urlscan.io logo urlscan.io
SecurityTrails logo

vouchers.uber.com Open in urlscan Pro
34.98.127.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r.uber.com/rhsoUYe76ZB
Effective URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Submission: On November 02 via api from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 53 HTTP transactions. The main IP is 34.98.127.226, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is vouchers.uber.com. The Cisco Umbrella rank of the primary domain is 391328.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 2nd 2023. Valid for: a year.
This is the only time vouchers.uber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    104.36.192.148 (Ashburn, United States)

ASN63086 (UBER-PROD, US)
r.uber.com
csp.uber.com
4    34.98.127.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.127.98.34.bc.googleusercontent.com
vouchers.uber.com
auth.uber.com
12    13.224.194.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-25.fra2.r.cloudfront.net
d3i4yxtzktqr9n.cloudfront.net
4    2600:9000:225e:ea00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    108.138.26.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-108.fra56.r.cloudfront.net
api.mapbox.com
5    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
12 cloudfront.net
d3i4yxtzktqr9n.cloudfront.net
2 MB
10 uber.com
r.uber.com
vouchers.uber.com — Cisco Umbrella Rank: 391328
csp.uber.com — Cisco Umbrella Rank: 23932
auth.uber.com — Cisco Umbrella Rank: 39773 Failed
58 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
24 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1253
86 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 366
14 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
232 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
216 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 778
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
562 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
2 KB
1 mapbox.com
api.mapbox.com — Cisco Umbrella Rank: 4006
11 KB
0 linkedin.com Failed
px.ads.linkedin.com — Cisco Umbrella Rank: 377 Failed
0 criteo.com Failed
dynamic.criteo.com Failed
0 google.de Failed
www.google.de Failed
53 15
Domain Requested by
12 d3i4yxtzktqr9n.cloudfront.net vouchers.uber.com
5 www.google-analytics.com tags.tiqcdn.com
www.google-analytics.com
5 csp.uber.com vouchers.uber.com
d3i4yxtzktqr9n.cloudfront.net
tags.tiqcdn.com
4 tags.tiqcdn.com vouchers.uber.com
tags.tiqcdn.com
3 bat.bing.com tags.tiqcdn.com
bat.bing.com
3 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
3 vouchers.uber.com d3i4yxtzktqr9n.cloudfront.net
2 www.facebook.com
2 snap.licdn.com tags.tiqcdn.com
snap.licdn.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 www.google.com vouchers.uber.com
1 region1.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 auth.uber.com
1 stats.g.doubleclick.net www.google-analytics.com
1 api.mapbox.com vouchers.uber.com
1 r.uber.com 1 redirects
0 px.ads.linkedin.com Failed
0 dynamic.criteo.com Failed tags.tiqcdn.com
0 www.google.de Failed vouchers.uber.com
53 20

This site contains links to these domains. Also see Links.

Domain
www.uber.com
Subject Issuer Validity Valid
*.uber.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-02 -
2024-07-31		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
api.mapbox.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-04		 10 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-11 -
2023-11-09		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://vouchers.uber.com/c/rhsoUYe76ZB
Frame ID: ED4DCF629C3865889178B9B49E87F72B
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uber VoucherClipboard

Page URL History Show full URLs

  1. https://r.uber.com/rhsoUYe76ZB HTTP 301
    https://vouchers.uber.com/c/rhsoUYe76ZB Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mapbox-gl.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

53
Requests

91 %
HTTPS

73 %
IPv6

15
Domains

20
Subdomains

16
IPs

3
Countries

2208 kB
Transfer

8730 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r.uber.com/rhsoUYe76ZB HTTP 301
    https://vouchers.uber.com/c/rhsoUYe76ZB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://vouchers.uber.com/_track HTTP 302
  • https://auth.uber.com/v2/?breeze_local_zone=dca50&next_url=https%3A%2F%2Fvouchers.uber.com%2F_track&state=-pAHYD6on75nO-ITAJCIZWdBaMYs14fTxcysFpTGL9k%3D
Request Chain 41
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=69483&time=1698913021562&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=69483&time=1698913021562&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D69483%26time%3D1698913021562%26url%3Dhttps%253A%252F%252Fvouchers.uber.com%252Fc%252FrhsoUYe76ZB%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=69483&time=1698913021562&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&cookiesTest=true&liSync=true

