authenticate.ibotta.com Open in urlscan Pro
2606:4700::6810:5267 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ibotta.com/r/onmcjom
Effective URL:
https://authenticate.ibotta.com/u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZI...
Submission: On June 16 via api (June 16th 2023, 4:10:53 pm UTC) from FI — Scanned from FI

Summary HTTP 116 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 45 IPs in 3 countries across 32 domains to perform 116 HTTP transactions. The main IP is 2606:4700::6810:5267, located in United States and belongs to CLOUDFLARENET, US. The main domain is authenticate.ibotta.com. The Cisco Umbrella rank of the primary domain is 137962.
TLS certificate: Issued by R3 on April 29th 2023. Valid for: 3 months.

This is the only time authenticate.ibotta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2600:9000:225... 2600:9000:2250:da00:14:fc27:88c0:93a1	() ()
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
9	2a02:26f0:350... 2a02:26f0:3500:11::215:14d9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:310... 2a02:26f0:3100::1735:28f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.32.121.85 13.32.121.85	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:310... 2a02:26f0:3100::1735:28e2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
4	34.206.37.242 34.206.37.242	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	13.248.151.210 13.248.151.210	16509 (AMAZON-02) (AMAZON-02)
5	3.222.187.124 3.222.187.124	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2606:4700::68... 2606:4700::6810:5267	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223f:1800:17:3f5c:f800:21	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:881::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.27 108.138.7.27	16509 (AMAZON-02) (AMAZON-02)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:225... 2600:9000:225e:6200:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
2	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14d5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.36.163.228 23.36.163.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	52.21.14.181 52.21.14.181	14618 (AMAZON-AES) (AMAZON-AES)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.58.221 65.9.58.221	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:6000:3:760:2800:21	() ()
1	2600:9000:225... 2600:9000:225e:a400:17:f683:1d40:21	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:f800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2600:1f18:730... 2600:1f18:730:b140:9f43:4609:98a4:9314	14618 (AMAZON-AES) (AMAZON-AES)
1	52.1.91.70 52.1.91.70	14618 (AMAZON-AES) (AMAZON-AES)
3	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:e00:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:4700:10:... 2606:4700:10::6816:35fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
116	45

14 2600:9000:2250:da00:14:fc27:88c0:93a1 (United States)

ASN- ()

ibotta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:11::215:14d9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.rokt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3100::1735:28f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-85.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:28e2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.206.37.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-37-242.compute-1.amazonaws.com

api.ibops.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.222.187.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-187-124.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5267 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

authenticate.ibotta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:1800:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:881::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-27.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:6200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.14.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-14-181.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-221.fra56.r.cloudfront.net

dvqigh9b7wa32.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:6000:3:760:2800:21 (United States)

ASN- ()

d330aiyvva2oww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:a400:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)

d1lu3pmaz2ilpx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:9f43:4609:98a4:9314 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.91.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-91-70.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:e00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

home.ibotta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ibotta.com 1 redirects ibotta.com — Cisco Umbrella Rank: 64895 authenticate.ibotta.com — Cisco Umbrella Rank: 137962 home.ibotta.com — Cisco Umbrella Rank: 626513	749 KB
9	rokt.com apps.rokt.com — Cisco Umbrella Rank: 8714	253 KB
7	bing.com bat.bing.com — Cisco Umbrella Rank: 389	25 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
7	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2741 heapanalytics.com — Cisco Umbrella Rank: 2317	74 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124	155 KB
5	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1309 clientstream.launchdarkly.com — Cisco Umbrella Rank: 1175	18 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 600 p.typekit.net — Cisco Umbrella Rank: 783	19 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2890	1 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 716	116 KB
4	cloudfront.net d2hrivdxn8ekm8.cloudfront.net dvqigh9b7wa32.cloudfront.net d330aiyvva2oww.cloudfront.net d1lu3pmaz2ilpx.cloudfront.net	11 KB
4	ibops.net api.ibops.net — Cisco Umbrella Rank: 26713	1 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 755	1 KB
3	google.fi www.google.fi — Cisco Umbrella Rank: 27177	579 B
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2948 rp.liadm.com — Cisco Umbrella Rank: 2277 rp4.liadm.com — Cisco Umbrella Rank: 8165	16 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	288 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 408 px4.ads.linkedin.com — Cisco Umbrella Rank: 6542	1 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2750	129 B
2	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 3679	26 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 749 script.hotjar.com — Cisco Umbrella Rank: 1067	73 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 844	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	49 KB
1	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 1948
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 7635	60 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2638	259 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1027	376 B
1	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 4440	131 B
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 6589	12 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2757	6 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 960	5 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1129	53 KB
1	gstatic.com www.gstatic.com	169 KB
116	32

	Domain	Requested by
14	ibotta.com	ibotta.com
9	apps.rokt.com	ibotta.com apps.rokt.com
7	bat.bing.com	ibotta.com bat.bing.com
6	www.google-analytics.com	www.googletagmanager.com ibotta.com
5	heapanalytics.com	ibotta.com authenticate.ibotta.com
4	analytics.tiktok.com	ibotta.com analytics.tiktok.com
4	api.ibops.net	ibotta.com
4	app.launchdarkly.com	ibotta.com
3	ct.pinterest.com	ibotta.com s.pinimg.com
3	www.google.fi	ibotta.com
3	authenticate.ibotta.com	1 redirects ibotta.com
3	www.googletagmanager.com	ibotta.com www.googleoptimize.com www.googletagmanager.com
3	use.typekit.net	client use.typekit.net
3	www.google.com	ibotta.com
3	securepubads.g.doubleclick.net	ibotta.com securepubads.g.doubleclick.net
2	us-central1-adaptive-growth.cloudfunctions.net	ibotta.com
2	stats.g.doubleclick.net	www.googletagmanager.com ibotta.com
2	region1.analytics.google.com	www.googletagmanager.com
2	d.impactradius-event.com	ibotta.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	p.typekit.net	use.typekit.net
2	cdn.heapanalytics.com	ibotta.com authenticate.ibotta.com
1	cdn.quantummetric.com	authenticate.ibotta.com
1	home.ibotta.com	authenticate.ibotta.com
1	cdn.auth0.com	authenticate.ibotta.com
1	vc.hotjar.io	ibotta.com
1	rp4.liadm.com	ibotta.com
1	rp.liadm.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	px4.ads.linkedin.com	ibotta.com
1	px.ads.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	ibotta.com
1	script.hotjar.com	static.hotjar.com
1	d1lu3pmaz2ilpx.cloudfront.net	ibotta.com
1	d330aiyvva2oww.cloudfront.net	ibotta.com
1	dvqigh9b7wa32.cloudfront.net	ibotta.com
1	data.adxcel-ec2.com	ibotta.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	websdk.appsflyer.com	ibotta.com
1	cdn.pdst.fm	ibotta.com
1	b-code.liadm.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	d2hrivdxn8ekm8.cloudfront.net	ibotta.com
1	clientstream.launchdarkly.com	ibotta.com
1	www.googleoptimize.com	ibotta.com
1	www.gstatic.com	www.google.com
116	48

This site contains links to these domains. Also see Links.

