uber-3r9.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2c97 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uber-3r9.pages.dev/
Submission: On September 23 via api (September 23rd 2024, 12:50:52 pm UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 15 domains to perform 46 HTTP transactions. The main IP is 2606:4700:310c::ac42:2c97, located in United States and belongs to CLOUDFLARENET, US. The main domain is uber-3r9.pages.dev.
TLS certificate: Issued by WE1 on September 21st 2024. Valid for: 3 months.

This is the only time uber-3r9.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:310... 2606:4700:310c::ac42:2c97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
5	35.231.206.225 35.231.206.225	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 7	54.82.244.56 54.82.244.56	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:ca00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.117.111.166 34.117.111.166	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::35	15169 (GOOGLE) (GOOGLE)
1	172.67.74.152 172.67.74.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.117.59.81 34.117.59.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
46	16

16 2606:4700:310c::ac42:2c97 (United States)

ASN13335 (CLOUDFLARENET, US)

uber-3r9.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.231.206.225 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 225.206.231.35.bc.googleusercontent.com

api.injuryclaimnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.82.244.56 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-244-56.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:ca00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.111.166 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 166.111.117.34.bc.googleusercontent.com

www.tf9jthtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::35 (United States)

ASN15169 (GOOGLE, US)

server-side-tagging-uhov24diia-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	pages.dev uber-3r9.pages.dev	486 KB
9	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 24719 cdn.trustedform.com — Cisco Umbrella Rank: 28386	45 KB
5	injuryclaimnetworks.com api.injuryclaimnetworks.com	14 KB
4	gstatic.com fonts.gstatic.com	51 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	70 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	180 KB
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 7672	479 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2073	173 B
1	run.app server-side-tagging-uhov24diia-uc.a.run.app	589 B
1	tf9jthtrk.com www.tf9jthtrk.com	9 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 794	82 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	1 KB
0	Failed function sub() { [native code] }. Failed
46	15

	Domain	Requested by
16	uber-3r9.pages.dev	uber-3r9.pages.dev
7	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
5	api.injuryclaimnetworks.com	uber-3r9.pages.dev cdnjs.cloudflare.com api.injuryclaimnetworks.com
4	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	uber-3r9.pages.dev
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	cdn.trustedform.com	uber-3r9.pages.dev api.trustedform.com
2	www.googletagmanager.com	uber-3r9.pages.dev
1	ipinfo.io	uber-3r9.pages.dev
1	api.ipify.org	uber-3r9.pages.dev
1	server-side-tagging-uhov24diia-uc.a.run.app	www.googletagmanager.com
1	www.tf9jthtrk.com	cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	uber-3r9.pages.dev
1	code.jquery.com	uber-3r9.pages.dev
1	fonts.googleapis.com	uber-3r9.pages.dev
0	truncated Failed
46	16

This site contains no links.

Subject Issuer	Validity	Valid
uber-3r9.pages.dev WE1	`2024-09-21` - `2024-12-20`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
api.injuryclaimnetworks.com R10	`2024-08-09` - `2024-11-07`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
tf9jthtrk.com Starfield Secure Certificate Authority - G2	`2024-02-06` - `2025-03-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-02` - `2024-09-30`	3 months	crt.sh
*.a.run.app WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
ipify.org WE1	`2024-09-15` - `2024-12-14`	3 months	crt.sh
ipinfo.io R11	`2024-08-17` - `2024-11-15`	3 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2024-07-10` - `2025-08-06`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://uber-3r9.pages.dev/
Frame ID: 543B1DFD53E8A8B5B15535B51B953579
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rideshare App Sexual Assault Legal Claim

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

98 %
HTTPS

67 %
IPv6

15
Domains

16
Subdomains

16
IPs

2
Countries

944 kB
Transfer

2047 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17270958451560.7183908816661901 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17270958451560.7183908816661901

46 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
uber-3r9.pages.dev/ 12 KB
5 KB 886ms
331ms Document
text/html 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uber-3r9.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9bfe657370f1b678b1ab5ea00c6bcf7d1e6d41ecde25981ac4b1bd838b4df2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c7aa97d4ada68eb-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 23 Sep 2024 12:50:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDJzXOuPY6GhuvBxWlgpDIZ3u0lYlnMZf2%2BtYyf%2BcD76t1FfRJ2yxA8Uec%2Fw9FIBWM1q4g3FanINbcbGD01QT2eaHhDVLbKcofM5rNTP1Fg4OezXkMwjcwZmaHc%2FSsB3K%2F6IZPN%2FozxbAE5UjY9aCZY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 speculation
uber-3r9.pages.dev/cdn-cgi/ 128 B
572 B 118ms
112ms Other
application/speculationrules+json 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uber-3r9.pages.dev/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://uber-3r9.pages.dev
Referer: https://uber-3r9.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRs3N9rfpcYqIlllUuqBkCXa0QQTVbrGUk0cCsvn39DNEU90CF6Dsegg1fTTTzYaffJmHe4pv8YDPk1510mRVwdb0%2F2VZNnx5lI7SwlVvYDFuu07gUwfQyOGax2lG9jRIEXAFstUZWrfMeZf5yajV3E%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7aa9809e2f68eb-FRA
access-control-allow-origin: https://uber-3r9.pages.dev
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Mon, 23 Sep 2024 12:50:43 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 575ms
342ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@200..700&family=Poppins:wght@300;400;600;700&display=swap

