postmates.com Open in urlscan Pro
104.16.218.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://postmat.es/getitnow
Effective URL:
https://postmates.com/
Submission Tags: falconsandbox
Submission: On July 14 via api (July 14th 2021, 1:51:55 pm UTC) from US

Summary HTTP 56 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 56 HTTP transactions. The main IP is 104.16.218.98, located in United States and belongs to CLOUDFLARENET, US. The main domain is postmates.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time postmates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.56.57.255 13.56.57.255	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:215... 2600:9000:2156:d600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 8	104.16.218.98 104.16.218.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	13.224.89.103 13.224.89.103	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
23	2600:9000:219... 2600:9000:2190:e000:c:a6c4:b880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:ce00:16:ebbc:df40:21	16509 (AMAZON-02) (AMAZON-02)
56	8

1 13.56.57.255 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-57-255.us-west-1.compute.amazonaws.com

postmat.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:d600:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pm.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.218.98 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

postmates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.224.89.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-103.zrh50.r.cloudfront.net

d3i4yxtzktqr9n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:2190:e000:c:a6c4:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)

tb-static.uber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ce00:16:ebbc:df40:21 (United States)

ASN16509 (AMAZON-02, US)

dkl8of78aprwd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	uber.com tb-static.uber.com	481 KB
17	cloudfront.net d3i4yxtzktqr9n.cloudfront.net dkl8of78aprwd.cloudfront.net	1 MB
8	postmates.com 1 redirects postmates.com	66 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	350 KB
3	google.com www.google.com	20 KB
1	app.link 1 redirects pm.app.link	455 B
1	postmat.es 1 redirects postmat.es	409 B
56	7

	Domain	Requested by
23	tb-static.uber.com	postmates.com
16	d3i4yxtzktqr9n.cloudfront.net	postmates.com
8	postmates.com	1 redirects d3i4yxtzktqr9n.cloudfront.net
4	www.gstatic.com	www.google.com www.gstatic.com
3	www.google.com	postmates.com www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
1	dkl8of78aprwd.cloudfront.net	postmates.com
1	pm.app.link	1 redirects
1	postmat.es	1 redirects
56	9

This site contains links to these domains. Also see Links.

Domain
www.uber.com
www.ubereats.com
itunes.apple.com
play.google.com
about.ubereats.com
uber.com
help.uber.com
www.facebook.com
twitter.com
www.instagram.com
privacy.uber.com
policies.google.com

Subject Issuer	Validity	Valid
postmates.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
tb-static.uber.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-05` - `2022-04-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://postmates.com/
Frame ID: 1231AAF26301A68223C9F574325A3F8B
Requests: 49 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcP8akUAAAAAMkn2Bo434JdPoTEQpSk2lHODhi0&co=aHR0cHM6Ly9wb3N0bWF0ZXMuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=z7gcwmmsbh7h
Frame ID: 957104D82922F987E9CED2D1505DF0EC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://postmat.es/getitnow HTTP 307
https://pm.app.link/dlQhyXJnlF?_p=c11335dc9a027af5e2038cfde1 HTTP 307
https://postmates.com/feed?_branch_match_id=943854585411790621 HTTP 307
https://postmates.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

56
Requests

100 %
HTTPS

70 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

1977 kB
Transfer

4294 kB
Size

6
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.uber.com/business/eats
Title: Create a business account

Search URL Search Domain Scan URL

URL: https://www.ubereats.com/restaurant
Title: Add your restaurant

Search URL Search Domain Scan URL

URL: https://www.uber.com/drive/delivery/
Title: Sign up to deliver

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/postmates-food-delivery/id512393983?mt=8
Title: iPhone

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.postmates.android&hl=en
Title: Android

Search URL Search Domain Scan URL

URL: https://about.ubereats.com/
Title: About Uber Eats

Search URL Search Domain Scan URL

URL: https://uber.com/gift-cards/
Title: Buy gift cards

Search URL Search Domain Scan URL

URL: https://help.uber.com/postmates
Title: Get Help

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Postmates/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Postmates
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/postmates
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.uber.com/legal/privacy/users/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.uber.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://help.uber.com/postmates/article/uber-eats-pricing?nodeId=2adbed88-9822-4690-9529-3061c4821755
Title: Pricing

Search URL Search Domain Scan URL

URL: https://privacy.uber.com/privacy/california/
Title: Do not sell my info (California)

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.uber.com/legal/privacy/cookies/en-US
Title: Cookie Notice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://postmat.es/getitnow HTTP 307
https://pm.app.link/dlQhyXJnlF?_p=c11335dc9a027af5e2038cfde1 HTTP 307
https://postmates.com/feed?_branch_match_id=943854585411790621 HTTP 307
https://postmates.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
postmates.com/
Redirect Chain

http://postmat.es/getitnow
https://pm.app.link/dlQhyXJnlF?_p=c11335dc9a027af5e2038cfde1
https://postmates.com/feed?_branch_match_id=943854585411790621
https://postmates.com/

181 KB
46 KB

466ms
466ms

Document
text/html

104.16.218.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://postmates.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.218.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39e761e8be27071f65b63582e3849ca7ef5728085dffc08a19313641ca4c0b89

