0/100

low Risk

uber.com

https://uber.com

69.48.216.87 · Uber Technologies, Inc

Location

San Francisco, United States

Domain Age

11231 days

HTTP

200 · 36.0s

SSL

Valid· DigiCert Global G2 TLS RSA SHA256 2020 CA1, DigiCert Inc, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "Explore the Uber Platform | Uber United States"

Save

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

uber.com

Unknown

technology | transportation | mobility | other · 4/15/2026

Summary

The page presents Uber branding on the official domain uber.com with Uber visuals and content. There is no clear credential harvesting or login form observed in the static HTML; however, the page loads a large set of third-party scripts and tracks user interactions via numerous POST endpoints to Uber APIs, which is expected for a first-party Uber interface. The evidence does not clearly indicate impersonation or phishing; the branding appears consistent with Uber's own site on its official domain, though the extensive external script usage and POST activity warrant normal security monitoring for data handling and privacy implications.

Evidence Summary

▸Observed 3 capture stage(s); canonical stage is late_render_3s.

▸POST targets observed during capture: https://www.uber.com/api/getCurrentUser?localeCode=en, https://www.uber.com/api/getProductSuggestions?localeCode=en, https://www.uber.com/api/getMapHeroEnabledProducts?localeCode=en.

▸Distinctive asset clues: client-2611-cea8fd9da8c4aa5f.js, client-5646-1e02200604102a9c.js, srcb64=aHR0cHM6Ly90Yi1zdGF0aWMudWJlci5jb20vcHJvZC91ZGFtLWFzc2V0cy9hM2NmODU2NC1lMmE2LTQxOGMtYjliMC02NWRkMjg1YzEwMGIuanBn, srcb64=aHR0cHM6Ly90Yi1zdGF0aWMudWJlci5jb20vcHJvZC91ZGFtLWFzc2V0cy83NmJhZjFlYS0zODVhLTQwOGMtODQ2Yi01OTIxMTA4NjE5NmMucG5n.

Capture

Stages: 3

Canonical: Late Render (+3s)

Changed: No

Credential Signals

Forms: 1

Password fields: 0

Late-stage login UI: No

Resource Signals

Resources: 215

Hosts: 7

Domains: 3

Suspicious Endpoints

hxxps://www[.]uber[.]com/api/getCurrentUser?localeCode=en

hxxps://www[.]uber[.]com/api/getProductSuggestions?localeCode=en

hxxps://www[.]uber[.]com/api/getMapHeroEnabledProducts?localeCode=en

hxxps://www[.]uber[.]com/api/getMerchandisingAdAvailability?localeCode=en

hxxps://www[.]uber[.]com/api/pudoLocationSearch?localeCode=en

hxxps://www[.]uber[.]com/api/getExperiments?localeCode=en

Observed Signals (0)

Observed Indicators (0)

No suspicious indicators identified

Risk AssessmentUsed in abuse reports

The scan indicates the site on its official domain Uber.com with legitimate Uber branding and typical analytics/telemetry endpoints. There is no evidence of credential harvesting UI or impersonation in the static content. However, the heavy use of external tracking scripts and frequent POST calls to account-related endpoints could raise privacy/telemetry concerns if data is mishandled. No action is warranted for phishing at this time; continue monitoring for unusual data exfiltration patterns or unexpected endpoint usage. If there is any doubt about the page rendering a credential form, it would require runtime analysis beyond static HTML to confirm.

Recommended Action

Monitor

Cross-Reference8

URL Intelligence