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request rhsoUYe76ZB
vouchers.uber.com/c/
Redirect Chain
  • https://r.uber.com/rhsoUYe76ZB
  • https://vouchers.uber.com/c/rhsoUYe76ZB
230 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
c0951861e97b07759f93717fb0675c4421598bf778a348de097650b002ce747f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-src https://payments.uber.com https://payments-staging.uber.com https://auth.uber.com https://help.uber.com *.hotjar.com *.doubleclick.net https://survey.uber.com https://docs.google.com; worker-src 'self' blob: *.mapbox.com; child-src 'self' blob: *.mapbox.com; connect-src 'self' auth.uber.com http://localhost:3000 *.demdex.net *.doubleclick.net *.facebook.com *.googletagmanager.com *.google-analytics.com *.google.com *.tags.tiqcdn.com *.qualtrics.com *.utag.com *.mapbox.com *.clarity.ms https://613-qph-162.mktoresp.com https://s.yimg.com https://d3dt5tsgfu6lcf.cloudfront.net https://dyguxp1m9tbrw.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://edge.fullstory.com https://rs.fullstory.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' *.hotjar.com *.outbrain.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.terminus.services *.clarity.ms *.doubleclick.net https://connect.facebook.net https://munchkin.marketo.net https://s.yimg.com https://bat.bing.com https://snap.licdn.com https://sp.analytics.yahoo.com https://tags.tiqcdn.com https://edge.fullstory.com https://rs.fullstory.com https://d3i4yxtzktqr9n.cloudfront.net; style-src 'self' 'unsafe-inline' https://d3dt5tsgfu6lcf.cloudfront.net https://dyguxp1m9tbrw.cloudfront.net *.mapbox.com https://d3i4yxtzktqr9n.cloudfront.net; img-src 'self' data: blob: *.demdex.net *.doubleclick.net *.everesttech.net *.facebook.com *.google.com *.google-analytics.com *.linkedin.com *.outbrain.com *.twitter.com *.yahoo.com https://d3i4yxtzktqr9n.cloudfront.net https://bat.bing.com https://p.adsymptotic.com https://rs.fullstory.com; report-uri https://csp.uber.com/csp?a=web-vouchers&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0
content-encoding
gzip
content-security-policy
block-all-mixed-content; frame-src https://payments.uber.com https://payments-staging.uber.com https://auth.uber.com https://help.uber.com *.hotjar.com *.doubleclick.net https://survey.uber.com https://docs.google.com; worker-src 'self' blob: *.mapbox.com; child-src 'self' blob: *.mapbox.com; connect-src 'self' auth.uber.com http://localhost:3000 *.demdex.net *.doubleclick.net *.facebook.com *.googletagmanager.com *.google-analytics.com *.google.com *.tags.tiqcdn.com *.qualtrics.com *.utag.com *.mapbox.com *.clarity.ms https://613-qph-162.mktoresp.com https://s.yimg.com https://d3dt5tsgfu6lcf.cloudfront.net https://dyguxp1m9tbrw.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://edge.fullstory.com https://rs.fullstory.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' *.hotjar.com *.outbrain.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.terminus.services *.clarity.ms *.doubleclick.net https://connect.facebook.net https://munchkin.marketo.net https://s.yimg.com https://bat.bing.com https://snap.licdn.com https://sp.analytics.yahoo.com https://tags.tiqcdn.com https://edge.fullstory.com https://rs.fullstory.com https://d3i4yxtzktqr9n.cloudfront.net; style-src 'self' 'unsafe-inline' https://d3dt5tsgfu6lcf.cloudfront.net https://dyguxp1m9tbrw.cloudfront.net *.mapbox.com https://d3i4yxtzktqr9n.cloudfront.net; img-src 'self' data: blob: *.demdex.net *.doubleclick.net *.everesttech.net *.facebook.com *.google.com *.google-analytics.com *.linkedin.com *.outbrain.com *.twitter.com *.yahoo.com https://d3i4yxtzktqr9n.cloudfront.net https://bat.bing.com https://p.adsymptotic.com https://rs.fullstory.com; report-uri https://csp.uber.com/csp?a=web-vouchers&ro=false
content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 08:17:00 GMT
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
156
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca22:w:251658242
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0
content-encoding
br
content-type
text/html
date
Thu, 02 Nov 2023 08:17:00 GMT
location
https://vouchers.uber.com/c/rhsoUYe76ZB
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca23:w:419430400
x-xss-protection
1; mode=block
client-main-df271ff5379752ab.js
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		2 MB
547 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/client-main-df271ff5379752ab.js
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
d4e1f91cffa1edc03a4c9d1778ab216c9ef1417931fd06a3ebb33f9b8b1b380c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
Origin
https://vouchers.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 23:12:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
32658
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
8
x-xss-protection
1; mode=block
last-modified
Wed, 01 Nov 2023 14:23:21 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
Cf2U5bfn8u-vzlOx9QQJ26wA4cJ_su7ur5GLU9n3NPHigdcrscgxGw==
x-uber-edge
e4-dca11:w:100663297
client-vendor-0c11e709c566c4cc.js
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/client-vendor-0c11e709c566c4cc.js
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
0858e39f1d3ad11d5566ec3a8660f5a7bd92683a766ea8d58d718e4af554b12e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
Origin
https://vouchers.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 23:12:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
32658
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
9
x-xss-protection
1; mode=block
last-modified
Wed, 01 Nov 2023 14:23:21 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
gI3SgofuKi-P3lTFoJ3kmwt5H4nDSn4VNd5u7VU9JKCPgPFKaWvLKw==
x-uber-edge
e4-dca23:w:419430400
client-runtime-c4e53608033dc3d9.js
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/client-runtime-c4e53608033dc3d9.js
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
b121e9edb84ee4e7c05ac0bace3edfaf1150fc5c59039bdb6eda1697581d4654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
Origin
https://vouchers.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:34:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