Domain
legal.ibotta.com

Subject Issuer	Validity	Valid
ibotta.com Amazon RSA 2048 M01	`2023-04-24` - `2024-05-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
apps.rokt.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-07` - `2023-12-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-27`	6 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
api.ibops.net Amazon RSA 2048 M02	`2023-02-22` - `2023-10-26`	8 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-02-10` - `2023-10-07`	8 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
authenticate.ibotta.com R3	`2023-04-29` - `2023-07-28`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-26` - `2023-06-24`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-05-27` - `2023-08-25`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-22` - `2023-09-24`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
adxcel-ec2.com Amazon RSA 2048 M02	`2023-02-24` - `2023-11-16`	9 months	crt.sh
*.google.fi GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.auth0.com Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh
home.ibotta.com Cloudflare Inc ECC CA-3	`2023-06-15` - `2024-06-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://authenticate.ibotta.com/u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGhNUml1Vk8tVFFlNnhpbWw3Y1dlck9GUnJWbDhHVzk4o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Frame ID: 7FC7041EB951364D790449DA38DFDC32
Requests: 105 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/controller/index.html
Frame ID: 519A5649CD94A2B947B05E746630C3D6
Requests: 4 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Frame ID: 4991F1E103B6A3D4E36D87494273B6BD
Requests: 2 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugins/widget/index.html
Frame ID: 0439EEB1B5F80B9B3F52B8A0BE665C9F
Requests: 2 HTTP requests in this frame

Frame: https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&prompt=none&response_type=code&response_mode=web_message&state=Zl9VekVlWEh3VlpQQjE0WWJJUVhhQn5UMk1acFZ5SXVwfkhhRFNrSn4zdQ%3D%3D&nonce=cH5FbEdZUHNlTENUSks4dlF%2BeU8yOTFVN2JOTFluYlFVTHNDX0NMUnl5WA%3D%3D&code_challenge=y_U_BONt5ES1kCDpoLzbU8dyi0ORSOsc7ySgWfuRHb0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC40In0%3D
Frame ID: D848E5C9D0C9B9BAE59027AAFDF668AD
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: F680CDFA53EF84CFFD96D3805528BCA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Create Ibotta Account

Page URL History Show full URLs

https://ibotta.com/r/onmcjom Page URL
https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+em... HTTP 302
https://authenticate.ibotta.com/u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlc... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

116
Requests

95 %
HTTPS

63 %
IPv6

32
Domains

48
Subdomains

45
IPs

3
Countries

2220 kB
Transfer

7715 kB
Size

48
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://legal.ibotta.com/policies?name=ibotta-terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://legal.ibotta.com/policies?name=ibotta-privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ibotta.com/r/onmcjom Page URL
https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&screen_hint=signup&friend=onmcjom&app_version=4.126.0%3Aweb_v2%3Achrome&global_session_id=f0437df1f7974c3bad05777edd3a5327&early_identifier=a128136080654a6b9f582a45d6b6ade7&response_type=code&response_mode=query&state=SmJCMWVJSXZqaWhiSUhlVTB5MU90eW1wQlNpYmE2VlE2enRBTHQ4OGFSbw%3D%3D&nonce=SlVUMzJzSjRIV3NQWU13VGtfNVRmWlY5QmxxMkRZY3RHLmtrdVJQS3ZkaQ%3D%3D&code_challenge=kaWy_fRdfMuo8g60GB-Ski1D-OT5VhxduHGxXdioumA&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC40In0%3D HTTP 302
https://authenticate.ibotta.com/u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGhNUml1Vk8tVFFlNnhpbWw3Y1dlck9GUnJWbDhHVzk4o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1686931847666&url=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1686931847666&url=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&e_ipv6=AQJXqnVBOhpPRAAAAYjE-TsM7wMclBAUeZ-U-WjDi-OOViHUuCLFUO8wFdARqkfTTLo7uOn6

Request Chain 84

https://rp.liadm.com/j?dtstmp=1686931847914&aid=a-0320&se=e30&duid=4564d05c840b--01h32fjee34e7a9pdeg6fe7r9c&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&wpn=lc-bundle&c=PG1ldGEgZGF0YS1uLWhlYWQ9IjEiIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJldHRlciB0aGFuIGNvdXBvbnMhIEVhcm4gcmVhbCBjYXNoIGJhY2sgb24geW91ciBldmVyeWRheSBwdXJjaGFzZXMg4oCUIGluLXN0b3JlIGFuZCBvbmxpbmUuIj48dGl0bGU-SWJvdHRhPC90aXRsZT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1686931847914&aid=a-0320&se=e30&duid=4564d05c840b--01h32fjee34e7a9pdeg6fe7r9c&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&wpn=lc-bundle&c=PG1ldGEgZGF0YS1uLWhlYWQ9IjEiIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJldHRlciB0aGFuIGNvdXBvbnMhIEVhcm4gcmVhbCBjYXNoIGJhY2sgb24geW91ciBldmVyeWRheSBwdXJjaGFzZXMg4oCUIGluLXN0b3JlIGFuZCBvbmxpbmUuIj48dGl0bGU-SWJvdHRhPC90aXRsZT4&i6=MmEwYzpmMDQwOjA6Mjc5MDo6NmU%3D&n3pc=true

116 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 onmcjom Show response
ibotta.com/r/ 4 KB
2 KB 217ms
80ms Document
text/html 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

6272becd27736d37e5970ac216ab5c0e663878f4b9bea3ab994c551e1600b063

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 5137
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, s-maxage=86400
content-encoding: br
content-type: text/html
date: Fri, 16 Jun 2023 14:45:09 GMT
etag: W/"e7c4daaae9c2ece86a3e1f59525cc704"
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
last-modified: Fri, 16 Jun 2023 14:41:38 GMT
referrer-policy: same-origin
server: none
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-cf-id: uguoh5wxOHTUzFutnRoyH8ctdVxSZW09KGA3PzWl_g67v2rAHaeGag==
x-amz-cf-pop: FRA60-P2
x-amz-id-2: ig0p5T8y+t8RkXNLRrJZSZlxc/+ILM5TqA1FMNYyWgx3hlCCYICTrf7OXcJmz/EEzQX2Jw62KNY=
x-amz-request-id: PTH8XA3A5A2D6HN1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 rokt.js Show response
ibotta.com/scripts/ 665 B
1 KB 78ms
76ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/scripts/rokt.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

2d18666f0070c1d3d86b414b2f63d771c50c085457c31efc9abffb423054baf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:51:02 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: 7BWQ7WRHDGSSBPKS
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 4784
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 665
x-amz-id-2: p9Na3+dDJ7tYJohh9yuOI9FbvS+Kma0cHioLxFCGbkaph/5fDzHYjhNSgMFmtovHD8sxNMZZyu8=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 16 Jun 2023 14:43:51 GMT
server: none
etag: "aa16c176534bd3b1dc4e7b030cc590ba"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=0, s-maxage=86400
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
x-amz-cf-id: -Fh7yufh70Tbk60rnzEC1MeOcIiTwWrrncoTXlogLk7zV2Hy21-5hg==

GET
H2 200 heap.js Show response
ibotta.com/scripts/ 933 B
2 KB 285ms
283ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/scripts/heap.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

2b5a46b2b8cdb89baa4ae90c0b0d7aafc03370b37c05b4797a78204c4bccfdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:51:02 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: 7BWS3NP8FDH8EHK0
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 4784
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 933
x-amz-id-2: u5C29hYLrQR09sq8BBtC7oGEAayFrP5E3Z9wjCo625gtNakdCFDF3Xhj9fAGPM9vxN3cJ8vLDro=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 16 Jun 2023 14:43:51 GMT
server: none
etag: "4045aa9706089c0eb4c3ee77ae743994"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=0, s-maxage=86400
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
x-amz-cf-id: Mr587ydJ0UHJtEKMlmwcSAOT1hlO-FwcKl0ImvDURGlIycYfVR2c8Q==

GET
H2 200 google-publisher.js Show response
ibotta.com/scripts/ 93 B
905 B 313ms
312ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/scripts/google-publisher.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

3557177e20754969b0b0dd9a5200a4c654ad8380fe7afcff3f6638cda5139abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:51:02 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: 7BWN9G7R583SMP69
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 4784
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 93
x-amz-id-2: ThWmyXqdr59l77sRvP2jRH4PyfXzEeakDksZJxb0sDdvTMM2KzaGx7UMRdjg0YirbcGlkLAaTCRg4tCUnqZVha/DAEVPSJTY9n08A5Z5hvw=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 16 Jun 2023 14:43:51 GMT
server: none
etag: "7e05c1c037892735ea4a27594640b4b2"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=0, s-maxage=86400
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
x-amz-cf-id: bP_oeU2KIs6E5HJl5di80OntBJG-nU7rzHd3hzByOe5_4KbS6yS46Q==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
26 KB 306ms
135ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

896820402d69ca61150c91dd7fa5c602bb431dfd2a318a00de8c185b37b4f2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26468
x-xss-protection: 0
server: cafe
etag: 289 / 19524 / 31075333 / config-hash: 10714554489475813448
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 16:10:45 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
877 B 201ms
72ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3851b178b0373dffa9438a26fb712baaef5e039b04217282b20eaef60d550b12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Fri, 16 Jun 2023 16:10:45 GMT