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1039f1d66666c94ee966d9dcc4936321e9a6ce4eb4fa2c213084077b2661269e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 23 Sep 2024 12:50:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 12:50:44 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 23 Sep 2024 12:50:44 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 style.css
uber-3r9.pages.dev/ 4 KB
2 KB 116ms
111ms Stylesheet
text/css 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uber-3r9.pages.dev/style.css

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a920630a9316c54db4a0e740c5f9e993b61a5921a550cdaf0794c2e71495e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"69f14c0a7ef524f043360fe01e2be69e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EZj6o7QiSIOLJeGQfeb0%2BSAqUCQ4UEBRCSOUsLpQFvSI%2Bpy0eXdXfd57%2BPXtMRx4u4LbzzvwoNIJMGAUmGbStMiMGGO38FfzbKGC1MuhmI8qLCwsd%2B0GwI8LGa1V8CS1Ra%2FHR84f9Mhppr3B00IBJg0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7aa9809e3268eb-FRA
access-control-allow-origin: *
date: Mon, 23 Sep 2024 12:50:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 validation.css
uber-3r9.pages.dev/ 1 KB
917 B 152ms
147ms Stylesheet
text/css 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uber-3r9.pages.dev/validation.css

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eaf3f86bc1740707e08f7fb5b450cfec200b648ccb0936222726b46138df60f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"bcef0c9ee89d2bebbcee84e4dbc75db0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wyb4T69KpCq2EJat3Sb0eycAhlJaL5r1AhLrJlgnmy%2FH4SVksC8I73AfmwyOQRu2Wp2AoXdI4c7i9Cma8zkIV4fR%2FlGwgG3X5AhTM%2BB4zRXnd0TSpnFy%2FlZSnIXBF4Ciqb3f2PyekUvlxVGQEaX3e%2B4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7aa9809e3468eb-FRA
access-control-allow-origin: *
date: Mon, 23 Sep 2024 12:50:44 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK ref Show response
api.injuryclaimnetworks.com/api/ 414 B
490 B 1082ms
420ms Script
text/html 35.231.206.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.injuryclaimnetworks.com/api/ref
Requested by: Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.231.206.225 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 225.206.231.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b8324346b172ebe889875f0bd155563b19076288c3cc154d57731a57368d4ce2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache, private
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Origin: *
Date: Mon, 23 Sep 2024 12:50:44 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
102 KB 123ms
67ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PPM4BB4R8G

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d1f1138dda3d0405c0d02a94d6c3029dc8cdcbfa714d253ccf9d332f3aad5cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Mon, 23 Sep 2024 12:50:45 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104827
date: Mon, 23 Sep 2024 12:50:45 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 attention.png
uber-3r9.pages.dev/images/ 4 KB
4 KB 151ms
146ms Image
image/png 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uber-3r9.pages.dev/images/attention.png

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7b4a21629ad1e49712bb53afdb8b23bcf5454aff808ec70099c88a605d79605

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "d3d440bde3e8197b3434ee3454d08363"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mrNELpUHIYGq8axw2c5NMye%2B5rq3H9nIXlGOPO9n5rG6Cff0ZZ3VAHz1frH12E78q3GNup2NJl8dMHPt1VWAjgHuA4kjhd4hXGOyeIlvTORN7slM2iGBxvfSHhEQ%2BoszZJrLv3aMlBxYrU2EuEf27Vs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7aa9809e3768eb-FRA
access-control-allow-origin: *
content-length: 3952
date: Mon, 23 Sep 2024 12:50:44 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 uber-box-graphic.png
uber-3r9.pages.dev/images/ 229 KB
229 KB 121ms
117ms Image
image/png 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uber-3r9.pages.dev/images/uber-box-graphic.png

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

522679faa8d3c2f0e0ddfea0030a3c49963f60517e8e2c23148d30cd67530694

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "92de9fae42a41ec0d816ad2988b764b5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6oBuyXO1FzGr01hlEOKH70v1xCC6tQY7r2rsoRaGp4gUHwcwAOOfpVhy8QijLCrRTSdqPOga3afnWWDG%2BsU1B5dV%2B4QT9oLNkJ67dIX7TPDw86DIN%2BYWJEEru1vmhm4Bz5Owdnm1EE34ipPqU5%2FhbVg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7aa9809e3b68eb-FRA
access-control-allow-origin: *
content-length: 234083
date: Mon, 23 Sep 2024 12:50:43 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 form-cap.png
uber-3r9.pages.dev/images/ 2 KB
2 KB 343ms
342ms Image
image/png 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uber-3r9.pages.dev/images/form-cap.png

