www.ubereatpromo.ch Open in urlscan Pro
2.59.254.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ubereatpromo.ch/
Effective URL:
https://www.ubereatpromo.ch/step/index.php
Submission: On October 11 via automatic, source certstream-suspicious (October 11th 2023, 10:47:50 pm UTC) — Scanned from CH

Summary HTTP 28 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 28 HTTP transactions. The main IP is 2.59.254.74, located in Amsterdam, Netherlands and belongs to AS_DELIS, US. The main domain is www.ubereatpromo.ch.
TLS certificate: Issued by R3 on September 23rd 2023. Valid for: 3 months.

This is the only time www.ubereatpromo.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	2.59.254.74 2.59.254.74	211252 (AS_DELIS) (AS_DELIS)
14	143.204.205.139 143.204.205.139	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	104.102.23.137 104.102.23.137	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
28	8

3 2.59.254.74 (Amsterdam, Netherlands) 2 redirects

ASN211252 (AS_DELIS, US)

www.ubereatpromo.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 143.204.205.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-139.fra53.r.cloudfront.net

d3i4yxtzktqr9n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.23.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-23-137.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cloudfront.net d3i4yxtzktqr9n.cloudfront.net	341 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	416 KB
5	google.com accounts.google.com — Cisco Umbrella Rank: 32 www.google.com — Cisco Umbrella Rank: 2	114 KB
3	ubereatpromo.ch 2 redirects www.ubereatpromo.ch	23 KB
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3927	17 KB
28	5

	Domain	Requested by
14	d3i4yxtzktqr9n.cloudfront.net	www.ubereatpromo.ch
6	www.gstatic.com	www.google.com www.gstatic.com
3	www.google.com	www.ubereatpromo.ch www.gstatic.com
3	www.ubereatpromo.ch	2 redirects
2	accounts.google.com	www.ubereatpromo.ch
1	fonts.gstatic.com	www.google.com
1	appleid.cdn-apple.com	www.ubereatpromo.ch
28	7

This site contains links to these domains. Also see Links.

Domain
policies.google.com

Subject Issuer	Validity	Valid
tender-cannon.2-59-254-74.plesk.page R3	`2023-09-23` - `2023-12-22`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.ubereatpromo.ch/step/index.php
Frame ID: FD5EE36FC3B0A301066CC5F2BB1021D9
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeIzyAeAAAAAM6AYjM0OUTxllAlQeeNZHsGnR9Y&co=aHR0cHM6Ly9hdXRoLnViZXIuY29tOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=pf06jw3g33a3
Frame ID: 8A29DC341B54F3F3422F167E67AD0CC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeIzyAeAAAAAM6AYjM0OUTxllAlQeeNZHsGnR9Y&co=aHR0cHM6Ly93d3cudWJlcmVhdHByb21vLmNoOjQ0Mw..&hl=de-CH&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=wwbot2h0al8
Frame ID: D4D201230419641F717B316AF4B63DC5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Uber

Page URL History Show full URLs

https://www.ubereatpromo.ch/ HTTP 302
https://www.ubereatpromo.ch/step/infos1.php HTTP 302
https://www.ubereatpromo.ch/step/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Page Statistics

28
Requests

96 %
HTTPS

57 %
IPv6

5
Domains

7
Subdomains

8
IPs

3
Countries

911 kB
Transfer

2362 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Politique de confidentialité

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Conditions générales d'utilisation

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ubereatpromo.ch/ HTTP 302
https://www.ubereatpromo.ch/step/infos1.php HTTP 302
https://www.ubereatpromo.ch/step/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
www.ubereatpromo.ch/step/
Redirect Chain

https://www.ubereatpromo.ch/
https://www.ubereatpromo.ch/step/infos1.php
https://www.ubereatpromo.ch/step/index.php

155 KB
23 KB

122ms
121ms

Document
text/html

2.59.254.74
AS_DELIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ubereatpromo.ch/step/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.59.254.74 Amsterdam, Netherlands, ASN211252 (AS_DELIS, US),
Reverse DNS
Software: nginx / PHP/8.0.30 PleskLin
Resource Hash: ab99ead6790e2fbaa0903c360ac19e4bc8aa57b717de66ac4e5ab862ee6a29c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 22:47:44 GMT
server: nginx
x-powered-by: PHP/8.0.30 PleskLin