GET
H2 200 app.4d77fad.js Show response
ibotta.com/_nuxt/ 6 KB
4 KB 75ms
74ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/app.4d77fad.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

5aeb4d332e4ec64a4a28b9a26b6b73f4e4f80b48ab2dceb386a1afd2bba732ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:44:20 GMT
content-encoding: gzip
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: 10H0WQE319W07YSG
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 5186
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uQFOTrWuGHJZ1gbIpjrpjqc1bB4Pzm08WrAGznq2AuckZidQpRQlyfBkGQ1MVgaFp2WeSV7IM40=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 16 Jun 2023 14:41:39 GMT
server: none
etag: W/"4e8463ed499d9207f8cf1c4596318017"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: s0iIREn5_-i3UXTqZlOvFxcw31pi3M52cSZcsM-hyejVZdP3YWwMLA==

GET
H2 200 chunk.1238607.js Show response
ibotta.com/_nuxt/ 283 KB
93 KB 288ms
287ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.1238607.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

e5b1f12fb989eb501193daa7feda9d19c11daf266c7f4a4eeea279b8f5d286a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:44:21 GMT
content-encoding: gzip
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: GNDP2ZN4K9DA7NBV
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 5185
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uuLLbdiKVH9Ky4lK+AxglcHAT8w2Mvpb7b9rjZDy+fId910cL7uD6I5m2MmdQkP3EuTeS7E69y8=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 16 Jun 2023 14:41:47 GMT
server: none
etag: W/"413532391dcb5f1463e8a555505b308e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: sGIYZhfvF_qzANtPbebLB8QuFDBwA8mF1MbieYjxQlvwbipW8inu9g==

GET
H2 200 chunk.472ec7f.js Show response
ibotta.com/_nuxt/ 1 MB
364 KB 92ms
91ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.472ec7f.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

1b1c0409e34511f213750c281bc67508aa62efc78c4cac5779b3a7900de362a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:44:21 GMT
content-encoding: gzip
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: GNDKD7NHPRP8B6NX
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 5185
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sRlNzhqbQ5jvufRWR0GiKXlf7hG/APaUOckTQ+CD94s/Ra/83sjbOjVCAZMIrRM/eKwG8rAMKAE=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 16 Jun 2023 14:42:15 GMT
server: none
etag: W/"882196b13d19061e9ca5259be8cb6069"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: 3ZtFJf-uI-86NwURSVp3ND_L2uk2YhL2NwFaRxkqRCZ9joRu6au3-w==

GET
H2 200 chunk.dac525c.js Show response
ibotta.com/_nuxt/ 609 KB
134 KB 312ms
311ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.dac525c.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

d39b2eb4c7f0b0c708bf9e69acdf7ca787557db4a1442b50c345863bb1a7c134

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:44:21 GMT
content-encoding: gzip
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: GNDVBETNPAY9SAZQ
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 5185
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Bq4X6sJA7/+t9nP2cZlP4yll7p1kkgqqvuh1uc2Qg426gCTDiuvLKrGAyKdoSv7ZUcrQ2XadWGw=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 16 Jun 2023 14:43:23 GMT
server: none
etag: W/"f4d59201b3edaf87d095c78c592a4754"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: LPilze9FgKu7E78ohmdi7cUG5A9qFYaJ5WhsCWP6yPUH0GGeCNoUAw==

GET
H2 200 snippet.js Show response
apps.rokt.com/wsdk/integrations/ 72 KB
18 KB 256ms
70ms Script
application/javascript 2a02:26f0:3500:11::215:14d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/integrations/snippet.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/scripts/rokt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

469b9733ce455b6a1d956f75a4f5a345ec8b11ecbe68e0d299c2e80b3b41d3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: KC1JG5NF2ZG2D24H
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 17298
x-amz-id-2: YStsiL5+m3XmtUUUrYw0bnB9nmqe1GK07Q8uNHvHjgkIsI+jB8voP66+jX3XaIXzVAJ05Alpsj0=
last-modified: Thu, 15 Jun 2023 01:33:03 GMT
server: AmazonS3
etag: "63d25278f015667fa3df2d24e3f21802"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ 418 KB
169 KB 191ms
61ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2da9f9802acf5725de0c738b1f685ca720f92d029ea41836181b104bdda52a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://ibotta.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 04:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171923
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 04:08:09 GMT

GET
H2 200 lys1mao.css
use.typekit.net/ 3 KB
937 B 437ms
215ms Stylesheet
text/css 2a02:26f0:3100::1735:28f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lys1mao.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

75a099d5c0fa41ab884e9c6c125e9d78e3b22ebedf193194c4690e0325071aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 16 Jun 2023 16:10:46 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 714

GET
H2 200 wng3obt.css
use.typekit.net/ 6 KB
1 KB 451ms
232ms Stylesheet
text/css 2a02:26f0:3100::1735:28f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wng3obt.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2501dc68e894f97954d8bd445940068804b109c43c3d1d8ab8dbc7cd09dcbc8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 16 Jun 2023 16:10:46 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 884

GET
H3 200 chunk.c1ff1a2.js Show response
ibotta.com/_nuxt/ 326 B
973 B 167ms
167ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.c1ff1a2.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.4d77fad.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

f0a45babc462a62294d09471f880b721a99ae32d8e05fedb6a6a813f4a118eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 19:20:34 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: PRJ007DMCD2GTZ8V
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 247813
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 326
x-amz-id-2: kdVDAEsy5ATU/a5cC1qBzC3CurOyDlVsaCUakgfPBR24N6bR+3HwzYI8qMX4zGq+VnCpqRmvxLr5+MDNIFFHOQ==
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 13 Jun 2023 19:07:20 GMT
server: none
etag: "8d025de35edf62e7ab0ee2f1f696bcc4"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
x-amz-cf-id: aCPqgPbb-vRU9s-lnKgqSrFIXFO6mqNFneEB2jaJl8DeyxhjozlErQ==

GET
H2 200 index.html Show response
apps.rokt.com/wsdk/controller/ Frame 519A 1 KB
1 KB 75ms
74ms Document
text/html 2a02:26f0:3500:11::215:14d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/controller/index.html

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e0d8c2581073748be20b173e508486be2b55770eacb668d19eea1fb3ae7cc75

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1200, public
content-encoding: gzip
content-length: 638
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 16:10:46 GMT
etag: "215622bcf5ec45abb188169ab7307645"
last-modified: Thu, 15 Jun 2023 01:33:00 GMT
server: AmazonS3
strict-transport-security: max-age=16070400; includeSubDomains
vary: Accept-Encoding
x-amz-id-2: zDr1JFAWl56uAzRcv9PMyaVy2rQCoRv2/UawfwEQUqJ3kEWrQhvdquW+DUq8ZSz06wFkU6s4Jv0=
x-amz-request-id: D3C23RTG7FW1KFDC
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff

GET
H2 200 index.html Show response
apps.rokt.com/wsdk/plugin-runtime/ Frame 4991 708 B
848 B 73ms
73ms Document
text/html 2a02:26f0:3500:11::215:14d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugin-runtime/index.html

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e4f62d6cc1d433b2c2b768c56ccc47bcc38bd197235449550d1428dae7730ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1200, public
content-encoding: gzip
content-length: 385
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 16:10:46 GMT
etag: "13bdc2baeb854a8d373f20563adc3729"
last-modified: Thu, 15 Jun 2023 01:33:08 GMT
server: AmazonS3
strict-transport-security: max-age=16070400; includeSubDomains
vary: Accept-Encoding
x-amz-id-2: IPlMtVKsNKygCtUyLOHGLR+1LMfMGJsaognOO7r1vwALydDEItXYcZn8I13GKPCg0mAkDWZUUUw=
x-amz-request-id: D3CDRDK63DAACYRN
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff

GET
H2 200 index.html Show response
apps.rokt.com/wsdk/plugins/widget/ Frame 0439 730 B
751 B 74ms
73ms Document
text/html 2a02:26f0:3500:11::215:14d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugins/widget/index.html