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-src 'self' https://.uber.com http://.cdn-net.com https://tr.snapchat.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com https://www.google.com/recaptcha/ bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com .doubleclick.net .tealiumiq.com .demdex.net .optimizely.com; worker-src 'self'; child-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com .doubleclick.net .tealiumiq.com .demdex.net; connect-src 'self' 'self' https://.uber.com https://duyt4h9nfnj50.cloudfront.net https://d3fa76b550dpw9.cloudfront.net https://d4p17acsd5wyj.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://siteintercept.qualtrics.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net .optimizely.com www.google-analytics.com .tealiumiq.com .demdex.net; manifest-src 'self'; form-action 'self' https://tr.snapchat.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com; frame-ancestors 'self' http://localhost: https://www.nimblerx.com https://static-team-ops.nimbleandsimple.com https://pharma.uber.com http://local.shakeshack.com https://shakeshackdev.prod.acquia-sites.com https://shakeshackstg.prod.acquia-sites.com https://shakeshack.prod.acquia-sites.com https://www.shakeshack.com https://front-hml-delivery.azurewebsites.net https://front-dev-delivery.azurewebsites.net https://front-prd-delivery.azurewebsites.net https://deliverycontrol.grupomadero.com.br https://delivery.grupomadero.com.br https://staging-shop.mccolls.co.uk https://shop.mccolls.co.uk https://stoq.shop https://staging.stoq.shop https://admin.stoq.shop https://admin-staging.stoq.shop https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-99bd26e6-3a46-4816-8621-2de7974effc6' https://bat.bing.com https://.qualtrics.com https://analytics.twitter.com http://www.googletagservices.com http://.cdn-net.com https://sc-static.net https://tr.snapchat.com https://.yjtag.jp https://yjtag.yahoo.co.jp https://b92.yahoo.co.jp https://.yimg.jp https://.outbrain.com https://www.redditstatic.com https://analytics.tiktok.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com https://d4p17acsd5wyj.cloudfront.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com .adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net .optimizely.com .tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com; report-uri https://csp.uber.com/csp?a=web-eats-v2&ro=false
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: postmates.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uev2.id.xp=b6f25949-aea7-4181-b54c-6277b57a23df; dId=3630b3ce-642e-4be2-a77a-5f4bd998f3ac; uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; uev2.ts.session=1626270696003; jwt-session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MjYyNzA2OTYsImV4cCI6MTYyNjM1NzA5Nn0.fGqwKHr4gJ9AklSBhVDDfB3sSNGl3zc_gk4-x-WQElc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 13:51:36 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-security-policy: block-all-mixed-content; frame-src 'self' https://*.uber.com http://*.cdn-net.com https://tr.snapchat.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com https://www.google.com/recaptcha/ bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self'; child-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' 'self' https://*.uber.com https://duyt4h9nfnj50.cloudfront.net https://d3fa76b550dpw9.cloudfront.net https://d4p17acsd5wyj.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://siteintercept.qualtrics.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net; manifest-src 'self'; form-action 'self' https://tr.snapchat.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com; frame-ancestors 'self' http://localhost:* https://www.nimblerx.com https://static-team-ops.nimbleandsimple.com https://pharma.uber.com http://local.shakeshack.com https://shakeshackdev.prod.acquia-sites.com https://shakeshackstg.prod.acquia-sites.com https://shakeshack.prod.acquia-sites.com https://www.shakeshack.com https://front-hml-delivery.azurewebsites.net https://front-dev-delivery.azurewebsites.net https://front-prd-delivery.azurewebsites.net https://deliverycontrol.grupomadero.com.br https://delivery.grupomadero.com.br https://staging-shop.mccolls.co.uk https://shop.mccolls.co.uk https://stoq.shop https://staging.stoq.shop https://admin.stoq.shop https://admin-staging.stoq.shop https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-99bd26e6-3a46-4816-8621-2de7974effc6' https://bat.bing.com https://*.qualtrics.com https://analytics.twitter.com http://www.googletagservices.com http://*.cdn-net.com https://sc-static.net https://tr.snapchat.com https://*.yjtag.jp https://yjtag.yahoo.co.jp https://b92.yahoo.co.jp https://*.yimg.jp https://*.outbrain.com https://www.redditstatic.com https://analytics.tiktok.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com https://d4p17acsd5wyj.cloudfront.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com; report-uri https://csp.uber.com/csp?a=web-eats-v2&ro=false
link: <https://postmates.com/>; rel="alternate"; hreflang="en-US", <https://postmates.com/re-en>; rel="alternate"; hreflang="en-RE", <https://postmates.com/gt>; rel="alternate"; hreflang="es-GT", <https://postmates.com/ve>; rel="alternate"; hreflang="es-VE", <https://postmates.com/cl>; rel="alternate"; hreflang="es-CL", <https://postmates.com/ca>; rel="alternate"; hreflang="en-CA", <https://postmates.com/ve-en>; rel="alternate"; hreflang="en-VE", <https://postmates.com/za>; rel="alternate"; hreflang="en-ZA", <https://postmates.com/ec>; rel="alternate"; hreflang="es-EC", <https://postmates.com/ch-it>; rel="alternate"; hreflang="it-CH", <https://postmates.com/ch>; rel="alternate"; hreflang="en-CH", <https://postmates.com/au>; rel="alternate"; hreflang="en-AU", <https://postmates.com/gb>; rel="alternate"; hreflang="en-GB", <https://postmates.com/cr>; rel="alternate"; hreflang="es-CR", <https://postmates.com/ca-fr>; rel="alternate"; hreflang="fr-CA", <https://postmates.com/es>; rel="alternate"; hreflang="es-ES", <https://postmates.com/hk-en>; rel="alternate"; hreflang="en-HK", <https://postmates.com/pl-en>; rel="alternate"; hreflang="en-PL", <https://postmates.com/sv-en>; rel="alternate"; hreflang="en-SV", <https://postmates.com/pt>; rel="alternate"; hreflang="pt-PT", <https://postmates.com/ie>; rel="alternate"; hreflang="en-IE", <https://postmates.com/us-es>; rel="alternate"; hreflang="es-US", <https://postmates.com/lk>; rel="alternate"; hreflang="en-LK", <https://postmates.com/be-en>; rel="alternate"; hreflang="en-BE", <https://postmates.com/re>; rel="alternate"; hreflang="fr-RE", <https://postmates.com/nz>; rel="alternate"; hreflang="en-NZ", <https://postmates.com/pa>; rel="alternate"; hreflang="es-PA", <https://postmates.com/jp-en>; rel="alternate"; hreflang="en-JP", <https://postmates.com/pl>; rel="alternate"; hreflang="pl-PL", <https://postmates.com/se>; rel="alternate"; hreflang="sv-SE", <https://postmates.com/be>; rel="alternate"; hreflang="fr-BE", <https://postmates.com/fr>; rel="alternate"; hreflang="fr-FR", <https://postmates.com/nl-en>; rel="alternate"; hreflang="en-NL", <https://postmates.com/it-en>; rel="alternate"; hreflang="en-IT", <https://postmates.com/do>; rel="alternate"; hreflang="es-DO", <https://postmates.com/tw-en>; rel="alternate"; hreflang="en-TW", <https://postmates.com/bo>; rel="alternate"; hreflang="es-BO", <https://postmates.com/jp>; rel="alternate"; hreflang="ja-JP", <https://postmates.com/fr-en>; rel="alternate"; hreflang="en-FR", <https://postmates.com/it>; rel="alternate"; hreflang="it-IT", <https://postmates.com/hk>; rel="alternate"; hreflang="zh-HK", <https://postmates.com/mx-en>; rel="alternate"; hreflang="en-MX", <https://postmates.com/br>; rel="alternate"; hreflang="pt-BR", <https://postmates.com/cr-en>; rel="alternate"; hreflang="en-CR", <https://postmates.com/pt-en>; rel="alternate"; hreflang="en-PT", <https://postmates.com/do-en>; rel="alternate"; hreflang="en-DO", <https://postmates.com/es-en>; rel="alternate"; hreflang="en-ES", <https://postmates.com/se-en>; rel="alternate"; hreflang="en-SE", <https://postmates.com/cl-en>; rel="alternate"; hreflang="en-CL", <https://postmates.com/gt-en>; rel="alternate"; hreflang="en-GT", <https://postmates.com/ke>; rel="alternate"; hreflang="en-KE", <https://postmates.com/ec-en>; rel="alternate"; hreflang="en-EC", <https://postmates.com/br-en>; rel="alternate"; hreflang="en-BR", <https://postmates.com/ch-de>; rel="alternate"; hreflang="de-CH", <https://postmates.com/sv>; rel="alternate"; hreflang="es-SV", <https://postmates.com/be-nl>; rel="alternate"; hreflang="nl-BE", <https://postmates.com/de>; rel="alternate"; hreflang="de-DE", <https://postmates.com/ch-fr>; rel="alternate"; hreflang="fr-CH", <https://postmates.com/bo-en>; rel="alternate"; hreflang="en-BO", <https://postmates.com/pa-en>; rel="alternate"; hreflang="en-PA", <https://postmates.com/tw>; rel="alternate"; hreflang="zh-TW", <https://postmates.com/nl>; rel="alternate"; hreflang="nl-NL", <https://postmates.com/mx>; rel="alternate"; hreflang="es-MX", <https://postmates.com/de-en>; rel="alternate"; hreflang="en-DE"
set-cookie: uev2.app=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; path=/; expires=Wed, 14 Jul 2021 14:21:36 GMT; domain=postmates.com; secure; httponly uev2.ts.session=1626270696003; path=/; expires=Wed, 14 Jul 2021 14:21:36 GMT; domain=postmates.com; secure; httponly marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204; path=/; expires=Thu, 14 Jul 2022 13:51:36 GMT; domain=.postmates.com; secure
x-frame-options: ALLOW-FROM https://www.nimblerx.com
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:48
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cache-control: max-age=0
x-envoy-upstream-service-time: 363
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kmHYLGEjrTt6WaT5uWxaV1HYLupP%2Fi4WI9lSyX6S4dazzp514AbMMHYS3b0R6pdBeROkfDAEUqK9Rlz7tulsEp90LqseNpcJxoWUyzvcWZt2UpkI4DF64euhGK7%2FP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66eb3a0ada1aee13-CDG
content-encoding: gzip

Redirect headers

date: Wed, 14 Jul 2021 13:51:36 GMT
content-type: text/html; charset=utf-8
content-security-policy: block-all-mixed-content; frame-src 'self' https://*.uber.com http://*.cdn-net.com https://tr.snapchat.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com https://www.google.com/recaptcha/ bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net *.optimizely.com; worker-src 'self'; child-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com *.doubleclick.net *.tealiumiq.com *.demdex.net; connect-src 'self' 'self' https://*.uber.com https://duyt4h9nfnj50.cloudfront.net https://d3fa76b550dpw9.cloudfront.net https://d4p17acsd5wyj.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://siteintercept.qualtrics.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net *.optimizely.com www.google-analytics.com *.tealiumiq.com *.demdex.net; manifest-src 'self'; form-action 'self' https://tr.snapchat.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com; frame-ancestors 'self' http://localhost:* https://www.nimblerx.com https://static-team-ops.nimbleandsimple.com https://pharma.uber.com http://local.shakeshack.com https://shakeshackdev.prod.acquia-sites.com https://shakeshackstg.prod.acquia-sites.com https://shakeshack.prod.acquia-sites.com https://www.shakeshack.com https://front-hml-delivery.azurewebsites.net https://front-dev-delivery.azurewebsites.net https://front-prd-delivery.azurewebsites.net https://deliverycontrol.grupomadero.com.br https://delivery.grupomadero.com.br https://staging-shop.mccolls.co.uk https://shop.mccolls.co.uk https://stoq.shop https://staging.stoq.shop https://admin.stoq.shop https://admin-staging.stoq.shop https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-364c8f17-b701-47f1-8fc3-3a53d55dfbc4' https://bat.bing.com https://*.qualtrics.com https://analytics.twitter.com http://www.googletagservices.com http://*.cdn-net.com https://sc-static.net https://tr.snapchat.com https://*.yjtag.jp https://yjtag.yahoo.co.jp https://b92.yahoo.co.jp https://*.yimg.jp https://*.outbrain.com https://www.redditstatic.com https://analytics.tiktok.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com https://d4p17acsd5wyj.cloudfront.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com *.adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net *.optimizely.com *.tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com; report-uri https://csp.uber.com/csp?a=web-eats-v2&ro=false
location: /
set-cookie: uev2.app=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly uev2.id.xp=b6f25949-aea7-4181-b54c-6277b57a23df; path=/; domain=postmates.com; secure; httponly dId=3630b3ce-642e-4be2-a77a-5f4bd998f3ac; path=/; expires=Thu, 14 Jul 2022 13:51:36 GMT; domain=postmates.com; secure; httponly uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; path=/; expires=Wed, 14 Jul 2021 14:21:36 GMT; domain=postmates.com; secure; httponly uev2.ts.session=1626270696003; path=/; expires=Wed, 14 Jul 2021 14:21:36 GMT; domain=postmates.com; secure; httponly jwt-session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MjYyNzA2OTYsImV4cCI6MTYyNjM1NzA5Nn0.fGqwKHr4gJ9AklSBhVDDfB3sSNGl3zc_gk4-x-WQElc; path=/; expires=Thu, 15 Jul 2021 13:51:36 GMT; secure; httponly
x-frame-options: ALLOW-FROM https://www.nimblerx.com
x-xss-protection: 1; mode=block
x-uber-edge: e4-dca1:w:150
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cache-control: max-age=0
x-envoy-upstream-service-time: 131
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FdcRSofI9HSI253HIXh3GeVocf%2BYq7unJipCLoGHS5q4xTLZDhnrC1UmGOiQdtsVW0S5L5wy4yGlldGrtDqStjVvnaZ5Dra2c4zvb5uqWdOw7bsIRk%2FkMQtkuHE3f4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66eb3a095f22ee13-CDG

