829
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0
content-encoding
br
content-type
text/html
date
Sat, 20 May 2023 18:43:15 GMT
location
https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca24:w:251658250
x-xss-protection
1; mode=block
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/975102964/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975102964/?random=1684608195067&cv=11&fst=1684608195067&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbiz.uber.com%2Fpublic%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2520Thornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537%26source_id%3Demail%26utm_medium%3Demail%26utm_campaign%3DU4B_%2520Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_source%3DET%26signature_expiry%3D1684608792%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e&hn=www.googleadservices.com&frm=0&tiba=Uber&did=dYmQxMT&gdid=dYmQxMT&auid=279843047.1684608195&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975102964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 18:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1601
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-5731039&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975102964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 18:43:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48434
x-xss-protection
0
last-modified
Sat, 20 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 May 2023 18:43:15 GMT
js
www.googletagmanager.com/gtag/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8617315&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975102964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 18:43:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48461
x-xss-protection
0
last-modified
Sat, 20 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 May 2023 18:43:15 GMT
js
www.googletagmanager.com/gtag/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8183467&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975102964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 18:43:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48459
x-xss-protection
0
last-modified
Sat, 20 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 May 2023 18:43:15 GMT
js
www.googletagmanager.com/gtag/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-5154911&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975102964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 18:43:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48459
x-xss-protection
0
last-modified
Sat, 20 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 May 2023 18:43:15 GMT
js
www.googletagmanager.com/gtag/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-303996578&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975102964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 18:43:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68259
x-xss-protection
0
last-modified
Sat, 20 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 May 2023 18:43:15 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/303996578/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/303996578/?random=1684608195161&cv=11&fst=1684608195161&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbiz.uber.com%2Fpublic%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2520Thornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537%26source_id%3Demail%26utm_medium%3Demail%26utm_campaign%3DU4B_%2520Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_source%3DET%26signature_expiry%3D1684608792%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e&hn=www.googleadservices.com&frm=0&tiba=Uber&did=dYmQxMT&gdid=dYmQxMT&auid=279843047.1684608195&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-303996578&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 18:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1485
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11154393707/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11154393707/?random=1684608195171&cv=11&fst=1684608195171&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbiz.uber.com%2Fpublic%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2520Thornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537%26source_id%3Demail%26utm_medium%3Demail%26utm_campaign%3DU4B_%2520Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_source%3DET%26signature_expiry%3D1684608792%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e&hn=www.googleadservices.com&frm=0&tiba=Uber&did=dYmQxMT&gdid=dYmQxMT&auid=279843047.1684608195&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-303996578&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 18:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1602