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

25bb1b125f420bd697c938b62f112f7dbdb838cfcc45de82f0b1c449206ec835

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1200, public
content-encoding: br
content-length: 299
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 16:10:46 GMT
etag: "b2a9d79ec58a13bc0ceabc8a30f24868"
last-modified: Thu, 15 Jun 2023 13:38:33 GMT
server: AmazonS3
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-id-2: XVrtG0brG9C6QD6YbycZNvqn5c5tRyjjAx0l647FffLqbas+n6KpnWq3Pz2EqsbwgcSl2dcgPKA=
x-amz-request-id: QQQBCK651RA4SAP0
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff

GET
H2 200 global-reporter.js Show response
apps.rokt.com/wsdk/reporter/ Frame 519A 7 KB
3 KB 71ms
71ms Script
application/javascript 2a02:26f0:3500:11::215:14d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/reporter/global-reporter.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d00d1b84250a4886d05eb8146180447a656d25ac69cf41eda4ee0b4993a1d34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.rokt.com/wsdk/controller/index.html
Origin: https://apps.rokt.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: 5HF8Y8VY7DQNHC48
content-length: 2840
x-amz-id-2: DIVf8DI/9+a9atLBM6t+EfCNYtPhNrT5CDk0jtp2eUrlHI9RJyRKMR7SYtXGaZlgOCmgp7G0bOg=
last-modified: Sun, 08 Aug 2021 23:10:23 GMT
server: AmazonS3
etag: "1d663c18a8f56b3de25954a30bd3e8c0"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=1200, must-revalidate, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 index.e526aa195ce95eed573b.js Show response
apps.rokt.com/wsdk/controller/ Frame 519A 63 KB
18 KB 71ms
70ms Script
application/javascript 2a02:26f0:3500:11::215:14d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/controller/index.e526aa195ce95eed573b.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2cc592ab4b5053f100119b00dfe3c96c3a8dc6213a59e789dc6f09bee301c24b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.rokt.com/wsdk/controller/index.html
Origin: https://apps.rokt.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: 0VYE60JV8446SBZB
x-amz-server-side-encryption: AES256
content-length: 17649
x-amz-id-2: IK6y6/rmgT1MU1PXDQN+yayLSgh6bZKaWcFZEr60CT4O2KjJDRohnDUENXSe167E4lk1R+Mtqbl8bzGFie8G2Q==
last-modified: Thu, 15 Jun 2023 01:32:58 GMT
server: AmazonS3
etag: "50b80df3c584a840e1a4fa4eca90dc12"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000, immutable, public
access-control-allow-credentials: false
access-control-allow-headers: *

GET
H2 200 index.8d0eb87415939d8496a8.js Show response
apps.rokt.com/wsdk/plugin-runtime/ Frame 4991 70 KB
18 KB 75ms
75ms Script
application/javascript 2a02:26f0:3500:11::215:14d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugin-runtime/index.8d0eb87415939d8496a8.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugin-runtime/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b7f9dd9f16dcf6d7deb86eb8aaebb7914ce1ac568a7e818b8da841a633ce287

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Origin: https://apps.rokt.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: KC1PXHXWCJ5WX4SH
x-amz-server-side-encryption: AES256
content-length: 18362
x-amz-id-2: 8HXoIHGru6wgsYDMjie+Y0WKxyGsrzHG2sLrM6n0GlDcAd0DKKPF3XmPUab7meY3B3MQWNcZXpQ=
last-modified: Thu, 15 Jun 2023 01:33:07 GMT
server: AmazonS3
etag: "a61c24f603a0783ecf4b304a6aebf7c0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H3 200 chunk.18d1a52.js Show response
ibotta.com/_nuxt/ 158 KB
38 KB 75ms
74ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.18d1a52.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.4d77fad.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

cb2a91eba734efcffcbcedbd73640e52dde7569c5420b5fb27579bdd875e1038

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 13 Jun 2023 19:09:49 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-request-id: 7SJ5TKCK90P5DEZG
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 248458
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vyTn+a3UpSMZiXqmd69s7Ejh++nMEGhQA438lO21k9hFuVqGZOKukSIz+uj1/wkDkow5PKFHv4o=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 13 Jun 2023 19:05:53 GMT
server: none
etag: W/"889811326112fc41d5ed0d12b7be96d0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: Sz1lVyYx6mutPEubR7sZoBRj3aKx6f0KwrY6AGxn5TEKKkRGenyX3w==

GET
H3 200 chunk.d767706.js Show response
ibotta.com/_nuxt/ 2 KB
2 KB 73ms
72ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.d767706.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.4d77fad.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

c7aea04047dc8a63ad0da4231c1d2320d4c582b51118bd2615ff9d0edc9eca3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 13 Jun 2023 19:09:49 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-request-id: 7SJAR6N6APWJ58E7
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 248458
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8+7vAM245dsKcEowEQj3CXkyKgTQm2kqL6FCBqsmbBfXMYRlpV8wSUKycQwjNwTev8baHFBgvBw=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 13 Jun 2023 19:07:30 GMT
server: none
etag: W/"e2f83b188b2f824eff63b1a8b88b80b9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: dU3jThyJyyJ8JGXTXMseklJxQEO5L3JMMqCKHF1RDNI8EX7QN4yjBg==

GET
H2 200 index.a6721ee761f3f0e66b9c.js Show response
apps.rokt.com/wsdk/plugins/widget/modern/ Frame 0439 960 KB
193 KB 71ms
71ms Script
application/javascript 2a02:26f0:3500:11::215:14d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugins/widget/modern/index.a6721ee761f3f0e66b9c.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugins/widget/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05e8e4323760406c6cb21d818a8558c3d5c7ac5fd639b1e1fd0f5d4d86346f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apps.rokt.com/wsdk/plugins/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: QQQBESHRPRDE8NFP
x-amz-server-side-encryption: AES256
content-length: 197293
x-amz-id-2: H/5qXO0eACxLo86HX10JM02MxrB/6itjcJFph1nA/YnLgHm4znwmUV7CATYgTaTklWYVylCGIWs=
last-modified: Thu, 15 Jun 2023 13:38:32 GMT
server: AmazonS3
etag: "ce8fbfb80b6414ae241a8d0f13d0f50f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/ 408 KB
126 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075333

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12920
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128933
x-xss-protection: 0
server: cafe
etag: 1396361306703029922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Jun 2024 12:35:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 51 B
72 B 219ms
95ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibotta.com

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87de579704ad7c90f1ba13b35ce99f431e6b0d824e6d84d401022e27204400e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
x-xss-protection: 0
expires: Fri, 16 Jun 2023 16:10:46 GMT

GET
H3 200 session Show response
apps.rokt.com/v1/ Frame 519A 0
26 B 126ms
125ms Fetch 2a02:26f0:3500:11::215:14d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/v1/session

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.e526aa195ce95eed573b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apps.rokt.com/wsdk/controller/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Fri, 16 Jun 2023 16:10:46 GMT
content-security-policy: upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
date: Fri, 16 Jun 2023 16:10:46 GMT
x-content-type-options: nosniff
x-rate-limit-limit: 1m
x-rate-limit-remaining: 49
strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy-report-only: upgrade-insecure-requests; default-src https:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: istio-envoy
etag: 5c521afb-cb6b-4f79-8137-a96c03ab9ee9
access-control-expose-headers: ETag
x-rate-limit-reset: 2023-06-16T16:11:46.2270659Z
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, nofollow, noimageindex
quic-version: 0x00000001

GET
H2 200 heap-560310507.js Show response
cdn.heapanalytics.com/js/ 112 KB
36 KB 643ms
437ms Script
application/javascript 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-560310507.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/scripts/heap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

nginx / Express

Resource Hash

3c67a0eea1a39842a5e8d3fd97976433fe0f85a87b94dccbf90af92d00a3e7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:38 GMT
content-encoding: br
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA60-P1
age: 8
x-powered-by: Express
etag: W/"1bfb9-tUR8n2YeMSbYFm3T4vwCNYJJilg"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FGrvdodQBM0gFwL-8gXoGVp_lpo8AXa9tqaGDtIlSHn3OiToPaywvg==

GET
H3 200 chunk.d536351.js Show response
ibotta.com/_nuxt/ 41 KB
15 KB 134ms
134ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.d536351.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.4d77fad.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