GET
H2 200 client-main-cedee18db0fd0ab41bdb.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 159 KB
30 KB 223ms
140ms Script
application/javascript 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-main-cedee18db0fd0ab41bdb.js

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

9f4a41652c6cef627531872d52fbcb6e6ad0b0895c7e8cd25dbae5240b5d4b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48864
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
vary: Origin
content-length: 30202
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 21:49:13 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: o52y6KRjJkKxQ0U3eh5JqLtXt1Xi-BbydAItaxqMP5wYCij0ykqG1g==
x-uber-edge: e4-dca1:w:70

GET
H2 200 client-vendor-69cf229118d4c39111e3.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 977 KB
384 KB 155ms
72ms Script
application/javascript 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-vendor-69cf229118d4c39111e3.js

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

6d9c1356873c73222cf32423c75becfbaa8c04790dc5bc0370994c21c6b2bc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71175
x-cache: Hit from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 781
vary: Origin
content-length: 391641
x-xss-protection: 1; mode=block
access-control-allow-origin: *
rpc-service: terrablob-gateway-tier3
last-modified: Tue, 13 Jul 2021 17:39:32 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
etag: "67ed55572fafd1a90f95d7fea547e9cb"
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *, *
x-amz-cf-id: YGgPP9kWOzCf4bAxu4XPiiewR83ONzyqPfLbqX5zLPYFu2GDrwfayQ==
x-uber-app: terrablob-gateway-tier3
x-uber-edge: e4-dca1:w:124

GET
H2 200 client-default-cart-mobile-cart-mobile-multistep-multicart-cart-mobile-online-ordering-checkout-desktop-mul-b87e9610-f1f8dba5ba677883d4cb.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 30 KB
9 KB 147ms
65ms Script
application/javascript 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-default-cart-mobile-cart-mobile-multistep-multicart-cart-mobile-online-ordering-checkout-desktop-mul-b87e9610-f1f8dba5ba677883d4cb.js

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

ef2bd1ad40cbc8fa53b11373345be7e3f269c17d58b3cbc3e0138613f8f8a1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 16:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163897
x-cache: Hit from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 97
vary: Origin
content-length: 8525
x-xss-protection: 1; mode=block
access-control-allow-origin: *
rpc-service: terrablob-gateway-tier3
last-modified: Mon, 12 Jul 2021 15:39:45 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
etag: "c5c22a61d9832fb2dbeead15a4866a2f"
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *, *
x-amz-cf-id: TJysEX73r5g3U7rsiRitD3s55bJEh7eTgAEpwiNBnulGdqrn4UPJ9Q==
x-uber-app: terrablob-gateway-tier3
x-uber-edge: e4-dca1:w:183

GET
H2 200 client-default-active-order-mobile-root-active-order-mobile-root-online-ordering-checkout-desktop-multistep-87e360f4-9a8666ef242a8dbf921f.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 16 KB
4 KB 220ms
138ms Script
application/javascript 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-default-active-order-mobile-root-active-order-mobile-root-online-ordering-checkout-desktop-multistep-87e360f4-9a8666ef242a8dbf921f.js

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

a9fc93f3b22d27d6333b329f194e4cce0182eb72831cfc74dcb40fd987ac3f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 16:25:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 336350
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
vary: Origin
content-length: 3727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Fri, 09 Jul 2021 22:33:01 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: QqS80R4PdIsarRipeH2uLNVEbC6pOkHo8uNkCIOdBtVglijBak018A==
x-uber-edge: e4-dca1:w:20

GET
H2 200 client-default-active-order-mobile-root-active-order-mobile-root-online-ordering-checkout-desktop-multistep-6a4bfaec-bebf9d3d1169ae7525f3.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 20 KB
7 KB 223ms
141ms Script
application/javascript 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-default-active-order-mobile-root-active-order-mobile-root-online-ordering-checkout-desktop-multistep-6a4bfaec-bebf9d3d1169ae7525f3.js

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

235140f75ea4811662638adb623ff5f92330fb3a66f1b53696a5492fab909296

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 16:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594580
x-cache: Hit from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 78
vary: Origin
content-length: 6573
x-xss-protection: 1; mode=block
access-control-allow-origin: *
rpc-service: terrablob-gateway-tier3
last-modified: Wed, 07 Jul 2021 03:35:07 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
etag: "647b2c645a6c9ef485cde3773703ed44"
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *, *
x-amz-cf-id: E0Ty-x66HcH7Ajhd3gMGoxLNZBWDXs0YRLeIfuMiyg_OvJrHgELhhg==
x-uber-app: terrablob-gateway-tier3
x-uber-edge: e4-dca1:w:1

GET
H2 200 client-default-checkout-desktop-multistep-root-checkout-mobile-multistep-delivery-details-checkout-mobile-r-ad14330e-f6ca6d9bfc3100fd29ce.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 20 KB
7 KB 154ms
73ms Script
application/javascript 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-default-checkout-desktop-multistep-root-checkout-mobile-multistep-delivery-details-checkout-mobile-r-ad14330e-f6ca6d9bfc3100fd29ce.js

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

86bf0aca05ef72cd846a528b2f7cf046821f037f2351820842c522f0d8352e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 16:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 594580
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
vary: Origin
content-length: 6107
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 00:19:58 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: bZLRdpJRuLlQJXrvx5P8TzGPuWwdcbV0IJXvFnj4w6HUkRIs6x5iDA==
x-uber-edge: e4-dca1:w:139

GET
H2 200 client-roots-desktop-895f03c6e9ffe1736566.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 1 MB
215 KB 154ms
73ms Script
application/javascript 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-roots-desktop-895f03c6e9ffe1736566.js

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

205c05f22cc65a36d8dd2c10a4d5cc8fcd3359b58e330ee32cb2ebc3ff5f78c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48863
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
vary: Origin
content-length: 219270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 21:49:13 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: o0lNoMqv4ErtTim3hYXVG9XbWiBpWaMg6ltTDctAsGMRd4eFaJU07Q==
x-uber-edge: e4-dca1:w:31

GET
H2 200 client-theme-postmates-provider-47f67d1ae92f06b58b3e.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 15 KB
5 KB 221ms
140ms Script
application/javascript 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-theme-postmates-provider-47f67d1ae92f06b58b3e.js

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

2b03d3a6845939f4c6c0698cb22105a1ee8ed665dd0f52e728ec8bb9a5860a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 23:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397888
x-cache: Hit from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 97
vary: Origin
content-length: 3906
x-xss-protection: 1; mode=block
access-control-allow-origin: *
rpc-service: terrablob-gateway-tier3
last-modified: Fri, 09 Jul 2021 22:31:11 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
etag: "5490e4d15c8e7a2ddaee7f93d38a0d4e"
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *, *
x-amz-cf-id: KYH2h1-k5eDtRKPWv1pXH6g4FuJWEi6aG-DE8_o0k3nVXna-V13u7w==
x-uber-app: terrablob-gateway-tier3
x-uber-edge: e4-dca8:w:23

GET
H2 200 client-runtime-66633a97aa6a1445c718.js Show response
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 20 KB
7 KB 149ms
68ms Script
application/javascript 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-runtime-66633a97aa6a1445c718.js