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/975102964/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/975102964/?random=1684608195067&cv=11&fst=1684605600000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbiz.uber.com%2Fpublic%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2520Thornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537%26source_id%3Demail%26utm_medium%3Demail%26utm_campaign%3DU4B_%2520Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_source%3DET%26signature_expiry%3D1684608792%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2460205226&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 18:43:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/975102964/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/975102964/?random=1684608195067&cv=11&fst=1684605600000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbiz.uber.com%2Fpublic%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2520Thornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537%26source_id%3Demail%26utm_medium%3Demail%26utm_campaign%3DU4B_%2520Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_source%3DET%26signature_expiry%3D1684608792%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2460205226&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 18:43:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11154393707/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11154393707/?random=1684608195171&cv=11&fst=1684605600000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbiz.uber.com%2Fpublic%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2520Thornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537%26source_id%3Demail%26utm_medium%3Demail%26utm_campaign%3DU4B_%2520Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_source%3DET%26signature_expiry%3D1684608792%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4158478386&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 18:43:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11154393707/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11154393707/?random=1684608195171&cv=11&fst=1684605600000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbiz.uber.com%2Fpublic%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2520Thornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537%26source_id%3Demail%26utm_medium%3Demail%26utm_campaign%3DU4B_%2520Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_source%3DET%26signature_expiry%3D1684608792%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4158478386&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 18:43:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/303996578/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/303996578/?random=1684608195161&cv=11&fst=1684605600000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbiz.uber.com%2Fpublic%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2520Thornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537%26source_id%3Demail%26utm_medium%3Demail%26utm_campaign%3DU4B_%2520Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_source%3DET%26signature_expiry%3D1684608792%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=93278928&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 18:43:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/303996578/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/303996578/?random=1684608195161&cv=11&fst=1684605600000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbiz.uber.com%2Fpublic%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2520Thornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537%26source_id%3Demail%26utm_medium%3Demail%26utm_campaign%3DU4B_%2520Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_source%3DET%26signature_expiry%3D1684608792%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e&frm=0&tiba=Uber&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=93278928&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 18:43:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
logx.optimizely.com/v1/ 		0
0
_events
biz.uber.com/ 		0
0
/
api-js.mixpanel.com/track/ 		0
0