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

684fd884977abeb543bd12f6acb19b7e78212db68ac7607663bb57a0244fdb73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "eaaa30eac5ea13ffe38e1c798bf02974"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8mF8S%2Bxjwn4SDEG4BHm27BgaBPeoLjONc6qbEi05ROfYZ0I7JeG7dKANiyLfaqb1uAFRYZvWV53FGOgPWGFUYkdqqKR5pK71CtQ3GmrZbFdSRFo%2B10Ngx7bfYlLXdzNx%2BMjSGQPaqvUadSXGZ9ddCQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7aa981dfa868eb-FRA
access-control-allow-origin: *
content-length: 1823
date: Mon, 23 Sep 2024 12:50:44 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 trust-badges.webp
uber-3r9.pages.dev/images/ 2 KB
3 KB 114ms
114ms Image
image/webp 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uber-3r9.pages.dev/images/trust-badges.webp

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38e69017d7048fa35477387a26d152b09df1ae7f6c8c1763183c37f62cf79c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "e566c0f2ff24b7673106c8b60b71ff07"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsYw3R8dM9D25MjfWl0ahc8YsVIGHQDorWaHiBJ7L1qcnefGn%2BgX6YZh3zd%2F%2Fox94QkKSobvjH7NbnKTHGTWuI2yqo7xQI937jfLH1FkiJW%2BQZo6b%2F0GV6JPGIzglTxUu3Mm0d5IHVsknqlezLi3hkg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7aa983f9ee68eb-FRA
access-control-allow-origin: *
content-length: 2462
date: Mon, 23 Sep 2024 12:50:44 GMT
content-type: image/webp
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-3.7.1.js Show response
code.jquery.com/ 279 KB
82 KB 378ms
22ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.js
Requested by: Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://uber-3r9.pages.dev
Referer: https://uber-3r9.pages.dev/

Response headers

content-encoding: gzip
etag: W/"28feccc0-45a82"
age: 2262635
x-cache: HIT, HIT
date: Mon, 23 Sep 2024 12:50:44 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 5007, 24640
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21929-LGA, cache-fra-etou8220137-FRA
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1727095845.886600,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83619
server: nginx

GET
H3 200 loadjs.min.js Show response
cdnjs.cloudflare.com/ajax/libs/loadjs/4.2.0/ 2 KB
1 KB 201ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/loadjs/4.2.0/loadjs.min.js

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e706a6f7bc551ddf626c15cd76c1c251c0009871b6977cab0b3bf25391cbd9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://uber-3r9.pages.dev
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ed2-68a"
age: 393341
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBvvyGCFgVXeWWni3eInBTenbYLLygBJGhP5VwdE1WwVNVQuX11g7RuyIlEKkWTXwangVrtBJjxiY%2BnFFnGr6wTtIDCYPzL3%2Fm%2FPvCi%2F5srTcmxwhXlaytyA4bQKOE8qY%2BWCJhrFnLxgOP7ewVoy%2FrBu"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 13 Sep 2025 12:50:44 GMT
date: Mon, 23 Sep 2024 12:50:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:12:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c7aa985bbfc9951-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 801
server: cloudflare

GET
H/1.1 200
OK zaplanding.js Show response
api.injuryclaimnetworks.com/js/ 9 KB
9 KB 341ms
122ms Script
application/javascript 35.231.206.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.injuryclaimnetworks.com/js/zaplanding.js
Requested by: Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.231.206.225 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 225.206.231.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7a639cc6be98ce689c6cca1afc16069deadc5669efe0da2f4dde092fd7e7f8a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

Cache-Control: max-age=31536000
ETag: "66cf1bc0-244f"
Connection: keep-alive
Expires: Tue, 23 Sep 2025 12:50:45 GMT
Accept-Ranges: bytes
Content-Length: 9295
Date: Mon, 23 Sep 2024 12:50:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 28 Aug 2024 12:44:48 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK lander_submit.js Show response
api.injuryclaimnetworks.com/js/ 2 KB
3 KB 225ms
131ms Script
application/javascript 35.231.206.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.injuryclaimnetworks.com/js/lander_submit.js
Requested by: Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.231.206.225 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 225.206.231.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4bebc6af355b9cc962aa848f0c34793c3a22aaab5fd2add02044d640300f7fcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