1b9801a9f015a02424dd6f88e64066b54effcb9f1bdc02a06acf7bb5f8be6f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 13 Jun 2023 19:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-request-id: 95W2281SFZ3VMGDT
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 248337
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Q49sc5psz+ATY9TQrtMh/zNxxhyXa8dxdjGY/HX+tXNMwMBq3/2u5A0uF4hHdyacCZSqRuP7Jx4++FtG5QFLig==
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 13 Jun 2023 19:07:29 GMT
server: none
etag: W/"5e90ca54346ef2b6310864cea54d3511"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: nPveG5TGZcZIiAa_mARN-Z7YzRkV8HzBA_DV1V5LZAwSm-S795GWAw==

GET
H3 200 chunk.90ac621.js Show response
ibotta.com/_nuxt/ 5 KB
2 KB 100ms
100ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.90ac621.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.4d77fad.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

7189a672dd4779dec6c51a011451cf7a0d22f11824bd9ec0232775108d18ebf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Fri, 16 Jun 2023 14:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-request-id: SH6286P6XT75601Z
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 5183
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 86sYSlRKmN+gZrOcmqmWzSt80TwA0uhkLlLaObW+LGpwx0PBRohkFAg2o5Vu9yKpg250IUQyCnXAcWpGz0rL6A==
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 16 Jun 2023 14:42:54 GMT
server: none
etag: W/"f0edeb622c539a0f12a2cb748a8cdc08"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: JzuGvbH7zn3hbdiaavBx2XaRIIa_FIIE6l9zXdCFs13u846NuyjyOg==

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 316ms
73ms Stylesheet
text/css 2a02:26f0:3100::1735:28e2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=lys1mao&ht=tk&f=2005.2007.2009.2011&a=86732618&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lys1mao.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28e2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:46 GMT
last-modified: Fri, 21 Apr 2023 14:15:25 GMT
server: nginx
etag: "64429a7d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 294ms
72ms Stylesheet
text/css 2a02:26f0:3100::1735:28e2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=wng3obt&ht=tk&f=2005.2006.2007.2008.2009.2010.2011.2012&a=101957218&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wng3obt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28e2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:46 GMT
last-modified: Fri, 21 Apr 2023 14:15:25 GMT
server: nginx
etag: "64429a7d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 5c6b28dadb8ac42df4f22587 Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 58ms
58ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5c6b28dadb8ac42df4f22587

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.22.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Fri, 16 Jun 2023 16:10:46 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-eddf8230056-FRA
x-timer: S1686931847.614966,VS0,VE2
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4xMjYuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiI1YTI4MmM0MC0wYzYwLTExZWUtODdhYS01YmFlODMxYWM1YzMifQ Show response
app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/ 111 KB
18 KB 251ms
251ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4xMjYuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiI1YTI4MmM0MC0wYzYwLTExZWUtODdhYS01YmFlODMxYWM1YzMifQ?withReasons=true

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fae0ed9f9784a93048af6335924bfce0833b8d5c51f76c81814ce4a5a41b668e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.22.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Fri, 16 Jun 2023 16:10:46 GMT
age: 0
x-cache: MISS
content-length: 18182
x-served-by: cache-fra-eddf8230056-FRA
x-timer: S1686931847.614914,VS0,VE197
etag: "11420db"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding, Authorization
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 0

OPTIONS
H2 200 5c6b28dadb8ac42df4f22587
app.launchdarkly.com/sdk/goals/ Frame 0
0 184ms
55ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5c6b28dadb8ac42df4f22587

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Fri, 16 Jun 2023 16:10:46 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230056-FRA
x-timer: S1686931847.558262,VS0,VE1

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4xMjYuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiI1YTI4MmM0MC0wYzYwLTExZWUtODdhYS01YmFlODMxYWM1YzMifQ
app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/ Frame 0
0 185ms
56ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Fri, 16 Jun 2023 16:10:46 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230056-FRA
x-timer: S1686931847.558219,VS0,VE1

OPTIONS
H2 204 graphql
api.ibops.net/browser-extension/ Frame 0
0 417ms
135ms Preflight 34.206.37.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ibops.net/browser-extension/graphql?name=track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.37.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-37-242.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-app-session,x-app-version,x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method: POST
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-app-session,x-app-version,x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTION
access-control-allow-origin: https://ibotta.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 16 Jun 2023 16:10:47 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

OPTIONS
H2 204 graphql
api.ibops.net/browser-extension/ Frame 0
0 416ms
136ms Preflight 34.206.37.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ibops.net/browser-extension/graphql?name=track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.37.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-37-242.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-app-session,x-app-version,x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method: POST
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-app-session,x-app-version,x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTION
access-control-allow-origin: https://ibotta.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 16 Jun 2023 16:10:47 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 429 KB
118 KB 239ms
110ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46eb1c3757e1ba6ef4781988c309166541a7d68bce70755ec76cf254b518ca5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120065
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 15:08:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Jun 2023 16:10:47 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 162 KB
53 KB 224ms
77ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-WDJL74V

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.dac525c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e662df124d579059eb0791d97bc616082eb425757ef1eeceadbf6a7495a5892f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 54294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Jun 2023 16:10:47 GMT

POST
H2 200 graphql Show response
api.ibops.net/browser-extension/ 33 B
653 B 140ms
139ms XHR
application/json 34.206.37.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ibops.net/browser-extension/graphql?name=track

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.37.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-37-242.compute-1.amazonaws.com

Software

Resource Hash

8af9f3422c8dd10d3c9027aeb9f2a05bf9ae9485d59ba140b7e6b325aa98e242

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-App-Version: 4.126.0:web_v2:chrome
accept-language: fi-FI,fi;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
x-datadog-sampling-priority: 1
Content-Type: application/json
Accept: application/json
Referer
x-datadog-parent-id: 4992996187559343513
x-datadog-trace-id: 157059586208797358
x-datadog-sampled: 1
X-App-Session: af84ec19-1a34-4810-b4fd-c3d1d9342623

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 33
x-xss-protection: 0
x-request-id: 9f8aa2a31230786e62a3757de3295b6e
referrer-policy: no-referrer
etag: W/"21-ZB8zl8RfgSFnHZaKd4YLO6ORhz8"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen

POST
H2 200 graphql Show response
api.ibops.net/browser-extension/ 33 B
653 B 140ms
140ms XHR
application/json 34.206.37.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ibops.net/browser-extension/graphql?name=track

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.37.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-37-242.compute-1.amazonaws.com

Software

Resource Hash

8af9f3422c8dd10d3c9027aeb9f2a05bf9ae9485d59ba140b7e6b325aa98e242

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-App-Version: 4.126.0:web_v2:chrome
accept-language: fi-FI,fi;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
x-datadog-sampling-priority: 1
Content-Type: application/json
Accept: application/json
Referer
x-datadog-parent-id: 6197880009763081578
x-datadog-trace-id: 88264043377731009
x-datadog-sampled: 1
X-App-Session: af84ec19-1a34-4810-b4fd-c3d1d9342623

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 33
x-xss-protection: 0
x-request-id: 38ce9699d631feb02ee53b23f0515fb8
referrer-policy: no-referrer
etag: W/"21-ZB8zl8RfgSFnHZaKd4YLO6ORhz8"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4xMjYuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiI1YTI4MmM0MC0wYzYwLTExZWUtODdhYS01YmFlODMxYWM1YzMifQ
clientstream.launchdarkly.com/eval/5c6b28dadb8ac42df4f22587/ 111 KB
0 280ms
108ms EventSource
text/event-stream 13.248.151.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5c6b28dadb8ac42df4f22587/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4xMjYuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiI1YTI4MmM0MC0wYzYwLTExZWUtODdhYS01YmFlODMxYWM1YzMifQ?withReasons=true

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.151.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
261 B 417ms
134ms Image
image/gif 3.222.187.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=560310507&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1686931846945&hv=4.19.3