549766
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 00:51:18 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
IcZMkdcc2Mu7ix32FiFnQgBryLI61LM7MbjrxADGonYMRIyhuUgkhQ==
x-uber-edge
e4-dca22:w:352321536
utag.js
tags.tiqcdn.com/utag/uber/u4b/prod/ 		237 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc16b252a87996800389c895b1d5ddc89d4f49425a589f37a092d74166481ed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
JxM56.S471Y.bYtEGT7Ou261VpZBzx3x
content-encoding
br
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
date
Thu, 02 Nov 2023 08:13:41 GMT
last-modified
Thu, 19 Oct 2023 19:13:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
243
x-amz-server-side-encryption
AES256
etag
W/"4df5be30c396ad271eb820df001b9883"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
KDx188mNCmDr-uKozKE-oeWQi9Ja5VSZn-EhkiaiXGbziVjdqWNpoA==
utag.js
tags.tiqcdn.com/utag/uber/main/prod/ 		230 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/main/prod/utag.js
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
648736ab3ba9b46601537632273ab905ef42d816c0391a6dbc9c30d98752b36b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
1RqrtSbAESrEk.4xJnr.xYgZd7UKViuH
content-encoding
br
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
date
Thu, 02 Nov 2023 08:16:40 GMT
last-modified
Wed, 01 Nov 2023 15:41:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
20
x-amz-server-side-encryption
AES256
etag
W/"2f575bcdaafd15810572fe93021a76ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
tDh63RUugAMR3TXjosveP4KZM-OJNwE9ENG_vgIb0QDWKd3bxAzUAQ==
c3ad5c0f488d2345.css
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		161 B
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/c3ad5c0f488d2345.css
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
327529a6cff3b99eb17b5f27cd01e06533c8989042bc5f36551d552b268802a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 11:07:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
248976
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
65
x-xss-protection
1; mode=block
last-modified
Tue, 24 Oct 2023 16:19:41 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
sOjKZPE7bbNCsPRXjgW6_biI4LjoaYoBTDc1KRxMA_oBrupNYdUdFA==
x-uber-edge
e4-dca22:w:251658245
mapbox-gl.css
api.mapbox.com/mapbox-gl-js/v0.42.0/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.mapbox.com/mapbox-gl-js/v0.42.0/mapbox-gl.css
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-108.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
af0e055555dc751779fdec7df4e404a344bc7dd8c6d2f2252c8d972ebcc71a5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 13:21:27 GMT
Content-Encoding
gzip
Via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Age
3696933
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon Nov 13 2017 23:45:21 GMT+0000 (Coordinated Universal Time)
ETag
"5c1aa07bee147479b747eafbe6cdf352"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Timing-Allow-Origin
*
X-Amz-Cf-Id
lWtkHSynLNP9yOvzauCzCmTar-XSIGwwbvVR6CC2LoMy_myVJ1eUaQ==
7a8d707d5ec3dbe3.css
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		616 B
766 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/7a8d707d5ec3dbe3.css
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
a94c07e9276056aba59b7c4fb164178c7b2f5252f04ed251e129fbefd44c392d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:12:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
655455
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
38
x-xss-protection
1; mode=block
last-modified
Tue, 24 Oct 2023 16:19:41 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
N7nDobL95_yD8hF8v9k1-3tSKrYGGtDq1IbsZEKVHKcj_ZxlWixWeg==
x-uber-edge
e4-dca20:w:50331648
c1034582ddfe2196.css
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		60 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/c1034582ddfe2196.css
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
a39867676c2ee1601b541f3046013d5de62ef73ce0ac1ec9cae1c5231aae98e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:02:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
195252
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
452
content-length
60
x-xss-protection
1; mode=block
last-modified
Tue, 24 Oct 2023 16:19:41 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
NQYOhR4heyEAPLPaETEO6gJr03esxUZDuu49WjFcxdNeYD76D0Z4eQ==
x-uber-edge
e4-dca18:w:134217733
7cb0ef90bb2e0f91.css
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		42 B
597 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/7cb0ef90bb2e0f91.css
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
fcfc849ceb9706bea55e411c0aba4adcdc0fee3487ff1f7fc1906aafc5373e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 11:07:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
248976
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
56
content-length
42
x-xss-protection
1; mode=block
last-modified
Tue, 24 Oct 2023 16:19:41 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
pAS9jXaWHPcan5pTDTED1inVZrSQAsikvOJhEp1j4EXd8DpJILR5cQ==
x-uber-edge
e4-dca23:w:385875971
d1fb3e2e7be6ddb9.svg
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/d1fb3e2e7be6ddb9.svg
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
880cd3db4ced8848f2f125b96e8cd5436c2391cfed009d3ed5e20785092cd013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 10:09:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
338822
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
409
x-xss-protection
1; mode=block
last-modified
Tue, 24 Oct 2023 16:19:41 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
0g3NUodE2fTvML39SnK1pp-lHj0M7PgflmaevxpJc97xFfFi8KKCGA==
x-uber-edge
e4-dca24:w:452984837
21d01c09f1f3056a.svg
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/21d01c09f1f3056a.svg
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
d8a1c45c9fb48200205d148df1609da51f1d256fd9bfd24e06e891c5a598f4c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 16:08:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
317323
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
56
x-xss-protection
1; mode=block