Cache-Control: max-age=31536000
ETag: "66c7cdbe-8c3"
Connection: keep-alive
Expires: Tue, 23 Sep 2025 12:50:45 GMT
Accept-Ranges: bytes
Content-Length: 2243
Date: Mon, 23 Sep 2024 12:50:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Aug 2024 23:46:06 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H3 200 validation.js Show response
uber-3r9.pages.dev/ 6 KB
2 KB 128ms
128ms Script
application/javascript 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uber-3r9.pages.dev/validation.js

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e0c0017d34d3434111b02367a9706526954732d057d31a2810a690bcbf8b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"d2fbb4a8cd8bddaecac90f3dcca61b9b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2BM8wTls7AlKMijhmIPprQgoKns4uctuu4wKhR5UXRXtnF98Jva80sfrnoalzN8CMl0BdPIo9YGv3%2BoruP9XNj6%2F5%2F1GxZO4o0PZ0wmRzO1V0f6UH9%2FvllkQWmN7B5d1ME%2FL9oHcsZBLL4oLKQ0akUw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7aa9876d5f68eb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 23 Sep 2024 12:50:45 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
77 KB 96ms
40ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MK5MT6LP

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71d94d6f01442daef3ebe7d9395e17f6505c84350a4722bb3641a0c863764754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

content-encoding: br
expires: Mon, 23 Sep 2024 12:50:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 12:50:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 78833
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 uber-bg.jpg
uber-3r9.pages.dev/images/ 160 KB
161 KB 71ms
71ms Image
image/jpeg 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uber-3r9.pages.dev/images/uber-bg.jpg

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a770ad3c1e13c239f8afd9f61ec1da462354dadfab99916a040e90adae05677

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/style.css

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "21f41f6c027787ac57c7b2acf8c623f1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZMjATxmRTBGwrbDC1wHOnz0IAwWzSQ2k1FA92a%2FpMFE8dVAAuLi74Hr587tFpyIzg2MlisBtdJ%2BilMZqB2qOOkm81YHNTIMl6vFUEDwB9027XeeRVPnUi3DyQXJ8VAO2A6eiNBdfrQ42mfq0WMRlaQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7aa9876d6f68eb-FRA
access-control-allow-origin: *
content-length: 164273
date: Mon, 23 Sep 2024 12:50:45 GMT
content-type: image/jpeg
vary: Accept-Encoding
server: cloudflare

GET
H3 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 78ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200..700&family=Poppins:wght@300;400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://uber-3r9.pages.dev
Referer: https://fonts.googleapis.com/

Response headers

age: 194084
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Sep 2025 06:56:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 06:56:01 GMT
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7840
x-xss-protection: 0
server: sffe

GET
H3 200 footer-bg.png
uber-3r9.pages.dev/images/ 67 KB
67 KB 90ms
90ms Image
image/png 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uber-3r9.pages.dev/images/footer-bg.png

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d787704fcdff40457cd58c1069eb614be1c697720c333cb060d9a83247c1d88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/style.css

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "279c3cdde9feda4e8f3deccebdfb83e1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpj46Lk1Mf2i3u1OW9Ru4A61lZAy6xoFAKW875Ic79yuATSi5nXpjWiGW7MmDtb6y%2FhXIbsjEEeTS3F3HRNSXbDjBuB33k9YZyixVW2IoT1YU9jXUreFNFCwf49%2Fl%2BJLnpO7qkZax%2BCxB9NKb2VK%2FWk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7aa9877d7468eb-FRA
access-control-allow-origin: *
content-length: 68556
date: Mon, 23 Sep 2024 12:50:45 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 61ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200..700&family=Poppins:wght@300;400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://uber-3r9.pages.dev
Referer: https://fonts.googleapis.com/

Response headers

age: 16871
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 08:09:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 08:09:34 GMT
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28512
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 71ms
34ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200..700&family=Poppins:wght@300;400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://uber-3r9.pages.dev
Referer: https://fonts.googleapis.com/

Response headers

age: 171733
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Sep 2025 13:08:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 13:08:32 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 79ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200..700&family=Poppins:wght@300;400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://uber-3r9.pages.dev
Referer: https://fonts.googleapis.com/

Response headers

age: 184055
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Sep 2025 09:43:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 09:43:10 GMT
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK uuid2.js Show response
api.injuryclaimnetworks.com/js/ 1 KB
2 KB 129ms
128ms Script
application/javascript 35.231.206.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.injuryclaimnetworks.com/js/uuid2.js
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/loadjs/4.2.0/loadjs.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.231.206.225 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 225.206.231.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c83517c9af089cba90b664aa9aec659110cfed01c6a80a8d8b3052d7a6f5cc73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

Cache-Control: max-age=31536000
ETag: "66b3bfdb-5fc"
Connection: keep-alive
Expires: Tue, 23 Sep 2025 12:50:45 GMT
Accept-Ranges: bytes
Content-Length: 1532
Date: Mon, 23 Sep 2024 12:50:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Aug 2024 18:41:31 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17270958451560.7183908816661901
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17270958451560.7183908816661901