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

a0fd15bac3beb1ea88a1f1fab4e5a97bf6cefd2f279fe67b15312498ab1998cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48863
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
vary: Origin
content-length: 6594
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 21:49:13 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: imHZ40HKC-0w5BUblsdkaWGo2cQ2Jvcv4pZZozge_ZsScF0CwvZ9Zw==
x-uber-edge: e4-dca1:w:66

GET
H2 200 17fd82c8a04906ad4e1c7e7c93c568da.svg
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 3 KB
2 KB 133ms
51ms Image
image/svg+xml 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/17fd82c8a04906ad4e1c7e7c93c568da.svg

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

1687ff38431ac25342cdb9d6c19da24b1f5a07e8f2a0451314a2e8c3fd4843e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 19:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411730
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
vary: Accept-Encoding,Origin
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 23:28:46 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: Q-U2TY_KfnEV9GnYQaJWWlRwUHQh4DLdST15J8rEwJmSVskPKbr0eA==
x-uber-edge: e4-dca8:w:36

GET
H2 200 16e87a4635ae8cad21c90003953dc685.svg
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 2 KB
2 KB 133ms
51ms Image
image/svg+xml 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/16e87a4635ae8cad21c90003953dc685.svg

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

837296d0af947b3e429b7e3d4641137724f314b38dac6992a72ecbb561aca41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489825
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
vary: Accept-Encoding,Origin
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 23:28:46 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: jsTs0Qs2a2v2ccYS_q0MuCf8gAbnv2d-iUUNScmKrRT-6nqD0W7-aw==
x-uber-edge: e4-dca1:w:141

GET
H2 200 cdfbf0af58f20b5698ba6fdea32dc953.svg
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 2 KB
2 KB 92ms
52ms Image
image/svg+xml 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/cdfbf0af58f20b5698ba6fdea32dc953.svg

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

60309c1cc82a1be98568c479b20b09b53b16430f07adff106580d0a257332499

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 11:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95869
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
vary: Accept-Encoding,Origin
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 23:55:04 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: IFkp-051UOs61yGWD9fJG7IGLJn0Ev54u0EQjs0DWaMt4it0QbpHCw==
x-uber-edge: e4-dca1:w:35

GET
H2 200 a75de202a5e2eb0233b4082a3e7f4b6a.png
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 303 KB
304 KB 132ms
50ms Image
image/png 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/a75de202a5e2eb0233b4082a3e7f4b6a.png

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

0ea721d73600a083437f10738211eea76672071dc2c9911e200a6c4c7d48cf33

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:00:41 GMT
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 496255
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
vary: Origin
content-length: 310547
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jul 2021 23:28:46 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: XyPhpQP4oFZhKUQ7Kw4MCLXQJ__5LBQiY5yq52VWzALxf0YQqfxgZg==
x-uber-edge: e4-dca1:w:79

GET
H2 200 9c4f60537c8727f8848db5cf13148470.woff2
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 32 KB
32 KB 112ms
48ms Font
font/woff2 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/9c4f60537c8727f8848db5cf13148470.woff2

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

4927e04442677656c87e761f24d15f970516a75a88096536426a5c9325ef5ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 15:42:03 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 252572
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
vary: Origin
content-length: 32596
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jul 2021 22:33:01 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: dcxJQN3iyt6Zvu3tQLuXANr-QwyUsxfEhz4Vg0fIlkZ_mwyEmGS0Zw==
x-uber-edge: e4-dca1:w:104

GET
H2 200 494a9fffdb3f3052415c62e5aaff359f.woff2
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 27 KB
27 KB 141ms
77ms Font
font/woff2 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/494a9fffdb3f3052415c62e5aaff359f.woff2

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

e47350f76dfe82a97ab9d7104741da2fe4a96d1a63cd0599e095af351feff0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 05:50:44 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 28852
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
vary: Origin
content-length: 27332
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jul 2021 21:49:12 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: sTdUXreOji8tFR8PyuboWKrpdoG2ILG3G2huC5BfPmftXD8kZOoSrQ==
x-uber-edge: e4-dca1:w:56

GET
H2 200 5b0b2619b4d813f1d3f88e4d05bdcb1e.woff2
d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/ 26 KB
27 KB 112ms
48ms Font
font/woff2 13.224.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/5b0b2619b4d813f1d3f88e4d05bdcb1e.woff2

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-103.zrh50.r.cloudfront.net

Software

ufe /

Resource Hash

3576315cd3d7d61ebb88904b9ecc12d4c71068753e90813efc628e8574255c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 05:50:44 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 28852
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
vary: Origin
content-length: 26584
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jul 2021 21:49:12 GMT
server: ufe
x-frame-options: ALLOW-FROM https://www.nimblerx.com
strict-transport-security: max-age=604800
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *, *
x-amz-cf-id: 4PXb1zcOUXRNxAStYSkJwcD0YXYXyoFwjTJZ-mnN_-2hzzrwRF-yBA==
x-uber-edge: e4-dca1:w:140

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
689 B 19ms
19ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcP8akUAAAAAMkn2Bo434JdPoTEQpSk2lHODhi0

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1933bcc35de1d78d62e252995e3577c118f4f05dbc3b7ee94ef3fbb8779f4103

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 13:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589
x-xss-protection: 1; mode=block
expires: Wed, 14 Jul 2021 13:51:36 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 341 KB
133 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcP8akUAAAAAMkn2Bo434JdPoTEQpSk2lHODhi0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://postmates.com
Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 13:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 13:42:21 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9571 38 KB
19 KB 32ms
31ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcP8akUAAAAAMkn2Bo434JdPoTEQpSk2lHODhi0&co=aHR0cHM6Ly9wb3N0bWF0ZXMuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=z7gcwmmsbh7h

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

952ed0e93647c31600fca338a64424a1a8f1034046c5408bbb18b622e952281a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CVFFzAEqZGLL0cAn7rb79Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcP8akUAAAAAMkn2Bo434JdPoTEQpSk2lHODhi0&co=aHR0cHM6Ly9wb3N0bWF0ZXMuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=z7gcwmmsbh7h
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://postmates.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://postmates.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Jul 2021 13:51:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-CVFFzAEqZGLL0cAn7rb79Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19707
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 getFeedFrenchDisclaimerV1 Show response
postmates.com/api/ 32 B
321 B 191ms
189ms XHR
application/json 104.16.218.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://postmates.com/api/getFeedFrenchDisclaimerV1

Requested by

Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-vendor-69cf229118d4c39111e3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.218.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46062cc10aed23dfff73eab8b2bdb89f65c6f4b912a2eb2e31328cc9128e7559

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://postmates.com
accept-encoding: gzip, deflate, br
x-csrf-token: x
accept-language: en-US
sec-fetch-dest: empty
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
cookie: uev2.id.xp=b6f25949-aea7-4181-b54c-6277b57a23df; dId=3630b3ce-642e-4be2-a77a-5f4bd998f3ac; uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; uev2.ts.session=1626270696003; jwt-session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MjYyNzA2OTYsImV4cCI6MTYyNjM1NzA5Nn0.fGqwKHr4gJ9AklSBhVDDfB3sSNGl3zc_gk4-x-WQElc; marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204
content-length: 2
:path: /api/getFeedFrenchDisclaimerV1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: postmates.com
referer: https://postmates.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://postmates.com/
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
x-csrf-token: x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Jul 2021 13:51:37 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 116
strict-transport-security: max-age=604800
content-length: 32
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOW-FROM https://www.nimblerx.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS5Q9mV3Sq9tX9hfmXH2XGCcRNkW42u0kY%2F4DuT9aRa0zuGdUA4m8ueigxhejeLnu3D%2Fi4OpTn5YCpmQV6o%2ByHwE3N0aLN%2FoeXpuLACblv8gZYuvrvip0uMuIJB7uXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: max-age=0
set-cookie: uev2.app=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; path=/; expires=Wed, 14 Jul 2021 14:21:37 GMT; domain=postmates.com; secure; httponly uev2.ts.session=1626270696003; path=/; expires=Wed, 14 Jul 2021 14:21:37 GMT; domain=postmates.com; secure; httponly marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204; path=/; expires=Thu, 14 Jul 2022 13:51:37 GMT; domain=.postmates.com; secure
cf-ray: 66eb3a1409d0ee13-CDG
x-uber-edge: e4-dca1:w:96

POST
H2 200 getSessionElapseV1 Show response
postmates.com/api/ 32 B
322 B 400ms
399ms XHR
application/json 104.16.218.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://postmates.com/api/getSessionElapseV1