last-modified
Tue, 24 Oct 2023 16:19:41 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding,Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
COUQAGYDR6ggsf9-Y_MGxjqkos23fzrefhB3Cfx_mITAzYTeLzsOQw==
x-uber-edge
e4-dca22:w:251658245
csp
csp.uber.com/ 		0
192 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=web-vouchers&ro=false
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 02 Nov 2023 08:17:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
3
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca22:w:352321539
14f73a3f74611002.woff2
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/14f73a3f74611002.woff2
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
61efb81895063425a3d3e218b0fd6ab2147b029e95891b076d58140459fc2b74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
Origin
https://vouchers.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 21:30:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
557161
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
30
content-length
30340
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 00:51:18 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
E2D6IZftx-fl0gY-1o2-HUIO52yjBXjAVlfyJq_IOaYVwt3DwZZ5_Q==
x-uber-edge
e4-dca22:w:352321540
eee1724e2e5a8ebd.woff2
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/eee1724e2e5a8ebd.woff2
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
9b0d296027090ac7deaadbc7d9d7ff6fdd9ebcd95fc9afa0be5fdab1111346cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
Origin
https://vouchers.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 21:29:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
557239
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
35
content-length
29808
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 00:51:18 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
ECHee5_y_8iV6EwLMOe5eeLKp0w_0JIVnkZxVcn_yF0817TuxUoIqQ==
x-uber-edge
e4-dca11:w:67108867
276edd4275dda838.woff2
d3i4yxtzktqr9n.cloudfront.net/web-vouchers/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/276edd4275dda838.woff2
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-25.fra2.r.cloudfront.net
Software
ufe /
Resource Hash
2765e5c2c468806af5fe1528e57116042b49a24790d8a0111615b1bcedfe13e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
Origin
https://vouchers.uber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 20:34:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
387756
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
content-length
28696
x-xss-protection
1; mode=block
last-modified
Tue, 24 Oct 2023 16:19:41 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
SAyxXo6ATCpkwsJbdpPkvy6L_eYamO1QRITdb1B336Tsu_Rf7_S73w==
x-uber-edge
e4-dca22:w:352321537
utag.45.js
tags.tiqcdn.com/utag/uber/u4b/prod/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.45.js?utv=ut4.51.202310191911
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27800b0a94d04e11e4cf477df47941b16faf5632459c7e933a9c240e6e03a32b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
L3rnnwNvW7n8CqDbVrsi2KqFXpk1NDgw
content-encoding
br
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
date
Thu, 02 Nov 2023 08:13:54 GMT
last-modified
Thu, 19 Oct 2023 19:13:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
261
x-amz-server-side-encryption
AES256
etag
W/"915b4ee70da2e2e2bf210a0be1c82fb7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
57-uiFqAXl7STmtvgTcFaqMBrUTdGKygk1Xkyce8tTQcdrSkDgUnvg==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Nov 2023 06:43:57 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5583
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 02 Nov 2023 08:43:57 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=uber/u4b/202310191911&cb=1698913020547
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Thu, 02 Nov 2023 08:15:52 GMT
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
69
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
R5ZUIqYki5JcR_ZHGT_K-nq3hjMgMtND_XqD4NWIK4zdynTAaGeIHQ==
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Nov 2023 08:50:18 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Nov 2023 08:22:11 GMT
collect
www.google-analytics.com/j/ 		3 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=904878196&t=pageview&cu=&_s=1&dl=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&ul=en-us&de=UTF-8&dt=Uber%20Voucher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiAIrBAAAACgMI~&jid=1845647157&gjid=1838043480&cid=346044852.1698913021&tid=UA-7157694-138&_gid=414542587.1698913021&_slc=1&cd1=u4b&cd19=2df4f575-d88a-4910-8644-574f3301a9f0&cd28=%7B%22session_id%22%3A%2206a7ffa7-7b57-492c-b3a9-334f4067d912%22%2C%22session_time_ms%22%3A1698913020269%7D&z=374891253
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vouchers.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 08:17:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vouchers.uber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7157694-138&cid=346044852.1698913021&jid=1845647157&gjid=1838043480&_gid=414542587.1698913021&_u=aGBAiAIrBAAAAGgMIAC~&z=1406089376
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vouchers.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 02 Nov 2023 08:17:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vouchers.uber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp
csp.uber.com/ 		0
66 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=web-vouchers&ro=false
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/client-vendor-0c11e709c566c4cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 02 Nov 2023 08:17:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
0
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca23:w:385875970
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/webp
_events
vouchers.uber.com/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vouchers.uber.com/_events
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/client-vendor-0c11e709c566c4cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/c/rhsoUYe76ZB
x-csrf-token
x
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type
application/json