16 KB
6 KB

398ms
229ms

Script
application/javascript

2600:9000:223d:ca00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17270958451560.7183908816661901
Requested by: Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/
Protocol: H2
Server: 2600:9000:223d:ca00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9ca15effbf0330e54b4689789666fc8014699b02e21bfdde88b81b9dce9dd41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

x-amz-cf-pop: FRA56-P3
content-encoding: gzip
x-amz-version-id: C7Tt1Am5_6kEU3dExSv8eAjxyURGxGPl
etag: W/"d4786bf7af009705131c8bd5db331fd5"
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: vCXMO2-fE0n3S2cUfNWyUv3vDpglYu2ORb_Q8hhMR-xa_bpZTw3ITw==
date: Mon, 23 Sep 2024 12:50:46 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 10 Sep 2024 13:31:32 GMT

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17270958451560.7183908816661901
content-length: 134
date: Mon, 23 Sep 2024 12:50:45 GMT
content-type: text/html
server: awselb/2.0

GET
H2 200 everflow.js Show response
www.tf9jthtrk.com/scripts/sdk/ 31 KB
9 KB 415ms
129ms Script
text/javascript 34.117.111.166
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tf9jthtrk.com/scripts/sdk/everflow.js
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/loadjs/4.2.0/loadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.111.166 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 166.111.117.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 685e6dc1be883dbf7928d417ed584483cdb6249b5c256d0b0e04bbc6dee6c42c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cache-control: max-age=14400
content-encoding: gzip
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
via: 1.1 google
x-eflow-request-id: ba3992a8-3655-45be-827e-e134f823090b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 12:50:45 GMT
content-type: text/javascript
vary: Origin
server: nginx

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 230ms
23ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK5MT6LP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Mon, 23 Sep 2024 12:50:45 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4629, tp=12, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: YCsiBu2bt0Mfu0Tx34g2Lp9IJe2KaNfuoRwelMbIvAJ2MGimzhtkkgQsYzZh90xmrHjrK3rY2C3CSg1bpwTxxA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 58953
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 collect Show response
server-side-tagging-uhov24diia-uc.a.run.app/g/ 65 B
589 B 1544ms
1368ms XHR
text/plain 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://server-side-tagging-uhov24diia-uc.a.run.app/g/collect?v=2&tid=G-PPM4BB4R8G&gtm=45je49j0v9193079149z89193076496za200&_p=1727095845008&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1474443715.1727095845&ecid=255368574&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-BW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.etld=google.de&sst.gcsub=region1&sst.tft=1727095845008&sst.ude=0&_s=1&sid=1727095845&sct=1&seg=0&dl=https%3A%2F%2Fuber-3r9.pages.dev%2F&dt=Rideshare%20App%20Sexual%20Assault%20Legal%20Claim&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2448&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPM4BB4R8G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Mon, 23 Sep 2024 12:50:46 GMT
access-control-allow-origin: https://uber-3r9.pages.dev
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 12:50:46 GMT
content-type: text/plain
server: Google Frontend

GET
H2 200 / Show response
api.ipify.org/ 38 B
173 B 297ms
120ms Script
application/javascript 172.67.74.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=ipifyCallback
Requested by: Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932a6fef19ad9bb8213b8220f43a9aa301aced6f34963898451b96f5bb036b02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cf-ray: 8c7aa98a185d9064-FRA
content-length: 38
cf-cache-status: DYNAMIC
date: Mon, 23 Sep 2024 12:50:45 GMT
content-type: application/javascript
vary: Origin
server: cloudflare

GET
H/1.1 200
OK landing Show response
api.injuryclaimnetworks.com/api/show/ 25 B
273 B 825ms
578ms Fetch
application/json 35.231.206.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.injuryclaimnetworks.com/api/show/landing?page_id=https://uber-3r9.pages.dev/&adv_id=63
Requested by: Host: api.injuryclaimnetworks.com
URL: https://api.injuryclaimnetworks.com/js/zaplanding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.231.206.225 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 225.206.231.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0bb0b386f1f98cfa6d3e4218d1d04eea34ea34292b979488e7d9c38e9b3701f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache, private
Access-Control-Allow-Origin: *
Date: Mon, 23 Sep 2024 12:50:46 GMT
Content-Type: application/json
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive

GET
H3 200 1527454298076184 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 603ms
602ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1527454298076184?v=2.9.167&r=stable&domain=uber-3r9.pages.dev&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce18657c4e2cfdbbeeefa3eb43a045a618f571038472f3a20050ddb244217728

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Mon, 23 Sep 2024 12:50:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=68, mss=1232, tbw=67299, tp=66, tpl=0, uplat=577, ullat=0
pragma: public
x-fb-debug: ifE/rWZ5CNrLAfOY0qy6c5/AXRm9lPhMpR62p7aa9pd/6iX9xlhGmcj/DpsS9zlcr+9P5CjcstWY3rNJm8VAUA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 json Show response
ipinfo.io/84.19.175.165/ 289 B
479 B 196ms
140ms XHR
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/84.19.175.165/json