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 22:47:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: index.php
pragma: no-cache
server: nginx
x-powered-by: PHP/8.0.30 PleskLin

GET
H2 200 client-main-b8c60514ec3db679.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 296 KB
74 KB 393ms
332ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-b8c60514ec3db679.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

acb60bda4ca713e7c43af2e0de0aaa4603729287c8a0d8609393df492f517306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 201
content-length: 75258
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Apr 2023 18:31:47 GMT
server: ufe
etag: "7ac44dcbf0beea434533b35cd1e8c6e7"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: VX8xZqHyxylwKOVin7_nKVJggqdGiGQSXOKP0mVgUSqN0JwvtloMhg==
x-uber-edge: e4-dca22:w:419430401

GET
H2 200 client-vendor-react-a32c6f00952bb2ba.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 240 KB
81 KB 788ms
727ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-react-a32c6f00952bb2ba.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

c66f99577df6778cbf3943ba4803a5e7f42d6e13d8eeea0381e022a99ad37c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 302
content-length: 82031
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Jul 2023 23:17:59 GMT
server: ufe
etag: "0b86547eb3a3db73a8b38ca514fce4e1"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: t_Qct87kcvMRjxn2meaOoVtGk2WvUHPVJGpCbBvF6eV5SQCZz8Qd9w==
x-uber-edge: e4-dca18:w:67108866

GET
H2 200 client-vendor-fusion-118e393c0fa363cc.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 17 KB
7 KB 338ms
277ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-fusion-118e393c0fa363cc.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

378a7b10cea8174f0593d44d74944f969da00759d274365614288bd49d64fe08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 143
content-length: 6413
x-xss-protection: 1; mode=block
last-modified: Tue, 02 May 2023 05:28:46 GMT
server: ufe
etag: "4a00a0a9dec5b669c390f7777266e085"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: 3mpYhGJY_PxY7ZPGxcVWHf8oXIH0TbQpYO4Tqr68mjtYobsH0nWZ5g==
x-uber-edge: e4-dca24:w:184549380

GET
H2 200 client-5040-3125d366b9b1a9b5.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 126 KB
41 KB 757ms
696ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-5040-3125d366b9b1a9b5.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

912593771f2fcfeebdc49c2ffabeac47cd51dec6dab7521263b9ec9eba3612d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 182
content-length: 41526
x-xss-protection: 1; mode=block
last-modified: Mon, 01 May 2023 17:31:05 GMT
server: ufe
etag: "ddeed990655125a8801bfea37cb2c79e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: jiQ8BInGZapvQ2lfZF2E1VAl5sBqbtZwrfL65u6oVjk8y0WO97X2Ew==
x-uber-edge: e4-dca22:w:352321539

GET
H2 200 client-1329-3a6b9b8d74f19209.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 16 KB
6 KB 627ms
566ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-1329-3a6b9b8d74f19209.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

ef1a8819b4ab6146bda56162b81290aa72e8978313e2522d63a3190d0e2efeba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 160
content-length: 5694
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Apr 2023 21:58:40 GMT
server: ufe
etag: "247534f74aa4ef727f11cab19379ce39"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: QXC6EtfSARKddpqdQ_OAq-vt9JBOWHmwdknk4nkSFarSiiHzG29ZSg==
x-uber-edge: e4-dca11:w:50331653

GET
H2 200 client-1525-f148eeb8af424bf7.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 41 KB
15 KB 707ms
647ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-1525-f148eeb8af424bf7.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

00e2828241c3c506f4a22f92a90796cf99690d02fa78b964b24caca5bc9485b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 196
content-length: 14730
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Apr 2023 18:31:47 GMT
server: ufe
etag: "c9dc5460ffde2af4fc9db17e431958b2"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: X8-rLNzgVEx_-iYZjs8Dreb9srBthcZRqTtdivLRMjpyEFOLjE54zw==
x-uber-edge: e4-dca8:w:150994949

GET
H2 200 client-2918-ed83aaba8a43e97c.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 10 KB
4 KB 685ms
624ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-2918-ed83aaba8a43e97c.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

3288067aa18834e2339b12a234589114309f540470b9156f6447648f7c7461d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 192
content-length: 3101
x-xss-protection: 1; mode=block
last-modified: Mon, 01 May 2023 17:31:05 GMT
server: ufe
etag: "6ff8bd4cc60490f56782fb95ed05e199"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: K63ON6_7R7TvlSN-wF0hfbXtlEnVSyLqmgko12MjGERU2KXLmE2_Xw==
x-uber-edge: e4-dca18:w:385875969