Requested by

Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-vendor-69cf229118d4c39111e3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.218.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2381561e578fc8a72066b70fc2f2fa5e93ab6d24f08a2622dc7eb1bfac2ede65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://postmates.com
accept-encoding: gzip, deflate, br
x-csrf-token: x
accept-language: en-US
sec-fetch-dest: empty
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
cookie: uev2.id.xp=b6f25949-aea7-4181-b54c-6277b57a23df; dId=3630b3ce-642e-4be2-a77a-5f4bd998f3ac; uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; uev2.ts.session=1626270696003; jwt-session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MjYyNzA2OTYsImV4cCI6MTYyNjM1NzA5Nn0.fGqwKHr4gJ9AklSBhVDDfB3sSNGl3zc_gk4-x-WQElc; marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204
content-length: 2
:path: /api/getSessionElapseV1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: postmates.com
referer: https://postmates.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://postmates.com/
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
x-csrf-token: x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Jul 2021 13:51:37 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 310
strict-transport-security: max-age=604800
content-length: 32
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOW-FROM https://www.nimblerx.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wY7DPxyWtEwi1ymR8m1JPtJRMJpcVbBonhSnV9HceGa6jzJA%2Bp4WLI1G9AaOV6GYTzn4%2FMVniVvbtErC8whxU0I%2FAEB1d%2FnhSA7cBRvza8mMFc7wjD4JYYAzhjmXJ0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: max-age=0
set-cookie: uev2.app=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; path=/; expires=Wed, 14 Jul 2021 14:21:37 GMT; domain=postmates.com; secure; httponly uev2.ts.session=1626270696003; path=/; expires=Wed, 14 Jul 2021 14:21:37 GMT; domain=postmates.com; secure; httponly marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204; path=/; expires=Thu, 14 Jul 2022 13:51:37 GMT; domain=.postmates.com; secure
cf-ray: 66eb3a1409d4ee13-CDG
x-uber-edge: e4-dca1:w:98

POST
H2 200 targetPromotionV1 Show response
postmates.com/api/ 44 B
673 B 180ms
179ms XHR
application/json 104.16.218.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://postmates.com/api/targetPromotionV1

Requested by

Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-vendor-69cf229118d4c39111e3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.218.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b496a1e7638df9685abc50024f51736a8f08f05507a081ff2922d2e4c3a4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://postmates.com
accept-encoding: gzip, deflate, br
x-csrf-token: x
accept-language: en-US
sec-fetch-dest: empty
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
cookie: uev2.id.xp=b6f25949-aea7-4181-b54c-6277b57a23df; dId=3630b3ce-642e-4be2-a77a-5f4bd998f3ac; uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; uev2.ts.session=1626270696003; jwt-session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MjYyNzA2OTYsImV4cCI6MTYyNjM1NzA5Nn0.fGqwKHr4gJ9AklSBhVDDfB3sSNGl3zc_gk4-x-WQElc; marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204
content-length: 2
:path: /api/targetPromotionV1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: postmates.com
referer: https://postmates.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://postmates.com/
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
x-csrf-token: x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Jul 2021 13:51:37 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 114
strict-transport-security: max-age=604800
content-length: 44
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOW-FROM https://www.nimblerx.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2wXBZWzKZ0K2H2iTQDjY8WYVzf5NJa7d5AncqwhYTMuMmW6FPVQOmOg%2Fstj2a6bkgkBpfOqFlqofAoa01Xko7%2FAxPVQ9wmK%2FWY573cop4E%2FN721zH7CriuuCJH7ioI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: max-age=0
set-cookie: uev2.app=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; path=/; expires=Wed, 14 Jul 2021 14:21:37 GMT; domain=postmates.com; secure; httponly uev2.ts.session=1626270696003; path=/; expires=Wed, 14 Jul 2021 14:21:37 GMT; domain=postmates.com; secure; httponly marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204; path=/; expires=Thu, 14 Jul 2022 13:51:37 GMT; domain=.postmates.com; secure
cf-ray: 66eb3a1409d5ee13-CDG
x-uber-edge: e4-dca1:w:55

POST
H2 200 getHomeV2 Show response
postmates.com/api/ 43 KB
7 KB 234ms
233ms XHR
application/json 104.16.218.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://postmates.com/api/getHomeV2

Requested by

Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-vendor-69cf229118d4c39111e3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.218.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b47367582578f0768e039365ea2c75950476e2650db595244e3057c73bd39987

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://postmates.com
accept-encoding: gzip, deflate, br
x-csrf-token: x
accept-language: en-US
sec-fetch-dest: empty
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
cookie: uev2.id.xp=b6f25949-aea7-4181-b54c-6277b57a23df; dId=3630b3ce-642e-4be2-a77a-5f4bd998f3ac; uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; uev2.ts.session=1626270696003; jwt-session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MjYyNzA2OTYsImV4cCI6MTYyNjM1NzA5Nn0.fGqwKHr4gJ9AklSBhVDDfB3sSNGl3zc_gk4-x-WQElc; marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204
content-length: 2
:path: /api/getHomeV2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: postmates.com
referer: https://postmates.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://postmates.com/
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
x-csrf-token: x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Jul 2021 13:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 134
vary: Accept-Encoding,Origin
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOW-FROM https://www.nimblerx.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruRQgjBuIfSOBFRqW6bkOtPB%2B%2BNcc3vsadZgbP%2BlwX4%2FtyZ25ea2I5qkObFau1aCYMmLxvVsSFXB4IZz55B9gxW1DIihhm0XamzrInCyKd9HD7V4bDdS%2F1tQm1fgxYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
via: 1.1 google
cache-control: max-age=0
set-cookie: uev2.app=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; path=/; expires=Wed, 14 Jul 2021 14:21:37 GMT; domain=postmates.com; secure; httponly uev2.ts.session=1626270696003; path=/; expires=Wed, 14 Jul 2021 14:21:37 GMT; domain=postmates.com; secure; httponly marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204; path=/; expires=Thu, 14 Jul 2022 13:51:37 GMT; domain=.postmates.com; secure
cf-ray: 66eb3a1409d6ee13-CDG
x-uber-edge: e4-dca1:w:121

POST
H2 200 getHomeV2 Show response
postmates.com/api/ 43 KB
7 KB 184ms
183ms XHR
application/json 104.16.218.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://postmates.com/api/getHomeV2

Requested by

Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-vendor-69cf229118d4c39111e3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.218.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b47367582578f0768e039365ea2c75950476e2650db595244e3057c73bd39987

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://postmates.com
accept-encoding: gzip, deflate, br
x-csrf-token: x
accept-language: en-US
sec-fetch-dest: empty
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
cookie: uev2.id.xp=b6f25949-aea7-4181-b54c-6277b57a23df; dId=3630b3ce-642e-4be2-a77a-5f4bd998f3ac; uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; uev2.ts.session=1626270696003; jwt-session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MjYyNzA2OTYsImV4cCI6MTYyNjM1NzA5Nn0.fGqwKHr4gJ9AklSBhVDDfB3sSNGl3zc_gk4-x-WQElc; marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204
content-length: 2
:path: /api/getHomeV2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: postmates.com
referer: https://postmates.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://postmates.com/
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
x-csrf-token: x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Jul 2021 13:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 116
vary: Accept-Encoding,Origin
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOW-FROM https://www.nimblerx.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZOt1pl2%2FNj3jOBV5R7vYk3L1iryRlk6HtLeSO5A9hZMCdP5Zg9vK940N0R4hfLpCdNukt5%2Fpa%2FgGqQa3VOomhdTHJpiXiSYqFZrMRdJmuR%2Fe0%2F5EJh78oDX9YOsEkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
via: 1.1 google
cache-control: max-age=0
set-cookie: uev2.app=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly uev2.id.session=6e7ee6ef-01aa-4590-a220-71a29ee5c6f4; path=/; expires=Wed, 14 Jul 2021 14:21:37 GMT; domain=postmates.com; secure; httponly uev2.ts.session=1626270696003; path=/; expires=Wed, 14 Jul 2021 14:21:37 GMT; domain=postmates.com; secure; httponly marketing_vistor_id=be3608ad-baaf-43b5-93bc-d0b67a269204; path=/; expires=Thu, 14 Jul 2022 13:51:37 GMT; domain=.postmates.com; secure
cf-ray: 66eb3a1409d8ee13-CDG
x-uber-edge: e4-dca1:w:180

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 9571 52 KB
52 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcP8akUAAAAAMkn2Bo434JdPoTEQpSk2lHODhi0&co=aHR0cHM6Ly9wb3N0bWF0ZXMuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=z7gcwmmsbh7h

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 13:42:22 GMT
vary: Accept-Encoding
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
x-content-type-options: nosniff
age: 555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52867
x-xss-protection: 0
expires: Thu, 14 Jul 2022 13:42:22 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 9571 341 KB
133 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 13:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 13:42:21 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9571 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 00:00:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 136267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 20 Jul 2021 00:00:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9571 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 133721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 00:42:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9571 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 00:30:52 GMT
x-content-type-options: nosniff
age: 134445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 00:30:52 GMT

GET
H2 200 fast-food.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 19 KB
19 KB 60ms
16ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/fast-food.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