Response headers

date
Thu, 02 Nov 2023 08:17:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
93
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-dca18:w:184549377
/
auth.uber.com/v2/
Redirect Chain
  • https://vouchers.uber.com/_track
  • https://auth.uber.com/v2/?breeze_local_zone=dca50&next_url=https%3A%2F%2Fvouchers.uber.com%2F_track&state=-pAHYD6on75nO-ITAJCIZWdBaMYs14fTxcysFpTGL9k%3D
0
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7157694-138&cid=346044852.1698913021&jid=1845647157&_u=aGBAiAIrBAAAAGgMIAC~&z=1517699272
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 08:17:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp
csp.uber.com/ 		0
40 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=web-vouchers&ro=false
Requested by
Host: vouchers.uber.com
URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 02 Nov 2023 08:17:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
0
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca24:w:469762052
ga-audiences
www.google.de/ads/ 		0
0
/
auth.uber.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/?breeze_local_zone=dca50&next_url=https%3A%2F%2Fvouchers.uber.com%2F_track&state=-pAHYD6on75nO-ITAJCIZWdBaMYs14fTxcysFpTGL9k%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-csrf-token
Access-Control-Request-Method
GET
Origin
https://vouchers.uber.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0
content-length
9
content-type
text/plain; charset=utf-8
date
Thu, 02 Nov 2023 08:17:01 GMT
server
ufe
strict-transport-security
max-age=31536000
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
86
x-frame-options
SAMEORIGIN
x-uber-edge
e4-dca22:w:352321540
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		212 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-840270580
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b11dabaf5a43f7781b13021609904ea4e59bd02129a0140bbe9821c897ddc388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 08:17:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77145
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Nov 2023 08:17:01 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 02 Nov 2023 08:17:01 GMT
last-modified
Fri, 20 Oct 2023 01:13:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E663CC28349449BE8F5B1420909AAF53 Ref B: FRAEDGE1222 Ref C: 2023-11-02T08:17:01Z
etag
"0125f9ff22da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13079
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 02 Nov 2023 08:17:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
PWY2JT4YhET4DrdPlH2S6R305SRqdBxeW+x/NyyrORBauIYval8EuEfEsulWdFKncnR5r/0zOtD4GmmNYx7wyw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 08:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 31 Oct 2023 08:37:21 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=70491
accept-ranges
bytes
content-length
3840
csp
csp.uber.com/ 		0
41 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=web-vouchers&ro=false
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 02 Nov 2023 08:17:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
1
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca8:w:218103810
ld.js
dynamic.criteo.com/js/ld/ 		0
0
getCampaignPublicInfo
vouchers.uber.com/api/ 		470 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vouchers.uber.com/api/getCampaignPublicInfo?localeCode=de-DE
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-vouchers/client-vendor-0c11e709c566c4cc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
2d1894da6f86abe285589e9ba1cccf01de0d632ed40b23965d970985fcd40061
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/c/rhsoUYe76ZB
x-csrf-token
x
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Nov 2023 08:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 google
server
ufe
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
x-uber-edge
e4-dca22:w:251658244
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=904878196&t=event&cu=&_s=2&dl=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&ul=en-us&de=UTF-8&dt=Uber%20Voucher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=web-vouchers_redemption-flow&ea=view&el=claim-code-page&_u=aHBAiAIrBAAAAGgMIAC~&jid=&gjid=&cid=346044852.1698913021&tid=UA-7157694-138&_gid=414542587.1698913021&cd1=u4b&cd19=2df4f575-d88a-4910-8644-574f3301a9f0&cd28=%7B%22session_id%22%3A%2206a7ffa7-7b57-492c-b3a9-334f4067d912%22%2C%22session_time_ms%22%3A1698913020269%7D&cd21=GA1.2.346044852.1698913021&z=647119222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 05:19:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
10641
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
112615526068288
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/112615526068288?v=2.9.138&r=stable&domain=vouchers.uber.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc9b07d83764f26b5c1d9847151ed60b075c4b300d39bc822b70661f7ecdcb80
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 02 Nov 2023 08:17:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
ZbaR1IrNBSGzAr+RyTbtAPKmkwfoux5y6TkMAI06XeATI3QXDL3SQTcLyBvId2IqmmlS8yGgTFCRny8AQFvbxg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 08:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 15 Oct 2023 08:32:45 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=10422
accept-ranges
bytes
content-length
3272
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=69483&time=1698913021562&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=69483&time=1698913021562&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D69483%26time%3D1698913021562%26url%3Dhttps%253A%252F%252Fvouchers.uber.com%252Fc%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=69483&time=1698913021562&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&cookiesTest=true&liSync=true
0
0
21000200.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/21000200.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 02 Nov 2023 08:17:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 44C9DA3EC1FC45E4AC9A6942FD575E4E Ref B: FRAEDGE1222 Ref C: 2023-11-02T08:17:01Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=21000200&Ver=2&mid=cc912a41-4756-451e-965e-474475aa1322&sid=330dd700795811ee80d88b33caf79326&vid=330e3480795811eeb9afd5aee44c75dc&vids=1&msclkid=N&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Uber%20Voucher&p=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&r=&lt=2680&evt=pageLoad&sv=1&rn=570672