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.187.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-187-124.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 407ms
134ms Image
image/gif 3.222.187.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=560310507&u=5213903776079348&v=2773122310930572&s=2918830188135571&b=web&tv=4.0&z=0&h=%2Fr%2Fonmcjom&d=ibotta.com&t=Ibotta&k=web-v-2-down-for-maintenance&k=false&k=web-v-2-popular-online-cpg-retailer-list&k=true&k=web-v-2-popular-search-terms-data&k=true&k=web-v-2-popular-sort-option&k=false&k=web-v-2-recommended-offers-enabled&k=false&k=web-v-2-referral-page-copy&k=true&k=web-v-2-referral-page-terms&k=Savers%20will%20earn%20%2410%20when%20they%20refer%20a%20friend%20who%3A%20(i)%20is%20a%20new%20user%20to%20Ibotta%3B%20(ii)%20registers%20with%20Ibotta%20on%20a%20unique%20device%20with%20the%20Saver%E2%80%99s%20referral%20code%20(the%20%E2%80%9CReferred%20Saver%E2%80%9D)%3B%20and%20(iii)%20completes%20a%20Qualifying%20Offer%20(as%20defined%20below)%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20The%20Referred%20Saver%20will%20earn%20a%20referral%20bonus%20upon%20registration%20and%20completion%20of%20a%20Qualifying%20Offer%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20A%20Qualifying%20Offer%20includes%20an%20offer%2C%20Any%20Brand%2C%20or%20Any%20Receipt%20offer.%20Online%20shopping%20transactions%20are%20not%20considered%20a%20Qualifying%20Offer%20until%20the%20offer%20pending%20period%20is%20complete%2C%20and%20the%20offer%20is%20credited%20to%20the%20Referred%20Saver%E2%80%99s%20account.%20Ibotta%20reserves%20the%20right%20to%20adjust%20these%20terms%20or%20the%20bonus%20amounts%20at%20any%20time.%20Prices%2C%20offers%2C%20cash-back%20amounts%2C%20bonuses%2C%20and%20the%20referral%20period%20may%20vary%20and%20are%20subject%20to%20change%20without%20notice.%20All%20accounts%20are%20subject%20to%20review.%20Additional%20terms%20and%20conditions%20may%20apply.&k=web-v-2-sold-out-offers-list&k=true&k=web-v-2-registration-page-copy&k=true&k=web-v-2-cashout-on-web-payments-env&k=production&k=web-v-2-customer-metadata-override&k=false&k=web-v-2-browser-profiling-is-enabled&k=false&k=web-v-2-browser-profiling-home-is-enabled&k=false&k=web-v-2-browser-profiling-cashout-is-enabled&k=true&k=web-v-2-bex-required-retailer-update-enabled&k=true&k=web-v2-direct-integration-retailer-list&k=true&k=web-v-2-feedback-survey&k=true&k=web-disco-cashout-age-threshold&k=7&k=web-v-2-special-deals-enabled&k=true&k=web-v-2-retailer-thumbnail-updates-enabled&k=true&k=web-v-2-logged-out-item-offers&k=true&k=web-v-2-home-page-recommendation&k=Control&k=web-messaging-auth-enabled&k=false&k=web-v-2-in-store-retailers-enabled&k=false&k=web-v-2-retailer-groups-enabled&k=false&k=unified-account-linking-retailer-list&k=true&ts=1686931846984&st=1686931846987

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.187.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-187-124.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 authorize Show response
authenticate.ibotta.com/ Frame D848 1 KB
1 KB 608ms
517ms Document
text/html 2606:4700::6810:5267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&prompt=none&response_type=code&response_mode=web_message&state=Zl9VekVlWEh3VlpQQjE0WWJJUVhhQn5UMk1acFZ5SXVwfkhhRFNrSn4zdQ%3D%3D&nonce=cH5FbEdZUHNlTENUSks4dlF%2BeU8yOTFVN2JOTFluYlFVTHNDX0NMUnl5WA%3D%3D&code_challenge=y_U_BONt5ES1kCDpoLzbU8dyi0ORSOsc7ySgWfuRHb0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC40In0%3D

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5267 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07785135f8695fc1220cc7c36743c2444831163238808b124490bed367d22061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7d84532c89c8d973-HEL
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 16 Jun 2023 16:10:47 GMT
ot-baggage-auth0-request-id: 7d84532c89c8d973
ot-tracer-sampled: true
ot-tracer-spanid: 39980f4c46bd0bd3
ot-tracer-traceid: 091fd919690e9664
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-0000000000000000091fd919690e9664-39980f4c46bd0bd3-01
tracestate: auth0-request-id=7d84532c89c8d973,auth0=true
vary: Accept-Encoding
x-auth0-requestid: 3213297ed8f304ce7d15
x-content-type-options: nosniff
x-ratelimit-limit: 500
x-ratelimit-remaining: 499
x-ratelimit-reset: 1686931848

GET
H2 200 tracker-latest.min.js Show response
d2hrivdxn8ekm8.cloudfront.net/ 9 KB
9 KB 204ms
64ms Script
application/javascript 2600:9000:223f:1800:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: ibotta.com
URL: https://ibotta.com/r/onmcjom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1800:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d670621488b45b33d1a17b5e1250319b2ce513ededb4dbec847284c35e06f3d1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: FtDzqVxCNLcLRbf2i_demDjaD8dXoTf8
date: Fri, 16 Jun 2023 10:40:59 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 23:38:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 19789
x-amz-server-side-encryption: AES256
etag: "85ac140eb3a9fcf2b232e66ca1c134c3"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
content-length: 9238
x-amz-cf-id: 3icZwa-P7vBeC3lf72PNPbJtoZF-FrL9ZMzBjBuuTOlheJ6gk3SBGw==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 246ms
83ms Script
application/x-javascript 2a02:26f0:3100::1735:28f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=43427
accept-ranges: bytes
content-length: 4777

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 108 KB
28 KB 187ms
61ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 16 Jun 2023 16:10:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27810
x-xss-protection: 0
pragma: public
x-fb-debug: PDgunKRjuhUi76yWzmcTgjYwIWXuExETUYKKB76P5/VjtgHrdzf+GvMfxnNo+IXYajS1fSB/dlxCzH4hDDGhkw==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 191ms
61ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 14:35:22 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5725
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 16 Jun 2023 16:35:22 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 283ms
68ms Script
application/javascript 2a02:26f0:3500:881::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:881::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0063ead0fc6b4ddafaf004c17771309a5931249b36c40781ced840a776b9755b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "101ddadc6513f10acedb39dafd405d0d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1445

GET
H2 200 hotjar-2893975.js Show response
static.hotjar.com/c/ 9 KB
4 KB 222ms
90ms Script
application/javascript 108.138.7.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2893975.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-27.fra56.r.cloudfront.net

Software

Resource Hash

5b8fcd721bf1e8f1c66a0a790d01f37e4c55aef338a8cb4ea1b5a3aded88b0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 16:10:47 GMT
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/053a0bdd6fc36881a997eb41c54c6b9a
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 4_UkqhovLpNUlZeHinDUSefZUkXCAxAwCdiAaEqHmudGcCQ8bagfdw==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 236ms
89ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 16 Jun 2023 16:10:47 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7563BDDB5F0C4716A819B8B8F5524274 Ref B: FRAEDGE2015 Ref C: 2023-06-16T16:10:47Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 a-0320.min.js Show response
b-code.liadm.com/ 42 KB
15 KB 216ms
68ms Script
application/javascript 2600:9000:225e:6200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-0320.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6ca3cdf5a1ddd325621c6c2e362f0c0da90ef027a0f69d2a513123fe41078813

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 05:48:22 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 37345
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: 36kdeRFkwYySr3BAO89FbJabpw0fUaMhmxQEqz1UIGTv10d2gUmopw==

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 111ms
31ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: ibotta.com
URL: https://ibotta.com/r/onmcjom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:50:21 GMT
content-encoding: gzip
age: 1226
x-guploader-uploadid: ADPycdsx4lMDDFCACeWuGeVWAZYs-Nyv0ZXvwqYrjoXLGZyflFnOIWgQ9fqWNF-3B1a7XO1msIzm6IhHH4WBm5ouaNvjgQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Fri, 16 Jun 2023 16:50:21 GMT