0a90a948b7ccc8554f5dcafc6606f6f7dc96e282415a27f1796677abab115106

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 173683
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 150
content-length: 19350
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
date: Mon, 12 Jul 2021 13:36:55 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
etag: "8846bed4fc5470b1518af5fc827272fe"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 7aRbTrOb-UaroSRwLaHiYIvSNd9GgIZg-a_iA-Vlje1URwNAOijuXg==
x-uber-edge: e4-dca1:w:115

GET
H2 200 breakfast-and-brunch.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 27 KB
28 KB 60ms
16ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/breakfast-and-brunch.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

ac7af79a863187995e4e1d954c72361404b1a34ebe85fccd173b50d4a1bbe8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 15:05:29 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 341169
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 173
content-length: 27618
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "93110eac5d947ead6088122d6789eeff"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: pueOQadoR55mId6ipmk_Y5h0JFIaFXcvL93Xfcos1kLS9fDQ569VLg==
x-uber-edge: e4-dca1:w:120

GET
H2 200 american.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 18 KB
19 KB 82ms
38ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/american.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

0e043bfa7c0d0613bbda9889ab11dd6cd39b7dc795c9a9777da56d1705ed8118

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:11:38 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 474000
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 151
content-length: 18562
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "ccffdd805cbc2fafdea2ae47db09e735"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: qTcteabK49PIU7FJPT5F4JJeRUOcFL581JwImEqN-SfeEKtY1ScabA==
x-uber-edge: e4-dca8:w:48

GET
H2 200 mexican.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 23 KB
23 KB 69ms
25ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/mexican.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

5994f72cb679a6e2d281d0c3f7c7c8871c1138804a69bcb8441172213fc3f916

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 453910
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 162
content-length: 23346
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
date: Fri, 09 Jul 2021 07:46:28 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
etag: "9a7837f51572172b897676cfbcdc8590"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 5CUe1QMFo5LQO7S50jXwJl4NAgP91EJ3M3DjDK1icUAcqYgQPAz2LA==
x-uber-edge: e4-dca1:w:33

GET
H2 200 chinese.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 21 KB
21 KB 60ms
16ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/chinese.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

7c9b3960fa34c4fe2d84d1a8a47d4f761545c35f329424ee0f5336dff014a939

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 19:43:29 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 410888
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 158
content-length: 21378
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "88fcc139d009c0df7ac32ce9e63c1609"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: PJpMTsvHB6sh9nCPIUgT_m7jfTiRC-ZVYFV6J1tXMyD95j_ohdyv9g==
x-uber-edge: e4-dca1:w:47

GET
H2 200 japanese.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 25 KB
25 KB 74ms
31ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/japanese.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

0242ea0a51ecd030e26e53beb81ddc482d752c24c288fc33544894ba269cd586

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 15:05:29 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 341169
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 174
content-length: 25335
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "c5d1118d003674c68abb55d2d30a8834"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: bcYYgIUcD2lg_YGKm5sCpJ87SHVYE9dkV7pG3oBPj4a83opZam6Jdw==
x-uber-edge: e4-dca1:w:162

GET
H2 200 italian.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 23 KB
24 KB 23ms
21ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/italian.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

280d6b3c8b3d205b658a5577226a9fe47997b52f2e152f04175e8960833c7627

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 19:43:29 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 410888
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 166
content-length: 23776
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "603946a3be45f576f035fa9e0d45cbf8"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: GHcLJw2rSp2HpnCecyiE8SWvM6L08uLBgrsG7A0DL5MkFhlVZZyU5A==
x-uber-edge: e4-dca1:w:148

GET
H2 200 healthy.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 24 KB
25 KB 26ms
23ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/healthy.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

6b55f882cf1bf6200e6f6fe199b78323a5890b872d6d0971ab40304b2856ad42

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 19:43:30 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 410888
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 199
content-length: 24867
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "43ad42573f6adfeefa5d795e5a595144"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: f_eQvt6eDIpzFTDlPxQuDkiyKXP25jyoSxkxfOEFkLXqnIJxmzgy2w==
x-uber-edge: e4-dca1:w:35

GET
H2 200 asian.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 21 KB
22 KB 26ms
23ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/asian.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

2bfca189608effc54af8e50553701235a10954e39a606e9acd07c196abd1e510

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 07:46:28 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 453910
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 164
content-length: 21768
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "9027918e8a209e568ff11f22f6888156"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: yGwBYlCR9WefLq1n-oj1CkvJAGA-KuiQ3SC_9rE4xpXUbMxKhIEmxg==
x-uber-edge: e4-dca1:w:87

GET
H2 200 indian.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 23 KB
24 KB 28ms
25ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/indian.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

7337fb2a3b654805385fb865c596fb49c91df9000d7d62e5416b3bcd7b0b3794

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 47499
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 141
content-length: 23655
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
date: Wed, 14 Jul 2021 00:39:59 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
etag: "05e7288770cda74e4c6e16fc966fafa7"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: r91WpwhaTD4kcD1P-Zw76rm8-OSkNvpBIi9gjWIZ2JwuqpVfClHJtw==
x-uber-edge: e4-dca1:w:18

GET
H2 200 thai.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 21 KB
21 KB 29ms
26ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/thai.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

f93d4b6ab7c5f26d3c6665d622761f51c16c40747c46b9bcf54a6b860755a836

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 08:42:05 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 536973
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 148
content-length: 21344
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "37eea5f552c2d086fed4dc7cefd7d5d7"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 8v8ghi6YE-MVq4StlXlva5rXLtDbR1UNZRzFal_xS1vkHIG5FJb4og==
x-uber-edge: e4-dca1:w:57

GET
H2 200 taiwanese.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 25 KB
25 KB 32ms
29ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/taiwanese.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

b2483cda6ecf4f0e534a599d4c059567023489c2a0c60a3daf03485ad3daa030

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 06:11:42 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 200396
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 423
content-length: 25309
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "1e7523a1c788d14ee8d975bf451e845a"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: cEPVFapze7nQLrsstWQLRqjEBMcM81leHS0dd1Gcg6d0LvKYtvLBKA==
x-uber-edge: e4-dca1:w:66

GET
H2 200 alcohol.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 8 KB
8 KB 30ms
28ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/alcohol.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

c3a0cb6b1fc24d281a7460f8ee775c2ccf62fa8b6cabecd96cca6ad89c3b5159

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 96920
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 153
content-length: 7777
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:41 GMT
server: ufe
date: Tue, 13 Jul 2021 10:02:47 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
etag: "5191f43cf8718803cc1f06b9fcf82f16"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: k1Pto-Dt5vWOce34rqnttzKNtjJi9ndNBy1j54Qh6vafzbgnsMNpmA==
x-uber-edge: e4-dca1:w:84

GET
H2 200 halal.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 14 KB
15 KB 33ms
30ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/halal.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

f06c37405f42e202b8db17605bfe338755d0a9caa8e7dd41d79d775eae1ec9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:00:35 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 525063
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 183
content-length: 14600
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "19a476b1dcf3c0beb7c594fe6ff57965"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 26AKc5zlzDA_EvSg1S2NB72vXaFIkQfqRdfQScKGbRAz2M-jdOG35g==
x-uber-edge: e4-dca1:w:150

GET
H2 200 bakery.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 21 KB
21 KB 42ms
40ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/bakery.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

f92a3ebe3f5d798085060cf3e9b7b1505579dadb3f5c37827bb1343245a99c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 100130
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 177
content-length: 21212
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
date: Tue, 13 Jul 2021 10:02:47 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
etag: "d3ee3ace7582c83722726dc94669316a"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: XfeDmNZjTEl31RWMJWBWrtnzWpxyv_2Y9V3tR7VcRlVyjYsAIJBLLw==
x-uber-edge: e4-dca1:w:160

GET
H2 200 comfort-food.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 18 KB
18 KB 43ms
40ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/comfort-food.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

892a872e80ce345109e938b8cf6096671b8cefebc756480d49c2d7154b8852bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 360544
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 147
content-length: 18336
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
date: Sat, 10 Jul 2021 09:42:34 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
etag: "ebfa5a9d2b51152263478dc334317e3a"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: _YwI3TlR1s1NmqmZKdH0A4tXfRXARf8bFbqpym__8Q38HHXsExAXpA==
x-uber-edge: e4-dca1:w:120

GET
H2 200 middle-eastern.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 22 KB
23 KB 35ms
32ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/middle-eastern.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

bc12a7e5377e178e652ff05e76e0273f8fc1bbbddcfbb434d5e18d9bf13c65df

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 16:56:22 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 507316
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 348
content-length: 22787
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:43 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "0eb1004a8427de7a7d5923bd24dd2c9f"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: IhhzAV0Y1jFekJRN0YytWb64fUo0bx9RNTbOBuxAnEOB9guWgt8eMw==
x-uber-edge: e4-dca1:w:101

GET
H2 200 pizza.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 18 KB
18 KB 35ms
33ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/pizza.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