client-main-c759d6e926307200.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		320 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-c759d6e926307200.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
2e42bded2208310d16c0157947dd2068fcbdcfc063ff484139f8e9850c7fade1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 14:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
189616
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
140
content-length
82043
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 07:34:03 GMT
server
ufe
etag
"a564a7e3b6068c07ef9b7b024f49591d"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
Mq7WMKuKyFDIMTXj8kvUvTEJLv4OhaKqspKZO8TbvhSLyYCoEn_rsA==
x-uber-edge
e4-dca24:w:184549391
client-vendor-react-a32c6f00952bb2ba.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		240 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-react-a32c6f00952bb2ba.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
c66f99577df6778cbf3943ba4803a5e7f42d6e13d8eeea0381e022a99ad37c7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 15 May 2023 17:25:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
436676
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
166
x-xss-protection
1; mode=block
last-modified
Thu, 11 May 2023 16:35:30 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
CEBIO5faYz2gjTTJTUGdaZsmNgU0ebuDGcQrbu7h_RSfuSMOoYe2FQ==
x-uber-edge
e4-dca18:w:67108877
client-vendor-fusion-3fb85297b573fa76.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-fusion-3fb85297b573fa76.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
fac5231044eec952b36a74b32b91f01e7fcd471627cb9489f373506572a874fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:41:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
140523
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 07:34:08 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
2ukZkcaTlQGmXsP8oAdKybTcPZnlhBykjVQo22XZ0wKZNI4o9FrXLw==
x-uber-edge
e4-dca11:w:50331668
client-8298-8faae9858c9b3228.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-8298-8faae9858c9b3228.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
d012aba2b36c97d5e7ce4f54194e86953baf1a82f193fdb392edd18001af2a8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 15 May 2023 17:25:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
436676
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
3
x-xss-protection
1; mode=block
last-modified
Thu, 11 May 2023 16:35:30 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
e72xPBRRqU_xWqCCXWG7PsSR5H7U33pSvqP3BdVangr55PVakqtAjQ==
x-uber-edge
e4-dca18:w:67108883
client-2918-efe7152cc6e4380c.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-2918-efe7152cc6e4380c.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
b4369b050cd3000bb85c1b3cff8e033a6910af4d312d15e1b7d7573031b65ae7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 19:32:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
169830
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
3
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 07:34:08 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
AJwL4Pb1savHevK_KtvlTG1yHtCtcE2nx51QMWRfRdLIwS7LLWu2AA==
x-uber-edge
e4-dca23:w:134217737
client-3107-4bf8d5a6e0ee3389.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-3107-4bf8d5a6e0ee3389.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
46c4e6603a3f070a9ee058910fcb28555b1cbb8b04cf53e1cc39a5680e4dc271
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 14:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
189615
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
132
content-length
3889
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 07:34:03 GMT
server
ufe
etag
"698a82398d5d22722b748513b84a407a"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
Kp9ynzWBJm4cclRaYshDIryKT25HAGQghTTDZvWYbRi0jGrL64vnvQ==
x-uber-edge
e4-dca8:w:150994957
client-4199-802220356d18a783.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-4199-802220356d18a783.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
ba7232eca5ec477b13ca936703536c4ba730c8a684d5a39a9673bd9e25cc062d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 14:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
189615
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
89
content-length
15305
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 07:34:03 GMT
server
ufe
etag
"0ad35c3772b407bb3687c36774afeb4a"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
Wa0kJNq_1IchqcpqwZ9Fq6QzADhTBp3Prf-dAduneMhES2LsWLyP1Q==
x-uber-edge
e4-dca23:w:33554456