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

4c0440ed23a262e60413ff00668dc260f240366ac5342949564bd66b2c60f1b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 195
date: Mon, 23 Sep 2024 12:50:45 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 90ms
29ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1527454298076184&ev=PageView&dl=https%3A%2F%2Fuber-3r9.pages.dev%2F&rl=&if=false&ts=1727095846127&sw=1600&sh=1200&v=2.9.167&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.2.1727095846126.397091980987129566&ler=empty&cdl=API_unavailable&it=1727095845503&coo=false&eid=1727095845237.818430.1&tm=1&rqm=GET

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 23 Sep 2024 12:50:46 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 423ms
363ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1527454298076184&ev=PageView&dl=https%3A%2F%2Fuber-3r9.pages.dev%2F&rl=&if=false&ts=1727095846127&sw=1600&sh=1200&v=2.9.167&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.2.1727095846126.397091980987129566&ler=empty&cdl=API_unavailable&it=1727095845503&coo=false&eid=1727095845237.818430.1&tm=1&rqm=FGET

Requested by

Host: uber-3r9.pages.dev
URL: https://uber-3r9.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7417820177608341787"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 23 Sep 2024 12:50:46 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: UnqnvpDlxaakx/a6iSMLFSmD0KSWVuxPcwN8ITSlAsSTLxOnPwL8YMZUFYC/I+2aaQyUGAuNog8Q2B2Sa79JEw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7417820177608341787", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1328, tbw=3118, tp=-1, tpl=-1, uplat=342, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 201 certs Show response
api.trustedform.com/ 474 B
685 B 337ms
114ms XHR
application/json 54.82.244.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17270958451560.7183908816661901
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.82.244.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-244-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 8adb3e7335910eba6178ad4c7ca2dc5def9b49f7d0e2e9e5c185785b791bb45d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://uber-3r9.pages.dev/

Response headers

access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 474
date: Mon, 23 Sep 2024 12:50:46 GMT
content-type: application/json; charset=utf-8
server: Cowboy

GET
H3 200 justice.png
uber-3r9.pages.dev/images/ 7 KB
8 KB 75ms
74ms Other
image/png 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uber-3r9.pages.dev/images/justice.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803bb81206d75650edd52e82792ee93e8f10dddc59b5ae463dd22b5d220e0601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "0065487ea1b9325acea0049363c86c42"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CEhy6YsMLCWadwUvsWEA9MgZVUYrSyB%2BqAo4%2B9K1euQ7KEFRq%2FdIiNNuvtLMm2faWzIKlLcaYGBpt0gvMivli%2BIQleY%2B1uE8FYTtCURD%2FRj0zXnzVsLDu6haZxoIVZi%2Bg%2BjwTazajn9r8dCoPmeHqU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7aa9912f2268eb-FRA
access-control-allow-origin: *
content-length: 7238
date: Mon, 23 Sep 2024 12:50:46 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 trustedform-1.9.24.js Show response
cdn.trustedform.com/ 98 KB
37 KB 28ms
28ms Script
application/javascript 2600:9000:223d:ca00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.24.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17270958451560.7183908816661901
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ca00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab5a0afa079dde495f733462f614c3fd0107d3010a81f1ec2e1d036cee18f9a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

x-amz-cf-pop: FRA56-P3
content-encoding: gzip
x-amz-version-id: YJu0W1DY5HxTiBrUMWwna2_LWlffXZH_
etag: W/"ac26707e594409a1ee31526d50663c0d"
age: 17
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: DnOoYLv1ssEGTsiO74C7rHJtexPwW4XOb4wMYzeQATQpYHlAZQJSaA==
date: Mon, 23 Sep 2024 12:50:33 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 10 Sep 2024 13:31:32 GMT

POST
H2 204 snapshot Show response
api.trustedform.com/certs/c57358de24e8192612e5ea3810a6387b2ec39d0f/ 0
159 B 123ms
114ms XHR
text/plain 54.82.244.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/c57358de24e8192612e5ea3810a6387b2ec39d0f/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.82.244.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-244-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://uber-3r9.pages.dev/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Mon, 23 Sep 2024 12:50:47 GMT
server: Cowboy
access-control-allow-credentials: true

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/c57358de24e8192612e5ea3810a6387b2ec39d0f/ 0
159 B 114ms
112ms XHR
text/plain 54.82.244.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/c57358de24e8192612e5ea3810a6387b2ec39d0f/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.82.244.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-244-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://uber-3r9.pages.dev/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Mon, 23 Sep 2024 12:50:47 GMT
server: Cowboy
access-control-allow-credentials: true