65e1c8ba66b8a5d52e00054fc72e19177f5830e305078d8c0a85549b39f3f1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 15:53:47 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 597471
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 378
content-length: 18171
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "33d471962bc54e4b4c8f807532c66741"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: Isze8UbLsNBeVBt5ULLJgffD7-DkFCUyiriBNY3P1r_6vppzMQQaaw==
x-uber-edge: e4-dca1:w:146

GET
H2 200 turkish.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 21 KB
21 KB 37ms
35ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/turkish.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

49690aae0be7f4ed3c6a0c4ddda8fa28fad178165ea353796b189f4fb6796c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:00:35 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 525063
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 152
content-length: 21359
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "afbc140d17dd67769dcca4181d783791"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: CxmiqUWo0WvhjzCuOjXmDpvynUOnJH-xB15_khrQQq42JmkU2g13hQ==
x-uber-edge: e4-dca1:w:113

GET
H2 200 korean.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 23 KB
23 KB 36ms
34ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/korean.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

c4760d930c99a70cc990d6b840e9fadca5cc7e4769055bac45139c8c3ab05bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:00:35 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 525063
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 161
content-length: 23416
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "91b76e370a6d587bd124cbe3bb782b17"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: o9P_ub3-idqJRGxt_HRPYV39Uh7cLeGAW06BNM7PkTGrjQ1vzbSvcQ==
x-uber-edge: e4-dca1:w:174

GET
H2 200 deli.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 23 KB
24 KB 38ms
36ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/deli.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

3d250a9c8d92e2b9a9751b9454e0c04559f79136d92c7ee53093bd3e47137c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:00:35 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 525063
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 138
content-length: 23714
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "fcd939a495a2ba15e8f918ee3662513f"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: _Zt7yaqKSH6JcAHlgoiCiVp8tnSTZtEJZ6OE8XuP36KlmEOkPLMEcQ==
x-uber-edge: e4-dca1:w:84

GET
H2 200 brazilian.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 12 KB
13 KB 41ms
38ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/brazilian.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

79986e0da4060418080cfeec75e1586e296f123ac51f6d8267c6b9a697c3643a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:00:35 GMT
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 525063
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 155
content-length: 12262
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
x-frame-options: SAMEORIGIN
etag: "544e9215bbc643bec765c1cb8cf82d50"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: DWgHj73M69uYbRB8bFO4VBP1jh49B1Wgqr4bygFzvWP8V_yqPMsTFw==
x-uber-edge: e4-dca1:w:128

GET
H2 200 dessert.png
tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/ 19 KB
20 KB 43ms
41ms Image
image/png 2600:9000:2190:e000:c:a6c4:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-static.uber.com/prod/web-eats-v2/categories/icons-postmates/dessert.png?v=1

Requested by

Host: postmates.com
URL: https://postmates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e000:c:a6c4:b880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ufe /

Resource Hash

634528a4d26a920c987fae94ecc9108b81f73612841f7f82d52bc87b7f864aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
via: 1.1 google, 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 340322
x-cache: Hit from cloudfront
x-tb-source: terrablob
x-envoy-upstream-service-time: 165
content-length: 19790
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 21:36:42 GMT
server: ufe
date: Sat, 10 Jul 2021 15:19:36 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
etag: "ecba87be08d1e5b8546e8b98d4604858"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: OugplmltpSwz7tfXmCCwbOE6tqKiUruwPOBDQXlF_YlC8wClpM3T_A==
x-uber-edge: e4-dca1:w:109

GET
H2 200 postmatesBadge.png
dkl8of78aprwd.cloudfront.net/ 408 B
803 B 36ms
10ms Image
image/png 2600:9000:2156:ce00:16:ebbc:df40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkl8of78aprwd.cloudfront.net/postmatesBadge.png
Requested by: Host: postmates.com
URL: https://postmates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ce00:16:ebbc:df40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b96d1a8f07c36e57385a74fe65ef34be434f38d81f73e06071516d2e8e9e27cc

Request headers

Referer: https://postmates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7kVjmbQy8CU0kh5tPByWr9fozvoKUBpY
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
etag: "4f4c457e60645a66ff222efbc2f57041"
last-modified: Mon, 29 Mar 2021 23:42:04 GMT
server: AmazonS3
age: 29188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 14 Jul 2021 05:45:11 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 408
x-amz-cf-id: XSoTznaATvKiVhsxgwKLNzszo1COP27yVZbWCmDOxSTUD4SOLLMikA==

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9571 102 B
138 B 22ms
14ms Other
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcP8akUAAAAAMkn2Bo434JdPoTEQpSk2lHODhi0&co=aHR0cHM6Ly9wb3N0bWF0ZXMuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=z7gcwmmsbh7h
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 13:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 14 Jul 2021 13:51:38 GMT

POST
H2 200 _events Show response
postmates.com/ 2 B
957 B 171ms
171ms XHR
text/plain 104.16.218.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://postmates.com/_events

Requested by

Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/web-eats-v2/client-vendor-69cf229118d4c39111e3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.218.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://postmates.com
accept-encoding: gzip, deflate, br
x-csrf-token: x
accept-language: en-US
sec-fetch-dest: empty
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
content-length: 8421
:path: /_events
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: postmates.com
referer: https://postmates.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://postmates.com/
x-uber-xps: %7B%22eats_web_hybrid_pickup_map_phase_2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_coi_checkout_v2%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_1%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_hybrid_pickup_map_phase_3%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_migrate_delivery_details_to_location_manager%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_r2e_invoice%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22web_ranking_disclaimer_front_end%22%3A%7B%22name%22%3A%22treatment_default_and_carousel%22%7D%2C%22eats_web_storefront_modality_toggle%22%3A%7B%22name%22%3A%22control%22%7D%2C%22eats_web_savings_landing%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_new_store_url%22%3A%7B%22name%22%3A%22treatment%22%7D%2C%22eats_web_online_ordering_coi%22%3A%7B%22name%22%3A%22treatment%22%7D%7D
x-csrf-token: x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Jul 2021 13:51:42 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 100
strict-transport-security: max-age=604800
content-length: 2
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOW-FROM https://www.nimblerx.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdVYKcwwHQflAtTBzu9P%2BDuDUNVFU6kJ4zulopGtGU9H%2BxZmnqVd5cdBAUUHdo6yS28f0PYVvQPlPqGga3VSv%2BGhYM5MCannzD3U4TUobC9V8bkOpom9GPOhUsqD6gY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0
set-cookie: uev2.app=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly uev2.id.xp=3d10f5db-3e93-4b40-97da-c9e3ea51eb6d; path=/; domain=postmates.com; secure; httponly dId=c91b8368-af61-46d0-8cf9-40f9fc1ff031; path=/; expires=Thu, 14 Jul 2022 13:51:42 GMT; domain=postmates.com; secure; httponly uev2.id.session=7fb36b28-5109-481c-b518-f4e88c96b9e9; path=/; expires=Wed, 14 Jul 2021 14:21:42 GMT; domain=postmates.com; secure; httponly uev2.ts.session=1626270702114; path=/; expires=Wed, 14 Jul 2021 14:21:42 GMT; domain=postmates.com; secure; httponly marketing_vistor_id=672534c2-1238-44e8-ae0d-6f69a9e175ce; path=/; expires=Thu, 14 Jul 2022 13:51:42 GMT; domain=.postmates.com; secure jwt-session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MjYyNzA3MDIsImV4cCI6MTYyNjM1NzEwMn0.pIiYydM4pZfMlEr8EwgNcWU8FLtknnxQJKbbjMqFtRE; path=/; expires=Thu, 15 Jul 2021 13:51:42 GMT; secure; httponly
cf-ray: 66eb3a2fbc1aee13-CDG
x-uber-edge: e4-dca1:w:34

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.postmates.com/	1970-01-19 19:44:32	Name: uev2.ts.session Value: 1626270696003
postmates.com/	1970-01-19 19:45:57	Name: jwt-session Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2MjYyNzA2OTYsImV4cCI6MTYyNjM1NzA5Nn0.fGqwKHr4gJ9AklSBhVDDfB3sSNGl3zc_gk4-x-WQElc
.postmates.com/	1970-01-19 19:44:32	Name: uev2.id.session Value: 6e7ee6ef-01aa-4590-a220-71a29ee5c6f4
.postmates.com/	1970-01-20 04:30:06	Name: dId Value: 3630b3ce-642e-4be2-a77a-5f4bd998f3ac
.postmates.com/	1970-01-20 04:30:06	Name: marketing_vistor_id Value: be3608ad-baaf-43b5-93bc-d0b67a269204
.postmates.com/	1969-12-31 23:59:59	Name: uev2.id.xp Value: b6f25949-aea7-4181-b54c-6277b57a23df