client-6065-0a1d69da5d9a2804.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-6065-0a1d69da5d9a2804.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
4cc518d65971b5585a816d30d86933c02c1e46259a4b0f5e0962487c0e64d750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 14:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
189615
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
91
content-length
9687
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 07:34:03 GMT
server
ufe
etag
"09138902751bb60afcbbd5fe10d7ff87"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
3MmdVnckeOVoa-emC8fCz3MnfZSX838ypeGdPxRVuUdkKCbmCK9YPA==
x-uber-edge
e4-dca24:w:251658249
client-614-ce5becc173c3e1a4.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-614-ce5becc173c3e1a4.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
80f70084e98b71b97aa30db66ac1251b703ba0d8f0aef93273eca425f7876d69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:56:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
269185
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
826
x-xss-protection
1; mode=block
last-modified
Tue, 16 May 2023 19:01:40 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
mcRlyZul7YyGNboHbHCAYN3Bn9b_BVMyurp9xpPLyD-fnVxYHiY8EQ==
x-uber-edge
e4-dca20:w:16777216
client-7492-3eb5c8e27277b247.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-7492-3eb5c8e27277b247.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
fa7c4c032de4c2e33695f3641222b3eea35a5f75194d2db4df04766283e1aab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:51:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
679915
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
last-modified
Thu, 11 May 2023 16:35:30 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
LikJexVhR6WgOivgWy6T0bejxWGWp92LwMOxPspeIzsZ85fOcLENLQ==
x-uber-edge
e4-dca18:w:385875976
client-9275-a6d0d1ead11d9b25.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-9275-a6d0d1ead11d9b25.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
5efb9f4ea0af7fae8a3907843b53aee36b8476b966ba4b5ccde6389b49ad7937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 14:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
189615
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
93
content-length
3116
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 07:34:03 GMT
server
ufe
etag
"3bf8dea263335349d7578348575555dd"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
CFEfDjLJM7iPlxvCrrESVFwqnqJ4-QfcZDUfGoW_aKGAM0J0eBCZtg==
x-uber-edge
e4-dca23:w:33554456
client-runtime-d72efb8d99b58d1b.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-runtime-d72efb8d99b58d1b.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
23eb3d499f3ac795096811994c3e3200767f507affca9641d22a81b28c220537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 14:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
189615
x-cache
Hit from cloudfront
x-amz-meta-content-encoding
gzip
x-tb-source
terrablob
x-envoy-upstream-service-time
82
content-length
2745
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 07:34:04 GMT
server
ufe
etag
"5ae18536ce0cf9dbcc1fe88b9b1a820f"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
QQiP5VDLe8QeoBsi3VG2qqDdvMGUqdwUxmos05qnqCKxVnwm4jbMkA==
x-uber-edge
e4-dca24:w:251658258
816252b1ce5a5050.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/816252b1ce5a5050.woff2
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
4927e04442677656c87e761f24d15f970516a75a88096536426a5c9325ef5ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 May 2023 04:58:01 GMT
x-content-type-options
nosniff
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
497645
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
4
content-length
32596
x-xss-protection
1; mode=block
last-modified
Thu, 11 May 2023 16:35:30 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
olcAA5VfjfCPN2n7OIyl0PRSGXOrj2FfdDBbC7m2DKJmbSVVedYbqw==
x-uber-edge
e4-dca11:w:100663310
df4998612acf89b1.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/df4998612acf89b1.woff2
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
3576315cd3d7d61ebb88904b9ecc12d4c71068753e90813efc628e8574255c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 14 May 2023 05:54:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
564528
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
4
content-length
26584
x-xss-protection
1; mode=block
last-modified
Thu, 11 May 2023 16:35:30 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