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Nov 2023 08:17:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B095BA1C85054CD8B7129D9B71C7A1C9 Ref B: FRAEDGE1222 Ref C: 2023-11-02T08:17:01Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/840270580/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/840270580/?random=1698913021588&cv=11&fst=1698913021588&bg=ffffff&guid=ON&async=1&gtm=45be3au1v892114201&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&hn=www.googleadservices.com&frm=0&tiba=Uber%20Voucher&did=dYmQxMT&gdid=dYmQxMT&auid=361818183.1698913022&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-840270580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93c88d80428d81896a4e4a59331324da521c2a10d86562264e106d5e18a04b4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 08:17:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1264
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8617315&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-840270580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fa5e74976f8d6c19337d9deb06e35539b255894bc762b559efe790aa9537c20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 08:17:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67222
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Nov 2023 08:17:01 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W3V99WJNZ7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-840270580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7061c3fbe7c92c02a2ecd4263394372613f63a1262baf0f6943b86511f2e07da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 08:17:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92632
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Nov 2023 08:17:01 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=112615526068288&ev=PageView&dl=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&rl=&if=false&ts=1698913021684&sw=1600&sh=1200&ud[external_id]=c87b59d06be95c1459252c7ed45ec1af4b264aca92c1509419a8a51563cfe91e&v=2.9.138&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1698913021666.1118946673&ler=empty&it=1698913021539&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 02 Nov 2023 08:17:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=112615526068288&ev=PageView&dl=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&rl=&if=false&ts=1698913021686&sw=1600&sh=1200&ud[external_id]=c87b59d06be95c1459252c7ed45ec1af4b264aca92c1509419a8a51563cfe91e&v=2.9.138&r=stable&a=tmtealium&ec=1&o=4126&fbp=fb.1.1698913021666.1118946673&ler=empty&it=1698913021539&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 02 Nov 2023 08:17:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W3V99WJNZ7&gtm=45je3au1v9103516189&_p=904878196&gcd=11l1l1l1l1&gdid=dYmQxMT&cid=346044852.1698913021&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698913021&sct=1&seg=0&dl=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&dt=Uber%20Voucher&en=page_view&_fv=1&_ss=1&_ee=1&ep.UcookieID=2df4f575-d88a-4910-8644-574f3301a9f0&ep.tealium_profile=u4b
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W3V99WJNZ7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 08:17:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vouchers.uber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/840270580/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/840270580/?random=1698913021588&cv=11&fst=1698912000000&bg=ffffff&guid=ON&async=1&gtm=45be3au1v892114201&u_w=1600&u_h=1200&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&frm=0&tiba=Uber%20Voucher&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNbrrAcUqRidVAyWhVljwvwy1L6vvpTg&random=1669658060&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vouchers.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 08:17:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp
csp.uber.com/ 		0
68 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.uber.com/csp?a=web-vouchers&ro=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.192.148 Ashburn, United States, ASN63086 (UBER-PROD, US),
Reverse DNS
Software
ufe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vouchers.uber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 02 Nov 2023 08:17:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ufe
x-frame-options
SAMEORIGIN
cache-control
max-age=0
x-envoy-upstream-service-time
651
content-length
0
x-xss-protection
1; mode=block
x-uber-edge
e4-dca11:w:100663298
/
www.google.de/pagead/1p-user-list/840270580/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auth.uber.com
URL
https://auth.uber.com/v2/?breeze_local_zone=dca50&next_url=https%3A%2F%2Fvouchers.uber.com%2F_track&state=-pAHYD6on75nO-ITAJCIZWdBaMYs14fTxcysFpTGL9k%3D
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7157694-138&cid=346044852.1698913021&jid=1845647157&_u=aGBAiAIrBAAAAGgMIAC~&z=1517699272
Domain
dynamic.criteo.com
URL
https://dynamic.criteo.com/js/ld/ld.js?a=103675
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=69483&time=1698913021562&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&cookiesTest=true&liSync=true
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/840270580/?random=1698913021588&cv=11&fst=1698912000000&bg=ffffff&guid=ON&async=1&gtm=45be3au1v892114201&u_w=1600&u_h=1200&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&frm=0&tiba=Uber%20Voucher&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNbrrAcUqRidVAyWhVljwvwy1L6vvpTg&random=1669658060&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| __FUSION_ASSET_PATH__ string| __NONCE__ boolean| utag_condload string| url undefined| pathNext undefined| path object| utag_data object| dataObject object| business_uber object| chameleon_uber object| bonjour_uber object| uber_eats string| tempLang string| getPathingqp boolean| isSafari string| lang string| domain undefined| metaAttr undefined| locale undefined| attrLen object| utag object| uetq object| _linkedin function| getCookieValue function| getParameterByName boolean| __tealium_twc_switch string| gaAccount object| redux_State boolean| inAppFlag boolean| __tealium_privacy object| _linkedin_data_partner_ids string| gtagRename object| dataLayer function| gtag object| criteo_q object| reduxState object| utag_err function| _tealium_old_error string| GoogleAnalyticsObject function| ga object| webpackChunkFusion object| optimizely object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| clearImmediate function| setImmediate function| _ object| Braintree function| Hammer function| polyfillContext object| luma object| deck object| loaders object| core function| filterCSS function| filterXSS object| __GLOBAL_STYLETRON_INSTANCE@1__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| UrateWidget object| trackers function| _fs_ready function| fbq function| _fbq boolean| _wait_for_lintrk object| process function| lintrk boolean| _already_called_lintrk function| UET function| UET_init function| UET_push object| ueto_85969639a8 object| google_tag_manager object| GooglebQhCsO function| onYouTubeIframeAPIReady