GET
H2 200 A1304920-7676-40c5-9812-43f71a4d287e1.js Show response
d.impactradius-event.com/ 41 KB
13 KB 246ms
152ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A1304920-7676-40c5-9812-43f71a4d287e1.js
Requested by: Host: ibotta.com
URL: https://ibotta.com/r/onmcjom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5e4c6bb0f7e9f98433911497a906742bf0abc1f0842a6af136cdf97f3badb2e9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycduG1qQnUUmvhvVnwKz3zYc5wcuITuC0EQylhHxV8VyGM18nl8yVSpyGQ3D0uLH9CFJS9uqmfu4XmLc7nA9KBtaLbQl7WPcn
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13115
last-modified: Mon, 25 Oct 2021 14:14:02 GMT
server: UploadServer
etag: "2c6efde33ef386577e927634502efe1a"
vary: Accept-Encoding
x-goog-generation: 1635171242474403
x-goog-hash: crc32c=v/i33w==, md5=LG794z7zhld+knY0UC7+Gg==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13115
accept-ranges: bytes
expires: Fri, 16 Jun 2023 16:15:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 81ms
80ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-WDJL74V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

078678b1fc4b4546ab736d9a552f20b1935eeccb513438dd9c7d73b1f49761a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91043
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Jun 2023 16:10:47 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 285ms
95ms Script
application/javascript 2a02:26f0:3500:11::215:14d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: ibotta.com
URL: https://ibotta.com/r/onmcjom
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 16 Jun 2023 16:10:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
x-amz-request-id: 2YBFDHXY2BG0X743
ETag: "5a676288bcea03bd05e483bc4ce066ae"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3462
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11792
x-amz-id-2: X0mLy+zhQfGcMJeE6Lu48tPmxFSWqOpnSxdZQBh4ixekSso906hm/iT5X8JInwPSkeLM9fgFwoQ=
Expires: Fri, 16 Jun 2023 17:08:29 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 314ms
154ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CB6TC3JC77UFIN9HHQVG&lib=ttq
Requested by: Host: ibotta.com
URL: https://ibotta.com/r/onmcjom
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 756701f743db875a5da43e58a3c89a27fd1fb02d77fd48c0774495aed497e41e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: a48bdf0b.5a0828
date: Fri, 16 Jun 2023 16:10:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 93,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=6, inner; dur=3
content-length: 1381
pragma: no-cache
server: nginx
x-tt-logid: 202306161610472D1F98B274DC504C20FD
x-cache-remote: TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.24
x-tt-trace-host: 01f46b4174a3e1b36dfb6f9a81be98bee6116fd9983461e85939eeb1213ad7390607f354abc6b1c08eb8fbd8e86051b2e3c44a4e43b39deafdbb49cf3844cd8aef3300ed3f48f66a898a620ae83439fdcac122f21284e4afa6af15c3d0e7801c228f072587ebe37020ed960c7630c5a9c9
expires: Fri, 16 Jun 2023 16:10:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/926984635/ 3 KB
2 KB 235ms
82ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/926984635/?random=1686931847349&cv=11&fst=1686931847349&bg=ffffff&guid=ON&async=1&gtm=45He36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&label=2-KHCMGBzGYQu9OCugM&hn=www.googleadservices.com&frm=0&tiba=Ibotta&auid=330733662.1686931847&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bda8637e96396a2ef4aed37661576a0cb4bae2d78f82b2517b1b142842cad135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 601ms
137ms Image
image/gif 52.21.14.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=misc&pixid=380ca1d0-4cad-4a81-93f9-09ffcb719de9&gtmcb=1254338822
Requested by: Host: ibotta.com
URL: https://ibotta.com/r/onmcjom
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.14.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-14-181.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
260 B 134ms
133ms Image
image/gif 3.222.187.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=560310507&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1686931846974&hv=4.19.3

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.187.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-187-124.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 76ms
75ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-JP10KW76MD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

802c945809a9528acf5746e56a57c8a05b1df0b12cece9131b707f07eec5294f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Jun 2023 16:10:47 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
241 B 103ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=45je36e0&_p=1923087536&_gaz=1&cid=82006616.1686931848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686931847&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&dt=Ibotta&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_id=GTM-WDDWDQ&ep.gtm_container_version=248&ep.referral_page=&ep.user_timezone_timestamp=Fri%20Jun%2016%202023%2016%3A10%3A47%20GMT%2B0000%20(GMT)&ep.session_id_custom_dimension=1686931847314.m92rzw8&epn.user_timezone_offset=0&ep.user_agent_string=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&ep.language_custom_dimension=English&ep.responsive_breakpoint=desktop&ep.gtm_tag_name=GA4%20Configuration
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 219ms
80ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GT6GKTE2DV&cid=82006616.1686931848&gtm=45je36e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 235ms
89ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GT6GKTE2DV&cid=82006616.1686931848&gtm=45je36e0&aip=1&z=1084993645

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5a28e627 Show response
dvqigh9b7wa32.cloudfront.net/ 43 B
493 B 247ms
80ms XHR
image/gif 65.9.58.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YWI0MGI5ODktMjEzMi00NmY5LWI4YjUtOTc0NGZkOWZlNDgxJnNlc3Npb25JZD0wNjc3MWJhYi02ZTY2LTFlZmEtYTUyNS1mODU2ODU5NzAyZDU%3D&date=1686931847547
Requested by: Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-221.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 06:10:49 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 36818
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: nVekGb6svh3F1Ah6rA9Y_-0ujok9EPycz82ESOm2DKwuhNzg9UbQrw==

GET
H2 200 5a28e627 Show response
d330aiyvva2oww.cloudfront.net/ 43 B
485 B 246ms
80ms XHR
image/gif 2600:9000:2250:6000:3:760:2800:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE3JnRva2VuPWFiNDBiOTg5LTIxMzItNDZmOS1iOGI1LTk3NDRmZDlmZTQ4MSZzZXNzaW9uSWQ9MDY3NzFiYWItNmU2Ni0xZWZhLWE1MjUtZjg1Njg1OTcwMmQ1&date=1686931847547
Requested by: Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6000:3:760:2800:21 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 05:57:30 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 36798
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: dkB74UXvGpjhdjJvS9HS-GK64JvIBzWy4KSMBVoaKML0bk8xiOdUpA==

GET
H2 200 5a28e627 Show response
d1lu3pmaz2ilpx.cloudfront.net/ 43 B
441 B 245ms
83ms XHR
image/gif 2600:9000:225e:a400:17:f683:1d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YWI0MGI5ODktMjEzMi00NmY5LWI4YjUtOTc0NGZkOWZlNDgxJnNlc3Npb25JZD0wNjc3MWJhYi02ZTY2LTFlZmEtYTUyNS1mODU2ODU5NzAyZDUmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRmlib3R0YS5jb20lMkZyJTJGb25tY2pvbQ%3D%3D&date=1686931847552
Requested by: Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a400:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 06:53:26 GMT
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 33442
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 7-sXI2_6DlxluC6876QRzaQiW_SsbQyZrvKAF-ePOFlHrxKuoK83Xw==

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 317ms
214ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 16:10:47 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: n2zlrqw0pp2t
server: Google Frontend
x-cloud-trace-context: fcc32e5910540e5a8e0ed0f3a462bac6
x-powered-by: Express

POST
H2 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
129 B 220ms
215ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Jun 2023 16:10:48 GMT
server: Google Frontend
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 5e27e4cbc4d176d011c3130bfe7c41da
function-execution-id: dztoz4536uuh
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 modules.d300ab0f8311d57bf5d6.js Show response
script.hotjar.com/ 270 KB
69 KB 239ms
99ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d300ab0f8311d57bf5d6.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2893975.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

29a6e44de81a864485015f9623497c4729266f2be8244bf442caf96b53d43d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 100540
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 70183
last-modified: Thu, 15 Jun 2023 12:14:20 GMT
etag: "389003ed05f597fc11f5765f5651f0ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: bfdqyghff0PFPJ9KTmcZUnCRYpvJWkyZ5hJiJOVrTRyUc2ICTd00Ag==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 69ms
68ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1923087536&t=pageview&_s=1&dl=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&dr=&dp=%2Fr%2Fonmcjom&ul=en-us&de=UTF-8&dt=Ibotta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAFK~&jid=563040273&gjid=639824758&cid=82006616.1686931848&tid=UA-29017381-1&_gid=928569443.1686931848&_r=1&_slc=1&gtm=45He36e0n71WDDWDQ&cd8=GTM-WDDWDQ&cd9=248&cd10=&cd12=Fri%20Jun%2016%202023%2016%3A10%3A47%20GMT%2B0000%20(GMT)&cd13=1686931847331.hi32j1u&cd14=0&cd15=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&cd16=English&cd17=desktop&cd18=GA%20Page%20View%20-%20Core%20Page%20View&cd20=82006616.1686931848&cd21=82006616.1686931848&z=856210090