GET
H2 200 client-3489-37738c7bab2c3636.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 29 KB
10 KB 678ms
618ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-3489-37738c7bab2c3636.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

a28caeea916c538877daa291b72417c05abcd2fded6c53070baef6fda13df037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 185
content-length: 9734
x-xss-protection: 1; mode=block
last-modified: Mon, 01 May 2023 22:47:38 GMT
server: ufe
etag: "fe889fb49484bea1cb1aa280173ffa7f"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: 5RBDKthFRfYTg_X-esV6qJFa479M7ShasYMGQlHt0-auYb7nSLBMtw==
x-uber-edge: e4-dca22:w:352321541

GET
H2 200 client-3858-ee98a488207887a7.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 12 KB
5 KB 600ms
540ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-3858-ee98a488207887a7.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

9c47ed23eb240c6165277d38b89bb598a696238905fe696c3e6e823e77e2149d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 132
content-length: 4615
x-xss-protection: 1; mode=block
last-modified: Tue, 02 May 2023 08:21:40 GMT
server: ufe
etag: "ee9c205b29a2fa7aed8f141944e10b0a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: G_jNVa4K4xu-XDCuiYagOkItNiOdwuonuDMIq95uUyL-h02Hzf7ebQ==
x-uber-edge: e4-dca18:w:67108868

GET
H2 200 client-7492-3eb5c8e27277b247.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 20 KB
7 KB 635ms
575ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-7492-3eb5c8e27277b247.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

fa7c4c032de4c2e33695f3641222b3eea35a5f75194d2db4df04766283e1aab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 173
content-length: 6284
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jun 2023 22:11:25 GMT
server: ufe
etag: "95410c042eb57edb2a65b52a6a3a2b8c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: v01oOK1KoNJdqX1pRnBV6USmrRaT1SH405zl6jEg93abA4QSOfNfoA==
x-uber-edge: e4-dca22:w:352321539

GET
H2 200 client-runtime-8a7ff9ab35d42b95.js Show response
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 5 KB
3 KB 660ms
600ms Script
application/javascript 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-runtime-8a7ff9ab35d42b95.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

82851b0652775920e379cf5873142ee5529086de3ffa29ad222b7f8e9a5396e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-amz-meta-content-encoding: gzip
x-tb-source: terrablob
x-envoy-upstream-service-time: 181
content-length: 2734
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Apr 2023 18:31:47 GMT
server: ufe
etag: "f6d30edc961fe0631d0f7aaf3d7c27ef"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
rpc-service: terrablob-gateway-tier3
accept-ranges: bytes
timing-allow-origin: *, *
x-uber-app: terrablob-gateway-tier3
x-amz-cf-id: lgZAtYZm6vZctIqwqA2J-7c23JuIAsR0YtrmWk192PgvzT2uNLDXKg==
x-uber-edge: e4-dca22:w:352321537

GET
H2 200 816252b1ce5a5050.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 32 KB
32 KB 582ms
522ms Font
font/woff2 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/816252b1ce5a5050.woff2

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

4927e04442677656c87e761f24d15f970516a75a88096536426a5c9325ef5ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 7
content-length: 32596
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2023 10:36:55 GMT
server: ufe
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
timing-allow-origin: *, *
x-amz-cf-id: g-sPyxj32YcFcCpKTSeLeZcUmyY8uk8nqR0J6CbzQeUVb_91mSyyBg==
x-uber-edge: e4-dca24:w:251658242

GET
H2 200 df4998612acf89b1.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 26 KB
27 KB 501ms
441ms Font
font/woff2 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/df4998612acf89b1.woff2

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

3576315cd3d7d61ebb88904b9ecc12d4c71068753e90813efc628e8574255c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 9
content-length: 26584
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2023 10:36:55 GMT
server: ufe
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
timing-allow-origin: *, *
x-amz-cf-id: wEzffNMF32e8cqMid4ivDjjXFdpEH_UqyYdc-KSBtu4ynGNra8NJIQ==
x-uber-edge: e4-dca11:w:50331651