600YIgYBbK6kr0lVLoeXVpsPkDIy2qqBJxGYzRVqphKJDWbjCkwCgg==
x-uber-edge
e4-dca24:w:251658246
cf91dd9830a4bf06.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/cf91dd9830a4bf06.woff2
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-40.cdg50.r.cloudfront.net
Software
ufe /
Resource Hash
e47350f76dfe82a97ab9d7104741da2fe4a96d1a63cd0599e095af351feff0a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 06:47:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 e36c32cacca3348932522b77d9a47dca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
age
129370
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
4
content-length
27332
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 07:34:08 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
sMwBsxmBqJBtfU7IEa4dNT06ZOLvIeCAcnaCYsshsSi03GBLF4qwuQ==
x-uber-edge
e4-dca18:w:67108870
_events
auth.uber.com/v2/ 		2 B
206 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_events
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-c759d6e926307200.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
x-csrf-token
x
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
application/json

Response headers

date
Sat, 20 May 2023 18:43:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
86
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca23:w:134217738
cc.js
www.cdn-net.com/ 		42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn-net.com/cc.js
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-8298-8faae9858c9b3228.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.231.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-231-7.cdg3.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
8564c332c4c38a2607ef2909faa6b1d517d4bd1c546b62aff1f54ae5d4be18b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 18:43:15 GMT
Via
1.1 a943a1ebb8e2c8c07b4f4bd42d6d0d2a.cloudfront.net (CloudFront)
Server
openresty/1.21.4.1
X-Amz-Cf-Pop
CDG3-C1
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Cache-Control
private, no-cache, proxy-revalidate
X-IA-Request-ID
948b581150626fae576434fb06392454
Connection
keep-alive
Content-Length
43061
X-Amz-Cf-Id
R1SKa60YDTKlIh1WCvH0YJawI_SPU8dwNQ41PsJdBSN2_nc9s-IOSA==
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-c759d6e926307200.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.23.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-23-137.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Sat, 20 May 2023 18:43:15 GMT
Last-Modified
Fri, 19 May 2023 06:22:21 GMT
Server
Apple
ETag
W/"42671-1684477341510"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17247
6.js
six.cdn-net.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://six.cdn-net.com/6.js
Requested by
Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d1c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
1ef3a7438ce8c7fd311cde0de11f1437df356df4d7bfe4ecd21f5a1427cddc2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 18:43:15 GMT
cache-control
no-cache, no-store, max-age=0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1055
content-type
application/javascript
et.js
www.cdn-net.com/ 		98 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn-net.com/et.js
Requested by
Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.231.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-231-7.cdg3.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
00a119fad5faafcfe56deb02e4cf2c8a84940b3bca6cb9b752b899fbb26624d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sat, 20 May 2023 18:43:15 GMT
Via
1.1 a943a1ebb8e2c8c07b4f4bd42d6d0d2a.cloudfront.net (CloudFront)
Server
openresty/1.21.4.1
X-Amz-Cf-Pop
CDG3-C1
ETag
"MGI0ZmIxNGEtNmMzZi00ZWNmLWE4YzQtOTZlYzI3M2I5MjA0OjE2ODQ2MDgxOTU4NDM"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
X-IA-Request-ID
b12c49d900ca4f0364888cc648571a7c
Connection
keep-alive
Content-Length
98
X-Amz-Cf-Id
32D4tpspkYPbOaAwF39gRNBTjyO4JnKv-FFmRjLSRDK-NFaGT4QisQ==
udi-meta
auth.uber.com/v2/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/udi-meta
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-c759d6e926307200.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
x-csrf-token
x
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
application/json

Response headers

date
Sat, 20 May 2023 18:43:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
cache-control
max-age=0
x-envoy-upstream-service-time
252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
x-uber-edge
e4-dca24:w:184549386
_events
auth.uber.com/v2/ 		2 B