25 Cookies

Domain/Path Name / Value
vouchers.uber.com/c Name: parsed_ga_cookie
Value: 346044852.1698913021
vouchers.uber.com/ Name: _ua
Value: {"session_id":"06a7ffa7-7b57-492c-b3a9-334f4067d912","session_time_ms":1698913020269}
.uber.com/ Name: marketing_vistor_id
Value: 2df4f575-d88a-4910-8644-574f3301a9f0
vouchers.uber.com/ Name: jwt-session
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2OTg5MTMwMjAsImV4cCI6MTY5ODk5OTQyMH0.DF8EjUXRpjYNHOxGdfuPdf4Nm6xGBM-pNyZ9xl0JK58
.uber.com/ Name: utag_main__sn
Value: 1
.uber.com/ Name: utag_main_ses_id
Value: 1698913020475%3Bexp-session
.uber.com/ Name: utag_main__pn
Value: 1%3Bexp-session
.uber.com/ Name: CONSENTMGR
Value: c1:1%7Cc2:1%7Cc3:1%7Cc4:1%7Cc5:1%7Cc6:1%7Cc7:1%7Cc8:1%7Cc9:1%7Cc10:1%7Cc11:1%7Cc12:1%7Cc13:1%7Cc14:1%7Cc15:1%7Cts:1698913020511%7Cconsent:true
.uber.com/ Name: _gid
Value: GA1.2.414542587.1698913021
.uber.com/ Name: _gat_tealium_0
Value: 1
.vouchers.uber.com/ Name: state
Value: JF0333C63bI0EH.1698913921233.6eIIfiaFB+enFUYg8DD9mK8lm27NobyitjD4rkl26V0=
.uber.com/ Name: utag_main__ss
Value: 0%3Bexp-session
.uber.com/ Name: utag_main__se
Value: 3%3Bexp-session
.uber.com/ Name: utag_main__st
Value: 1698914821494%3Bexp-session
.uber.com/ Name: _uetsid
Value: 330dd700795811ee80d88b33caf79326
.uber.com/ Name: _uetvid
Value: 330e3480795811eeb9afd5aee44c75dc
.uber.com/ Name: _gcl_au
Value: 1.1.361818183.1698913022
.bing.com/ Name: MUID
Value: 3F8B4C0E0946635502965FB30894627C
.uber.com/ Name: _fbp
Value: fb.1.1698913021666.1118946673
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.uber.com/ Name: _ga
Value: GA1.1.346044852.1698913021
.uber.com/ Name: _ga_W3V99WJNZ7
Value: GS1.1.1698913021.1.0.1698913021.0.0.0
.linkedin.com/ Name: li_sugr
Value: 0717c6f4-44da-43ab-9121-f68ec1c0200c
.linkedin.com/ Name: bcookie
Value: "v=2&b5899ec3-b147-49ed-8ce1-659d08587a40"
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3033:u=1:x=1:i=1698913021:t=1698999421:v=2:sig=AQE8HpEzrZOQDMxqTdQ3pMQL3dVPtqSO"