GET
H2 200 cf91dd9830a4bf06.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 27 KB
27 KB 574ms
515ms Font
font/woff2 143.204.205.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3i4yxtzktqr9n.cloudfront.net/arch-web/cf91dd9830a4bf06.woff2

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-139.fra53.r.cloudfront.net

Software

ufe /

Resource Hash

e47350f76dfe82a97ab9d7104741da2fe4a96d1a63cd0599e095af351feff0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 12
content-length: 27332
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2023 10:36:55 GMT
server: ufe
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Accept-Encoding
timing-allow-origin: *, *
x-amz-cf-id: iWo4tzgKCDb1yAmJLxCgBzJSHOu7Z4wMS15zBKv6hzD5YngCVEYiXw==
x-uber-edge: e4-dca8:w:150994944

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 170ms
122ms Stylesheet
text/css 2a00:1450:4001:81c::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-E6BQf49DXCVrZLUoa0oZgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.ubereatpromo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-E6BQf49DXCVrZLUoa0oZgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 11 Oct 2023 22:47:44 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 74ms
27ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LeIzyAeAAAAAM6AYjM0OUTxllAlQeeNZHsGnR9Y

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

517616603452655a7a2ba82b2124b9cfbfdfa53910fadde9063da0d5556f401d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.ubereatpromo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 11 Oct 2023 22:47:44 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 198 KB
78 KB 110ms
83ms Script
application/javascript 2a00:1450:4001:81c::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4365cbc4815b5c3bd5b82eae606d340a24b51ac3fbaa9fab7228357e9ed2db5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-26CW7HZylZc3vgkV4hJSWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.ubereatpromo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:47:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-26CW7HZylZc3vgkV4hJSWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 11 Oct 2023 22:47:44 GMT

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 167ms
27ms Script
application/javascript 104.102.23.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.23.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-23-137.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Wed, 11 Oct 2023 22:47:44 GMT
Last-Modified: Tue, 10 Oct 2023 23:52:42 GMT
Server: Apple
ETag: W/"43171-1696981962481"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17356

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 8A29 57 KB
33 KB 42ms
41ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeIzyAeAAAAAM6AYjM0OUTxllAlQeeNZHsGnR9Y&co=aHR0cHM6Ly9hdXRoLnViZXIuY29tOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=pf06jw3g33a3

Requested by

Host: www.ubereatpromo.ch
URL: https://www.ubereatpromo.ch/step/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7d554677c3ae720480774de5bd2287531b6966b043383fe2458f73471740f9c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wd3plOFAebWXvrJz1VVvdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wd3plOFAebWXvrJz1VVvdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 22:47:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 466 KB
187 KB 71ms
19ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LeIzyAeAAAAAM6AYjM0OUTxllAlQeeNZHsGnR9Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0ead04a33982fabbbbc2474aac61199102d153b12ee0d7689ffa0f258568677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ubereatpromo.ch/
Origin: https://www.ubereatpromo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190989
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 04:47:47 GMT

GET
H2 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ Frame 8A29 0
0 182ms
138ms Stylesheet
text/html 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeIzyAeAAAAAM6AYjM0OUTxllAlQeeNZHsGnR9Y&co=aHR0cHM6Ly9hdXRoLnViZXIuY29tOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=pf06jw3g33a3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 404 recaptcha__fr.js
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ Frame 8A29 0
0 80ms
37ms Script
text/html 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__fr.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeIzyAeAAAAAM6AYjM0OUTxllAlQeeNZHsGnR9Y&co=aHR0cHM6Ly9hdXRoLnViZXIuY29tOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=pf06jw3g33a3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame D4D2 7 KB
1 KB 29ms
29ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeIzyAeAAAAAM6AYjM0OUTxllAlQeeNZHsGnR9Y&co=aHR0cHM6Ly93d3cudWJlcmVhdHByb21vLmNoOjQ0Mw..&hl=de-CH&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=wwbot2h0al8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de_ch.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df3f5f7aa113a0ef7e15d475258a8ece7bbd279d5e866c977f07a1fa4efd2daa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tLJMchtmftqOHXjNvRVV9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ubereatpromo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tLJMchtmftqOHXjNvRVV9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 22:47:44 GMT
expires: Wed, 11 Oct 2023 22:47:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame D4D2 55 KB
24 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeIzyAeAAAAAM6AYjM0OUTxllAlQeeNZHsGnR9Y&co=aHR0cHM6Ly93d3cudWJlcmVhdHByb21vLmNoOjQ0Mw..&hl=de-CH&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=wwbot2h0al8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:20:03 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame D4D2 466 KB
187 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de_ch.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0ead04a33982fabbbbc2474aac61199102d153b12ee0d7689ffa0f258568677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190989
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 04:47:47 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D4D2 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 00:18:29 GMT
x-content-type-options: nosniff
age: 512956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 13 Oct 2023 00:18:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D4D2 15 KB
16 KB 65ms
18ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 416982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 02:58:03 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.ubereatpromo.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: djhvkekekvnspcl05nnoq7j9h3