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_events
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-c759d6e926307200.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 20 May 2023 18:43:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
87
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca22:w:352321552
_events
auth.uber.com/v2/ 		2 B
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_events
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-c759d6e926307200.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?breeze_local_zone=dca22&next_url=https%3A%2F%2Fbiz.uber.com%2Fconfirm%2FL6U9V7LG%3Faction%3Dredeem-employee-invite%26confirmation_token%3DL6U9V7LG%26decentralized%3Dtrue%26organization_name%3DGrant%2BThornton%26show_pp%3Dtrue%26show_tier_disclaimer%3Dfalse%26signature%3D66ff422de8d6ada71398c3e00fb7d60f1d910e2e%26signature_expiry%3D1684608792%26source_id%3Demail%26utm_campaign%3DU4B_%2BEmployee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%26utm_medium%3Demail%26utm_source%3DET%26uuid%3Db7ef6cca-8e35-4ec2-aa9a-d34ecc23f537&state=4Yy12WQzFWInyVuWO5_D9KijYWtyLiZ1_grqobg7Hrk%3D
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 20 May 2023 18:43:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
514
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca23:w:33554432

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csp.uber.com
URL
https://csp.uber.com/csp?a=web-employee&ro=false
Domain
logx.optimizely.com
URL
https://logx.optimizely.com/v1/events
Domain
biz.uber.com
URL
https://biz.uber.com/_events
Domain
api-js.mixpanel.com
URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1684608195360

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| __ROUTE_PREFIX__ string| __FUSION_ASSET_PATH__ string| __NONCE__ object| webpackChunkFusion function| clearImmediate function| setImmediate object| _cc object| AppleID number| script_loaded_time object| collector object| inauthNamespace string| collectorNamespaceName object| __DEFAULT_NAMESPACE

21 Cookies

Domain/Path Name / Value
biz.uber.com/ Name: _ua
Value: {"session_id":"56f54931-3b63-4303-abf1-dd7bfa00b853","session_time_ms":1684608192312}
.uber.com/ Name: optimizelyEndUserId
Value: oeu1684608194323r0.17978563081890986
.uber.com/ Name: segmentCookie
Value: a
.uber.com/ Name: utag_geo_code
Value: US
.uber.com/ Name: CONSENTMGR
Value: c1:1%7Cc2:1%7Cc3:1%7Cc4:1%7Cc5:1%7Cc6:1%7Cc7:1%7Cc8:1%7Cc9:1%7Cc10:1%7Cc11:1%7Cc12:1%7Cc13:1%7Cc14:1%7Cc15:1%7Cts:1684608194922%7Cconsent:true
.uber.com/ Name: mp_adec770be288b16d9008c964acfba5c2_mixpanel
Value: %7B%22distinct_id%22%3A%20%221883a791974bf9-085d8bf451ccc8-653a5755-1d4c00-1883a791975caa%22%2C%22%24device_id%22%3A%20%221883a791974bf9-085d8bf451ccc8-653a5755-1d4c00-1883a791975caa%22%2C%22utm_source%22%3A%20%22ET%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.uber.com/ Name: utag_main
Value: v_id:01883a79192f00224d97bb684b1e0307401cc06c00b08$_sn:1$_se:2$_ss:0$_st:1684609994939$ses_id:1684608194863%3Bexp-session$_pn:1%3Bexp-session$utm_campaign:U4B_%20Employee_onboarding_global_refresh_EM3_General_v1_Month_1_Reminder_1_group4%3Bexp-1687027394940$utmsource:ET%3Bexp-1687027394946$utmmedium:email%3Bexp-1687027394947$segment:a$optimizely_segment:a
biz.uber.com/ Name: jwt-session
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2ODQ2MDgxOTIsImRhdGEiOnsidG9rZW4tcmVkZWVtIjp7Im9yZ2FuaXphdGlvblVVSUQiOiI1YzQ1ZGFlOC1lZmNlLTQ2M2ItODAwOC02MDY0YmMwNmU4NTAiLCJvcmdhbml6YXRpb25Eb21haW4iOiJ1cy5ndC5jb20iLCJlbXBsb3llZVV1aWQiOiJiN2VmNmNjYS04ZTM1LTRlYzItYWE5YS1kMzRlY2MyM2Y1MzciLCJncm91cFV1aWQiOiIiLCJpc0RlY2VudHJhbGl6ZWQiOnRydWUsImlzUmVkZWVtZWQiOmZhbHNlLCJyZWRlZW1PbmNlIjpmYWxzZSwicmVxdWlyZXNSZXZpZXciOnRydWUsImNhbGxiYWNrVHlwZSI6IkVNQUlMX0NPTkZJUk1BVElPTiIsInJlZGlyZWN0VVJMIjpudWxsLCJyZXF1aXJlc0F1dGgiOnRydWV9fSwiZXhwIjoxNjg0Njk0NTkyfQ.CSkdK_g8r-ZwVRxrj1lAXg7EN9kyfg0-YP7Prm5t2vI
.uber.com/ Name: _gcl_au
Value: 1.1.279843047.1684608195
.biz.uber.com/ Name: state
Value: JF0333C63bI0EH.1684609095102.DFtOLXJH/9AXOoEGwVo+ehIyG/EgjyBkNFRC/ckXE/Q=
.uber.com/ Name: usl_rollout_id
Value: 34a0887c-eb74-4332-9cb8-2ef54dc24dd9
.doubleclick.net/ Name: IDE
Value: AHWqTUnbzIIbiOA25VN5BH6kMyqReZmbIjoujyNpKcw4H4oqCqkUxYpEM3-BSq-K
auth.uber.com/ Name: _ua
Value: {"session_id":"b68126f5-257a-404f-bd33-492d4229b944","session_time_ms":1684608195282}
.uber.com/ Name: marketing_vistor_id
Value: ad5e756a-9aa8-45c7-be6d-14dadfcfee49
.uber.com/ Name: x-uber-analytics-session-id
Value: 1e97d582-0fc0-469b-aaaa-b5e4e076cc59