GET
H3 200 attention.png
uber-3r9.pages.dev/images/ 4 KB
407 B 45ms
44ms Image
image/png 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uber-3r9.pages.dev/images/attention.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7b4a21629ad1e49712bb53afdb8b23bcf5454aff808ec70099c88a605d79605

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
etag: "d3d440bde3e8197b3434ee3454d08363"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMb4%2BKjY8BT1VKem3iZrlZoTObQZhO43JF%2FkM40zs7kXPf3aBfgtVnCkNBd21NjBUTijk7ZohgLA6XTW6X8ow5qzWPFmXI%2FPiqpyDV0E%2BDhEmIt59I4wKEIqovSxyBkOFZMlR%2FAR8a9twTt54T%2FwqcM%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-ray: 8c7aa99479cf68eb-FRA
access-control-allow-origin: *
content-length: 3952
date: Mon, 23 Sep 2024 12:50:47 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 uber-box-graphic.png
uber-3r9.pages.dev/images/ 229 KB
401 B 58ms
57ms Image
image/png 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uber-3r9.pages.dev/images/uber-box-graphic.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

522679faa8d3c2f0e0ddfea0030a3c49963f60517e8e2c23148d30cd67530694

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
etag: "92de9fae42a41ec0d816ad2988b764b5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27XyC2eToyBS8tpNul9torWVHfL6KR1Xp2arkNz2L8f40OFBoXdgfbfHyAbfCS2cre%2FiJ7QZ0kuHGfEgB9AzLbwxWCbSPaISpxR50%2BpyZs1IkNMkSwnNayzxJCelxldAtNE1ehbk%2BuZXcC5yrSyM9lU%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-ray: 8c7aa99479d468eb-FRA
access-control-allow-origin: *
content-length: 234083
date: Mon, 23 Sep 2024 12:50:47 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 form-cap.png
uber-3r9.pages.dev/images/ 2 KB
400 B 35ms
34ms Image
image/png 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uber-3r9.pages.dev/images/form-cap.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

684fd884977abeb543bd12f6acb19b7e78212db68ac7607663bb57a0244fdb73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
etag: "eaaa30eac5ea13ffe38e1c798bf02974"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTIROK0vmtgTG%2BS9Ev4%2FlNyT1HHiXzGNaKepCliK1Jgv2laJYt73POler8NX4ssRzclvnFqpDcYu18tORNOLxiKlydBv%2Fn1rzja5cKQvHxjjZCOMc46NIFF5egco7cxgyAbcBfUh5QSM0rUmgHvBE24%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-ray: 8c7aa99479d968eb-FRA
access-control-allow-origin: *
content-length: 1823
date: Mon, 23 Sep 2024 12:50:47 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 trust-badges.webp
uber-3r9.pages.dev/images/ 2 KB
405 B 46ms
45ms Image
image/webp 2606:4700:310c::ac42:2c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uber-3r9.pages.dev/images/trust-badges.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38e69017d7048fa35477387a26d152b09df1ae7f6c8c1763183c37f62cf79c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://uber-3r9.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
etag: "e566c0f2ff24b7673106c8b60b71ff07"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4X9oqKS44BejxmcPCKzm7KHK9do1cnXBTM7ZyZFo8ciU1v3gp5eSUGHPprFZgvFJPfmc%2FO3ukgVKitHouSyDu33xP%2BcYJlNuNY%2FThHaQOrMLvGMLkQ6kaOzIm967xGTUkvKp8HkaVWS8uNe%2F%2BWyKbDc%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-ray: 8c7aa99479dd68eb-FRA
access-control-allow-origin: *
content-length: 2462
date: Mon, 23 Sep 2024 12:50:47 GMT
content-type: image/webp
vary: Accept-Encoding
server: cloudflare

GET truncated
/ 0
0

POST
H2 204 events
api.trustedform.com/certs/c57358de24e8192612e5ea3810a6387b2ec39d0f/ 0
159 B 134ms
116ms Ping
text/plain 54.82.244.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/c57358de24e8192612e5ea3810a6387b2ec39d0f/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.82.244.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-244-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://uber-3r9.pages.dev/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Mon, 23 Sep 2024 12:50:47 GMT
server: Cowboy
access-control-allow-credentials: true

POST
H2 204 events Show response
api.trustedform.com/certs/c57358de24e8192612e5ea3810a6387b2ec39d0f/ 0
159 B 117ms
116ms XHR
text/plain 54.82.244.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/c57358de24e8192612e5ea3810a6387b2ec39d0f/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.82.244.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-244-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://uber-3r9.pages.dev/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Mon, 23 Sep 2024 12:50:47 GMT
server: Cowboy
access-control-allow-credentials: true