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-src 'self' https://.uber.com http://.cdn-net.com https://tr.snapchat.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com https://www.google.com/recaptcha/ bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com .doubleclick.net .tealiumiq.com .demdex.net .optimizely.com; worker-src 'self'; child-src 'self' bs.serving-sys.com click.appcast.io analytics.recruitics.com ci.iasds01.com cdn.krxd.net www.facebook.com .doubleclick.net .tealiumiq.com .demdex.net; connect-src 'self' 'self' https://.uber.com https://duyt4h9nfnj50.cloudfront.net https://d3fa76b550dpw9.cloudfront.net https://d4p17acsd5wyj.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://siteintercept.qualtrics.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com events.uber.com api.mixpanel.com d3i4yxtzktqr9n.cloudfront.net .optimizely.com www.google-analytics.com .tealiumiq.com .demdex.net; manifest-src 'self'; form-action 'self' https://tr.snapchat.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com; frame-ancestors 'self' http://localhost: https://www.nimblerx.com https://static-team-ops.nimbleandsimple.com https://pharma.uber.com http://local.shakeshack.com https://shakeshackdev.prod.acquia-sites.com https://shakeshackstg.prod.acquia-sites.com https://shakeshack.prod.acquia-sites.com https://www.shakeshack.com https://front-hml-delivery.azurewebsites.net https://front-dev-delivery.azurewebsites.net https://front-prd-delivery.azurewebsites.net https://deliverycontrol.grupomadero.com.br https://delivery.grupomadero.com.br https://staging-shop.mccolls.co.uk https://shop.mccolls.co.uk https://stoq.shop https://staging.stoq.shop https://admin.stoq.shop https://admin-staging.stoq.shop https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-99bd26e6-3a46-4816-8621-2de7974effc6' https://bat.bing.com https://.qualtrics.com https://analytics.twitter.com http://www.googletagservices.com http://.cdn-net.com https://sc-static.net https://tr.snapchat.com https://.yjtag.jp https://yjtag.yahoo.co.jp https://b92.yahoo.co.jp https://.yimg.jp https://.outbrain.com https://www.redditstatic.com https://analytics.tiktok.com https://payments.uber.com https://payments.ubereats.com https://payments.postmates.com https://payments.order.store https://payments-staging.uberinternal.com https://payments-staging.uber.com https://d4p17acsd5wyj.cloudfront.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' script.crazyegg.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com maps.google.com tags.tiqcdn.com beacon.krxd.net cdn.krxd.net cdn.mxpnl.com www.googleadservices.com www.ziprecruiter.com analytics.recruitics.com edge.quantserve.com secure.quantserve.com connect.facebook.net cdn.nanigans.com api.nanigans.com .adroll.com s.yimg.com sp.analytics.yahoo.com click.app-cast.com i.l.inmobicdn.net .optimizely.com .tealiumiq.com *.doubleclick.net static.ads-twitter.com https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com; report-uri https://csp.uber.com/csp?a=web-eats-v2&ro=false
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.nimblerx.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3i4yxtzktqr9n.cloudfront.net
dkl8of78aprwd.cloudfront.net
fonts.gstatic.com
pm.app.link
postmat.es
postmates.com
tb-static.uber.com
www.google.com
www.gstatic.com
104.16.218.98
13.224.89.103
13.56.57.255
2600:9000:2156:ce00:16:ebbc:df40:21
2600:9000:2156:d600:19:9934:6a80:93a1
2600:9000:2190:e000:c:a6c4:b880:93a1
2a00:1450:4001:801::2004
2a00:1450:4001:809::2003
2a00:1450:4001:810::2004
2a00:1450:4001:828::2003
0242ea0a51ecd030e26e53beb81ddc482d752c24c288fc33544894ba269cd586
0a90a948b7ccc8554f5dcafc6606f6f7dc96e282415a27f1796677abab115106
0e043bfa7c0d0613bbda9889ab11dd6cd39b7dc795c9a9777da56d1705ed8118
0ea721d73600a083437f10738211eea76672071dc2c9911e200a6c4c7d48cf33
1687ff38431ac25342cdb9d6c19da24b1f5a07e8f2a0451314a2e8c3fd4843e8
1933bcc35de1d78d62e252995e3577c118f4f05dbc3b7ee94ef3fbb8779f4103
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
205c05f22cc65a36d8dd2c10a4d5cc8fcd3359b58e330ee32cb2ebc3ff5f78c8
235140f75ea4811662638adb623ff5f92330fb3a66f1b53696a5492fab909296
2381561e578fc8a72066b70fc2f2fa5e93ab6d24f08a2622dc7eb1bfac2ede65
280d6b3c8b3d205b658a5577226a9fe47997b52f2e152f04175e8960833c7627
2b03d3a6845939f4c6c0698cb22105a1ee8ed665dd0f52e728ec8bb9a5860a88
2bfca189608effc54af8e50553701235a10954e39a606e9acd07c196abd1e510
3576315cd3d7d61ebb88904b9ecc12d4c71068753e90813efc628e8574255c5c
39b496a1e7638df9685abc50024f51736a8f08f05507a081ff2922d2e4c3a4f4
39e761e8be27071f65b63582e3849ca7ef5728085dffc08a19313641ca4c0b89
3d250a9c8d92e2b9a9751b9454e0c04559f79136d92c7ee53093bd3e47137c4a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
46062cc10aed23dfff73eab8b2bdb89f65c6f4b912a2eb2e31328cc9128e7559
4927e04442677656c87e761f24d15f970516a75a88096536426a5c9325ef5ca6
49690aae0be7f4ed3c6a0c4ddda8fa28fad178165ea353796b189f4fb6796c07
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5994f72cb679a6e2d281d0c3f7c7c8871c1138804a69bcb8441172213fc3f916
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60309c1cc82a1be98568c479b20b09b53b16430f07adff106580d0a257332499
634528a4d26a920c987fae94ecc9108b81f73612841f7f82d52bc87b7f864aec
65e1c8ba66b8a5d52e00054fc72e19177f5830e305078d8c0a85549b39f3f1ef
6b55f882cf1bf6200e6f6fe199b78323a5890b872d6d0971ab40304b2856ad42
6d9c1356873c73222cf32423c75becfbaa8c04790dc5bc0370994c21c6b2bc89
7337fb2a3b654805385fb865c596fb49c91df9000d7d62e5416b3bcd7b0b3794
79986e0da4060418080cfeec75e1586e296f123ac51f6d8267c6b9a697c3643a
7c9b3960fa34c4fe2d84d1a8a47d4f761545c35f329424ee0f5336dff014a939
837296d0af947b3e429b7e3d4641137724f314b38dac6992a72ecbb561aca41e
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
86bf0aca05ef72cd846a528b2f7cf046821f037f2351820842c522f0d8352e3d
892a872e80ce345109e938b8cf6096671b8cefebc756480d49c2d7154b8852bc
952ed0e93647c31600fca338a64424a1a8f1034046c5408bbb18b622e952281a
9f4a41652c6cef627531872d52fbcb6e6ad0b0895c7e8cd25dbae5240b5d4b28
a0fd15bac3beb1ea88a1f1fab4e5a97bf6cefd2f279fe67b15312498ab1998cd
a9fc93f3b22d27d6333b329f194e4cce0182eb72831cfc74dcb40fd987ac3f4b
ac7af79a863187995e4e1d954c72361404b1a34ebe85fccd173b50d4a1bbe8f7
b2483cda6ecf4f0e534a599d4c059567023489c2a0c60a3daf03485ad3daa030
b47367582578f0768e039365ea2c75950476e2650db595244e3057c73bd39987
b96d1a8f07c36e57385a74fe65ef34be434f38d81f73e06071516d2e8e9e27cc
bc12a7e5377e178e652ff05e76e0273f8fc1bbbddcfbb434d5e18d9bf13c65df
c3a0cb6b1fc24d281a7460f8ee775c2ccf62fa8b6cabecd96cca6ad89c3b5159
c4760d930c99a70cc990d6b840e9fadca5cc7e4769055bac45139c8c3ab05bda
e47350f76dfe82a97ab9d7104741da2fe4a96d1a63cd0599e095af351feff0a8
ef2bd1ad40cbc8fa53b11373345be7e3f269c17d58b3cbc3e0138613f8f8a1ba
f06c37405f42e202b8db17605bfe338755d0a9caa8e7dd41d79d775eae1ec9e3
f92a3ebe3f5d798085060cf3e9b7b1505579dadb3f5c37827bb1343245a99c01
f93d4b6ab7c5f26d3c6665d622761f51c16c40747c46b9bcf54a6b860755a836

postmates.com Open in urlscan Pro 104.16.218.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

70 %IPv6

7 Domains

9 Subdomains

8 IPs

2 Countries

1977 kBTransfer

4294 kBSize

6 Cookies

18 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

postmates.com Open in urlscan Pro
104.16.218.98 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

70 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

1977 kB
Transfer

4294 kB
Size

6
Cookies

56 HTTP transactions
0 data transactions