5 Console Messages

Source Level URL
Text
security error URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7157694-138&cid=346044852.1698913021&jid=1845647157&_u=aGBAiAIrBAAAAGgMIAC~&z=1517699272' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: *.demdex.net *.doubleclick.net *.everesttech.net *.facebook.com *.google.com *.google-analytics.com *.linkedin.com *.outbrain.com *.twitter.com *.yahoo.com https://d3i4yxtzktqr9n.cloudfront.net https://bat.bing.com https://p.adsymptotic.com https://rs.fullstory.com".
javascript error URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Message:
Access to XMLHttpRequest at 'https://auth.uber.com/v2/?breeze_local_zone=dca50&next_url=https%3A%2F%2Fvouchers.uber.com%2F_track&state=-pAHYD6on75nO-ITAJCIZWdBaMYs14fTxcysFpTGL9k%3D' (redirected from 'https://vouchers.uber.com/_track') from origin 'https://vouchers.uber.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.uber.com/v2/?breeze_local_zone=dca50&next_url=https%3A%2F%2Fvouchers.uber.com%2F_track&state=-pAHYD6on75nO-ITAJCIZWdBaMYs14fTxcysFpTGL9k%3D
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://tags.tiqcdn.com/utag/uber/u4b/prod/utag.js(Line 111)
Message:
Refused to load the script 'https://dynamic.criteo.com/js/ld/ld.js?a=103675' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' *.hotjar.com *.outbrain.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.terminus.services *.clarity.ms *.doubleclick.net https://connect.facebook.net https://munchkin.marketo.net https://s.yimg.com https://bat.bing.com https://snap.licdn.com https://sp.analytics.yahoo.com https://tags.tiqcdn.com https://edge.fullstory.com https://rs.fullstory.com https://d3i4yxtzktqr9n.cloudfront.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://vouchers.uber.com/c/rhsoUYe76ZB
Message:
Refused to load the image 'https://www.google.de/pagead/1p-user-list/840270580/?random=1698913021588&cv=11&fst=1698912000000&bg=ffffff&guid=ON&async=1&gtm=45be3au1v892114201&u_w=1600&u_h=1200&url=https%3A%2F%2Fvouchers.uber.com%2Fc%2FrhsoUYe76ZB&frm=0&tiba=Uber%20Voucher&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNbrrAcUqRidVAyWhVljwvwy1L6vvpTg&random=1669658060&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: *.demdex.net *.doubleclick.net *.everesttech.net *.facebook.com *.google.com *.google-analytics.com *.linkedin.com *.outbrain.com *.twitter.com *.yahoo.com https://d3i4yxtzktqr9n.cloudfront.net https://bat.bing.com https://p.adsymptotic.com https://rs.fullstory.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-src https://payments.uber.com https://payments-staging.uber.com https://auth.uber.com https://help.uber.com *.hotjar.com *.doubleclick.net https://survey.uber.com https://docs.google.com; worker-src 'self' blob: *.mapbox.com; child-src 'self' blob: *.mapbox.com; connect-src 'self' auth.uber.com http://localhost:3000 *.demdex.net *.doubleclick.net *.facebook.com *.googletagmanager.com *.google-analytics.com *.google.com *.tags.tiqcdn.com *.qualtrics.com *.utag.com *.mapbox.com *.clarity.ms https://613-qph-162.mktoresp.com https://s.yimg.com https://d3dt5tsgfu6lcf.cloudfront.net https://dyguxp1m9tbrw.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://edge.fullstory.com https://rs.fullstory.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' *.hotjar.com *.outbrain.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.terminus.services *.clarity.ms *.doubleclick.net https://connect.facebook.net https://munchkin.marketo.net https://s.yimg.com https://bat.bing.com https://snap.licdn.com https://sp.analytics.yahoo.com https://tags.tiqcdn.com https://edge.fullstory.com https://rs.fullstory.com https://d3i4yxtzktqr9n.cloudfront.net; style-src 'self' 'unsafe-inline' https://d3dt5tsgfu6lcf.cloudfront.net https://dyguxp1m9tbrw.cloudfront.net *.mapbox.com https://d3i4yxtzktqr9n.cloudfront.net; img-src 'self' data: blob: *.demdex.net *.doubleclick.net *.everesttech.net *.facebook.com *.google.com *.google-analytics.com *.linkedin.com *.outbrain.com *.twitter.com *.yahoo.com https://d3i4yxtzktqr9n.cloudfront.net https://bat.bing.com https://p.adsymptotic.com https://rs.fullstory.com; report-uri https://csp.uber.com/csp?a=web-vouchers&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mapbox.com
auth.uber.com
bat.bing.com
connect.facebook.net
csp.uber.com
d3i4yxtzktqr9n.cloudfront.net
dynamic.criteo.com
googleads.g.doubleclick.net
px.ads.linkedin.com
r.uber.com
region1.google-analytics.com
snap.licdn.com
stats.g.doubleclick.net
tags.tiqcdn.com
vouchers.uber.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
auth.uber.com
dynamic.criteo.com
px.ads.linkedin.com
www.google.de
104.36.192.148
108.138.26.108
13.224.194.25
2001:4860:4802:32::36
2001:4860:4802:34::178
2600:9000:225e:ea00:7:2bfb:7c00:93a1
2620:1ec:c11::200
2a00:1450:4001:80b::2008
2a00:1450:4001:827::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c0b::9a
2a02:26f0:3500:16::215:149b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.98.127.226
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0858e39f1d3ad11d5566ec3a8660f5a7bd92683a766ea8d58d718e4af554b12e
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fa5e74976f8d6c19337d9deb06e35539b255894bc762b559efe790aa9537c20
2765e5c2c468806af5fe1528e57116042b49a24790d8a0111615b1bcedfe13e0
27800b0a94d04e11e4cf477df47941b16faf5632459c7e933a9c240e6e03a32b
2d1894da6f86abe285589e9ba1cccf01de0d632ed40b23965d970985fcd40061
327529a6cff3b99eb17b5f27cd01e06533c8989042bc5f36551d552b268802a3
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
61efb81895063425a3d3e218b0fd6ab2147b029e95891b076d58140459fc2b74
648736ab3ba9b46601537632273ab905ef42d816c0391a6dbc9c30d98752b36b
672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c
7061c3fbe7c92c02a2ecd4263394372613f63a1262baf0f6943b86511f2e07da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
880cd3db4ced8848f2f125b96e8cd5436c2391cfed009d3ed5e20785092cd013
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93c88d80428d81896a4e4a59331324da521c2a10d86562264e106d5e18a04b4d
9b0d296027090ac7deaadbc7d9d7ff6fdd9ebcd95fc9afa0be5fdab1111346cb
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a39867676c2ee1601b541f3046013d5de62ef73ce0ac1ec9cae1c5231aae98e5
a94c07e9276056aba59b7c4fb164178c7b2f5252f04ed251e129fbefd44c392d
af0e055555dc751779fdec7df4e404a344bc7dd8c6d2f2252c8d972ebcc71a5b
b11dabaf5a43f7781b13021609904ea4e59bd02129a0140bbe9821c897ddc388
b121e9edb84ee4e7c05ac0bace3edfaf1150fc5c59039bdb6eda1697581d4654
c0951861e97b07759f93717fb0675c4421598bf778a348de097650b002ce747f
d4e1f91cffa1edc03a4c9d1778ab216c9ef1417931fd06a3ebb33f9b8b1b380c
d8a1c45c9fb48200205d148df1609da51f1d256fd9bfd24e06e891c5a598f4c0
dc16b252a87996800389c895b1d5ddc89d4f49425a589f37a092d74166481ed3
dc9b07d83764f26b5c1d9847151ed60b075c4b300d39bc822b70661f7ecdcb80
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcfc849ceb9706bea55e411c0aba4adcdc0fee3487ff1f7fc1906aafc5373e6c