POST
H2 204 events
api.trustedform.com/certs/c57358de24e8192612e5ea3810a6387b2ec39d0f/ 0
159 B 116ms
114ms Ping
text/plain 54.82.244.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/c57358de24e8192612e5ea3810a6387b2ec39d0f/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.82.244.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-244-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://uber-3r9.pages.dev/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Mon, 23 Sep 2024 12:50:52 GMT
server: Cowboy
access-control-allow-credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uber-3r9.pages.dev/	1970-01-21 09:20:55	Name: _ga_PPM4BB4R8G Value: GS1.1.1727095845.1.0.1727095845.0.0.255368574
.uber-3r9.pages.dev/	1970-01-21 09:20:55	Name: _ga Value: GA1.1.1474443715.1727095845
.uber-3r9.pages.dev/	1970-01-21 01:54:31	Name: _fbp Value: fb.2.1727095846126.397091980987129566

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.injuryclaimnetworks.com
api.ipify.org
api.trustedform.com
cdn.trustedform.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
ipinfo.io
server-side-tagging-uhov24diia-uc.a.run.app
truncated
uber-3r9.pages.dev
www.facebook.com
www.googletagmanager.com
www.tf9jthtrk.com
truncated
172.67.74.152
2001:4860:4802:32::35
2600:9000:223d:ca00:1c:7f1a:6680:93a1
2606:4700:310c::ac42:2c97
2606:4700::6811:180e
2a00:1450:4001:806::200a
2a00:1450:4001:810::2008
2a00:1450:4001:82b::2003
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::649
34.117.111.166
34.117.59.81
35.231.206.225
54.82.244.56
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
0bb0b386f1f98cfa6d3e4218d1d04eea34ea34292b979488e7d9c38e9b3701f7
0eaf3f86bc1740707e08f7fb5b450cfec200b648ccb0936222726b46138df60f
1039f1d66666c94ee966d9dcc4936321e9a6ce4eb4fa2c213084077b2661269e
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
38e69017d7048fa35477387a26d152b09df1ae7f6c8c1763183c37f62cf79c5c
4bebc6af355b9cc962aa848f0c34793c3a22aaab5fd2add02044d640300f7fcb
4c0440ed23a262e60413ff00668dc260f240366ac5342949564bd66b2c60f1b1
522679faa8d3c2f0e0ddfea0030a3c49963f60517e8e2c23148d30cd67530694
684fd884977abeb543bd12f6acb19b7e78212db68ac7607663bb57a0244fdb73
685e6dc1be883dbf7928d417ed584483cdb6249b5c256d0b0e04bbc6dee6c42c
6a770ad3c1e13c239f8afd9f61ec1da462354dadfab99916a040e90adae05677
70a920630a9316c54db4a0e740c5f9e993b61a5921a550cdaf0794c2e71495e0
71d94d6f01442daef3ebe7d9395e17f6505c84350a4722bb3641a0c863764754
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7a639cc6be98ce689c6cca1afc16069deadc5669efe0da2f4dde092fd7e7f8a3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
803bb81206d75650edd52e82792ee93e8f10dddc59b5ae463dd22b5d220e0601
8adb3e7335910eba6178ad4c7ca2dc5def9b49f7d0e2e9e5c185785b791bb45d
8d1f1138dda3d0405c0d02a94d6c3029dc8cdcbfa714d253ccf9d332f3aad5cb
932a6fef19ad9bb8213b8220f43a9aa301aced6f34963898451b96f5bb036b02
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9e706a6f7bc551ddf626c15cd76c1c251c0009871b6977cab0b3bf25391cbd9a
a9bfe657370f1b678b1ab5ea00c6bcf7d1e6d41ecde25981ac4b1bd838b4df2c
a9ca15effbf0330e54b4689789666fc8014699b02e21bfdde88b81b9dce9dd41
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab5a0afa079dde495f733462f614c3fd0107d3010a81f1ec2e1d036cee18f9a0
b7b4a21629ad1e49712bb53afdb8b23bcf5454aff808ec70099c88a605d79605
b8324346b172ebe889875f0bd155563b19076288c3cc154d57731a57368d4ce2
c6e0c0017d34d3434111b02367a9706526954732d057d31a2810a690bcbf8b37
c83517c9af089cba90b664aa9aec659110cfed01c6a80a8d8b3052d7a6f5cc73
ce18657c4e2cfdbbeeefa3eb43a045a618f571038472f3a20050ddb244217728
d787704fcdff40457cd58c1069eb614be1c697720c333cb060d9a83247c1d88d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

uber-3r9.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2c97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

98 %HTTPS

67 %IPv6

15 Domains

16 Subdomains

16 IPs

2 Countries

944 kBTransfer

2047 kBSize

3 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

uber-3r9.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2c97 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

98 %
HTTPS

67 %
IPv6

15
Domains

16
Subdomains

16
IPs

2
Countries

944 kB
Transfer

2047 kB
Size

3
Cookies

46 HTTP transactions
1 data transactions