auth.uber.com/ Name: udi-id
Value: xBL8WiVc3XfcHJAl4fnddb9E3rq5+I3NAqDsqMp/+swq2Y7S0C7U+UYa5gCxn94thHa1V90P2fMa0W72Mrhyf1Ef3yxw+jbBqCgqtzf3ZQ/ixvXN+wNt7Yj8TJrefF/Y1n/3AtnUM80/XlUgYZFtt1YE3v1JbMWiBMNuN+c+rXtL4/8ry/SdoujROn8OPsIvQd9I/RL3AoOg0tm6eG5unQ==qVDWYOXoKGRA+yHJL2R2wA==eT8WkkCX2F5mDF2ajFy9hSTkF03EPaSja7FHuFQ6ZcQ=
auth.uber.com/ Name: jwt-session
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2ODQ2MDgxOTUsImV4cCI6MTY4NDY5NDU5NX0.R-9QqU2gfGJytdSoeJUC39idOZrCDhbNNwHLoc3OQ7U
www.cdn-net.com/ Name: _cc-x
Value: MWM0YTljZDYtMTExYS00MThkLTk0MDEtM2E4MTcxMmMzNGIzOjE2ODQ2MDgxOTU3MTE
auth.uber.com/ Name: _cc
Value: AQHAK5MFO7Nled%2BHnzQc9wGk
auth.uber.com/ Name: _cid_cc
Value: AQHAK5MFO7Nled%2BHnzQc9wGk
auth.uber.com/ Name: udi-fingerprint
Value: /p1fLs017QeeAKkJu0o8EPa/U3tV1vNLoP+EV5+ypeq27p7C3MD1N+bvhltZPaCeSTsb2PvGY78g/gf+Jio0FQ==x5nq3kDd1mdOlKNq4SyMHx5guwejiYL7ibhzs0dlbT4=

1 Console Messages

Source Level URL
Text
security error URL: https://tags.tiqcdn.com/utag/uber/main/prod/utag.js(Line 140)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-d894579d-fc33-4d6d-9ea2-ba7dd0b8238d' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://www.googletagmanager.com". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self' blob: 'self' blob: https://*.mapbox.com; child-src 'self' blob: 'self' blob: https://*.mapbox.com bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' https://dyguxp1m9tbrw.cloudfront.net https://u-vsm.tmobiapi.com https://maps.googleapis.com https://www.gstatic.com https://*.mapbox.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-d894579d-fc33-4d6d-9ea2-ba7dd0b8238d' https://snap.licdn.com 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://api.tiles.mapbox.com https://fonts.googleapis.com https://api.tiles.mapbox.com; report-uri https://csp.uber.com/csp?a=web-employee&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a745050198.cdn.optimizely.com
api-js.mixpanel.com
appleid.cdn-apple.com
auth.uber.com
biz.uber.com
cdn.optimizely.com
click.et.uber.com
connect.facebook.net
csp.uber.com
d3i4yxtzktqr9n.cloudfront.net
googleads.g.doubleclick.net
logx.optimizely.com
six.cdn-net.com
tags.tiqcdn.com
www.cdn-net.com
www.google.com
www.google.de
www.googletagmanager.com
api-js.mixpanel.com
biz.uber.com
csp.uber.com
logx.optimizely.com
104.102.23.137
104.36.192.148
143.204.231.7
198.245.92.61
23.215.22.209
2600:1901:0:d1c::
2600:9000:244f:400:7:2bfb:7c00:93a1
2a00:1450:4001:811::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a02:26f0:480:5b0::13b8
2a03:2880:f084:d:face:b00c:0:3
34.98.127.226
52.222.196.40
00a119fad5faafcfe56deb02e4cf2c8a84940b3bca6cb9b752b899fbb26624d4
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0ba42888b81195edfb7b2dafbdd9f3613a0553055fd33559b73a4f9bb530d4ac
0fdb966718d30b821c5b0de812956b147d91721ba5cb07fa254bd72a7c9e46e0
14aa919d988307dcd681c2b6dd3c544ea50ff079bf5b68a8e98f9ef2013e5a77
1a02632860ac1882139e2ca8c7c6f6986d1816cfecc9482db63c1922934e6e24
1ef3a7438ce8c7fd311cde0de11f1437df356df4d7bfe4ecd21f5a1427cddc2e
23eb3d499f3ac795096811994c3e3200767f507affca9641d22a81b28c220537
2e42bded2208310d16c0157947dd2068fcbdcfc063ff484139f8e9850c7fade1
3576315cd3d7d61ebb88904b9ecc12d4c71068753e90813efc628e8574255c5c
36093b0eace3eea2dceb31ff9d863ce1f29f33bcda4f1198df56864cc8c1fc45
46c4e6603a3f070a9ee058910fcb28555b1cbb8b04cf53e1cc39a5680e4dc271
4927e04442677656c87e761f24d15f970516a75a88096536426a5c9325ef5ca6
4b45e0cdba61e5d00bef1dc95fabe543a8e8ef8be342bce0477f729d80238c65
4cc518d65971b5585a816d30d86933c02c1e46259a4b0f5e0962487c0e64d750
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5efb9f4ea0af7fae8a3907843b53aee36b8476b966ba4b5ccde6389b49ad7937
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
7093e310f0c6f4c5718c4907585af9c83f8cab468cc6166bcf00a3a02822f2a9
80f70084e98b71b97aa30db66ac1251b703ba0d8f0aef93273eca425f7876d69
8564c332c4c38a2607ef2909faa6b1d517d4bd1c546b62aff1f54ae5d4be18b3
9ad0d5b942e6ac6cb0e14c417b2a3b9536c8c6b11bc6d2c8bb7af552fe87a307
b4369b050cd3000bb85c1b3cff8e033a6910af4d312d15e1b7d7573031b65ae7
ba7232eca5ec477b13ca936703536c4ba730c8a684d5a39a9673bd9e25cc062d
c66f99577df6778cbf3943ba4803a5e7f42d6e13d8eeea0381e022a99ad37c7a
d012aba2b36c97d5e7ce4f54194e86953baf1a82f193fdb392edd18001af2a8e
e47350f76dfe82a97ab9d7104741da2fe4a96d1a63cd0599e095af351feff0a8
ec77888f4e93a7dec9f57ca50bb448f2b9a9b4da7732d607479aaf88b4c9f788
fa7c4c032de4c2e33695f3641222b3eea35a5f75194d2db4df04766283e1aab9
fac5231044eec952b36a74b32b91f01e7fcd471627cb9489f373506572a874fd