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.ubereatpromo.ch/step/index.php(Line 400) Message: Error while parsing the 'sandbox' attribute: 'allow-storage-access-by-user-activation' is an invalid sandbox flag.
network	error	URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__fr.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-5040-3125d366b9b1a9b5.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-3489-37738c7bab2c3636.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-7492-3eb5c8e27277b247.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-1525-f148eeb8af424bf7.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-2918-ed83aaba8a43e97c.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-runtime-8a7ff9ab35d42b95.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-3858-ee98a488207887a7.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-fusion-118e393c0fa363cc.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-1329-3a6b9b8d74f19209.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-react-a32c6f00952bb2ba.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ubereatpromo.ch/step/index.php Message: The resource https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-b8c60514ec3db679.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
appleid.cdn-apple.com
d3i4yxtzktqr9n.cloudfront.net
fonts.gstatic.com
www.google.com
www.gstatic.com
www.ubereatpromo.ch
104.102.23.137
143.204.205.139
2.59.254.74
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2003
2a00:1450:4001:81c::200d
2a00:1450:4001:830::2004
00e2828241c3c506f4a22f92a90796cf99690d02fa78b964b24caca5bc9485b0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
3288067aa18834e2339b12a234589114309f540470b9156f6447648f7c7461d9
3576315cd3d7d61ebb88904b9ecc12d4c71068753e90813efc628e8574255c5c
378a7b10cea8174f0593d44d74944f969da00759d274365614288bd49d64fe08
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4927e04442677656c87e761f24d15f970516a75a88096536426a5c9325ef5ca6
517616603452655a7a2ba82b2124b9cfbfdfa53910fadde9063da0d5556f401d
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
82851b0652775920e379cf5873142ee5529086de3ffa29ad222b7f8e9a5396e3
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
912593771f2fcfeebdc49c2ffabeac47cd51dec6dab7521263b9ec9eba3612d0
9c47ed23eb240c6165277d38b89bb598a696238905fe696c3e6e823e77e2149d
a28caeea916c538877daa291b72417c05abcd2fded6c53070baef6fda13df037
ab99ead6790e2fbaa0903c360ac19e4bc8aa57b717de66ac4e5ab862ee6a29c1
acb60bda4ca713e7c43af2e0de0aaa4603729287c8a0d8609393df492f517306
b4365cbc4815b5c3bd5b82eae606d340a24b51ac3fbaa9fab7228357e9ed2db5
c66f99577df6778cbf3943ba4803a5e7f42d6e13d8eeea0381e022a99ad37c7a
c7d554677c3ae720480774de5bd2287531b6966b043383fe2458f73471740f9c
df3f5f7aa113a0ef7e15d475258a8ece7bbd279d5e866c977f07a1fa4efd2daa
e47350f76dfe82a97ab9d7104741da2fe4a96d1a63cd0599e095af351feff0a8
ef1a8819b4ab6146bda56162b81290aa72e8978313e2522d63a3190d0e2efeba
f0ead04a33982fabbbbc2474aac61199102d153b12ee0d7689ffa0f258568677
fa7c4c032de4c2e33695f3641222b3eea35a5f75194d2db4df04766283e1aab9

www.ubereatpromo.ch Open in urlscan Pro 2.59.254.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

57 %IPv6

5 Domains

7 Subdomains

8 IPs

3 Countries

911 kBTransfer

2362 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ubereatpromo.ch Open in urlscan Pro
2.59.254.74 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

57 %
IPv6

5
Domains

7
Subdomains

8
IPs

3
Countries

911 kB
Transfer

2362 kB
Size

1
Cookies

28 HTTP transactions
1 data transactions