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 63ms
61ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.107

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 16 Jun 2023 16:10:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-xss-protection: 0
pragma: public
x-fb-debug: 8+LggBLEQeBCUXgatFWzLyZSJijp5ffPGrcrjzv/RK9NNfgdvDXH0IUemfcYy2aIOUmzUNluum1u5eKgQuoXPA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET 1919782858327617
connect.facebook.net/signals/config/ 0
0

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/88183/domain/ibotta.com/ 36 B
376 B 223ms
64ms XHR
application/json 2600:9000:20eb:f800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/88183/domain/ibotta.com/token
Requested by: Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:36:22 GMT
content-encoding: gzip
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2064
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: HWvSGjc65y3KUUq2dcowZyQMhNXFlMbTWDzynwhP4w5gkx47R1sE8g==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1686931847666&url=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1686931847666&url=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&e_ipv6=AQJXqnVBOhpPRAAAAYjE-TsM7wMclBAUeZ-U-WjDi-OOViHUuCLFUO8wFdARqkfTTLo7uOn6

0
264 B

400ms
240ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1686931847666&url=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&e_ipv6=AQJXqnVBOhpPRAAAAYjE-TsM7wMclBAUeZ-U-WjDi-OOViHUuCLFUO8wFdARqkfTTLo7uOn6
Requested by: Host: ibotta.com
URL: https://ibotta.com/r/onmcjom
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 91F027821E7B4F46A19F12E082C86293 Ref B: STOEDGE1213 Ref C: 2023-06-16T16:10:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX+QW2WhVLyo0CnrSnZew==

Redirect headers

date: Fri, 16 Jun 2023 16:10:47 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D008F1B0D0D04127AE1FDE8EEC026B95 Ref B: FRAEDGE1814 Ref C: 2023-06-16T16:10:47Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1686931847666&url=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&e_ipv6=AQJXqnVBOhpPRAAAAYjE-TsM7wMclBAUeZ-U-WjDi-OOViHUuCLFUO8wFdARqkfTTLo7uOn6
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX+QW2OeVWQCdCdIXakVg==

GET
H2 204 11041900.js Show response
bat.bing.com/p/action/ 0
117 B 208ms
199ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/11041900.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 16 Jun 2023 16:10:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A0659F59541044E380C16B1E9CAF653B Ref B: FRAEDGE2015 Ref C: 2023-06-16T16:10:47Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 109ms
108ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=11041900&Ver=2&mid=4cbb6a9b-c345-451a-b362-4f8b322818f0&sid=5aeb64a00c6011eea9cc793dabc181b9&vid=5aec3cc00c6011eeb02959747b14f9f4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ibotta&p=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&r=&lt=778&evt=pageLoad&sv=1&rn=738606

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Jun 2023 16:10:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8AAD246783154ED1B4FD915946D8E883 Ref B: FRAEDGE2015 Ref C: 2023-06-16T16:10:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.14eb2ef4.js Show response
s.pinimg.com/ct/lib/ 62 KB
18 KB 90ms
85ms Script
application/javascript 2a02:26f0:3500:881::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.14eb2ef4.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:881::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cfdc9706fe9b9ba84f87bb05a4c67a4c8dcc52297179fd44e00052e835cc9196

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "fe85b902a86ad6ce0e244ed2db1c45c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17990

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 104ms
103ms XHR
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-29017381-1&cid=82006616.1686931848&jid=563040273&gjid=639824758&_gid=928569443.1686931848&_u=YADAAUAAAAAAACAFK~&z=544605007

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Jun 2023 16:10:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 62ms
62ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1923087536&t=pageview&_s=1&dl=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&dr=&dp=%2Fr%2Fonmcjom&ul=en-us&de=UTF-8&dt=Ibotta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAFK~&jid=&gjid=&cid=82006616.1686931848&tid=UA-29017381-1&_gid=928569443.1686931848&gtm=45He36e0n71WDDWDQ&cd8=GTM-WDDWDQ&cd9=248&cd10=&cd12=Fri%20Jun%2016%202023%2016%3A10%3A47%20GMT%2B0000%20(GMT)&cd13=1686931847785.lmxvdhs&cd14=0&cd15=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&cd16=English&cd17=desktop&cd18=GA%20Page%20View%20-%20Core%20Page%20View&cd20=82006616.1686931848&cd21=82006616.1686931848&z=1722483934

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 19:24:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74756
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 68ms
64ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1923087536&t=pageview&_s=1&dl=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&dr=&dp=%2Fr%2Fonmcjom&ul=en-us&de=UTF-8&dt=Ibotta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAFK~&jid=&gjid=&cid=82006616.1686931848&tid=UA-29017381-1&_gid=928569443.1686931848&gtm=45He36e0n71WDDWDQ&cd8=GTM-WDDWDQ&cd9=248&cd10=&cd12=Fri%20Jun%2016%202023%2016%3A10%3A47%20GMT%2B0000%20(GMT)&cd13=1686931847831.mmyq8v5j&cd14=0&cd15=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&cd16=English&cd17=desktop&cd18=GA%20Page%20View%20-%20Core%20Page%20View&cd20=82006616.1686931848&cd21=82006616.1686931848&z=1389161573

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 19:24:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74756
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 40ms
39ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JP10KW76MD&gtm=45je36e0&_p=1923087536&cid=82006616.1686931848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&ngs=1&_s=1&sid=1686931847&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&dt=Ibotta&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-JP10KW76MD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1686931847914&aid=a-0320&se=e30&duid=4564d05c840b--01h32fjee34e7a9pdeg6fe7r9c&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&wpn=lc-bundle&c=PG1ldGEgZGF0YS1uLWhl...
https://rp4.liadm.com/j?dtstmp=1686931847914&aid=a-0320&se=e30&duid=4564d05c840b--01h32fjee34e7a9pdeg6fe7r9c&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&wpn=lc-bundle&c=PG1ldGEgZGF0YS1uLWh...

13 B
551 B

417ms
134ms

XHR
application/json

52.1.91.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1686931847914&aid=a-0320&se=e30&duid=4564d05c840b--01h32fjee34e7a9pdeg6fe7r9c&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&wpn=lc-bundle&c=PG1ldGEgZGF0YS1uLWhlYWQ9IjEiIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJldHRlciB0aGFuIGNvdXBvbnMhIEVhcm4gcmVhbCBjYXNoIGJhY2sgb24geW91ciBldmVyeWRheSBwdXJjaGFzZXMg4oCUIGluLXN0b3JlIGFuZCBvbmxpbmUuIj48dGl0bGU-SWJvdHRhPC90aXRsZT4&i6=MmEwYzpmMDQwOjA6Mjc5MDo6NmU%3D&n3pc=true

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Server

52.1.91.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-91-70.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:48 GMT
x-pixel-event-id: 14b11576-d265-4cad-af17-34bbc8bbe3c6
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: e5fe1860e115f109
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 16 Jun 2023 16:10:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1686931847914&aid=a-0320&se=e30&duid=4564d05c840b--01h32fjee34e7a9pdeg6fe7r9c&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&wpn=lc-bundle&c=PG1ldGEgZGF0YS1uLWhlYWQ9IjEiIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJldHRlciB0aGFuIGNvdXBvbnMhIEVhcm4gcmVhbCBjYXNoIGJhY2sgb24geW91ciBldmVyeWRheSBwdXJjaGFzZXMg4oCUIGluLXN0b3JlIGFuZCBvbmxpbmUuIj48dGl0bGU-SWJvdHRhPC90aXRsZT4&i6=MmEwYzpmMDQwOjA6Mjc5MDo6NmU%3D&n3pc=true
access-control-allow-origin: https://ibotta.com
request-time: 0
access-control-allow-credentials: true
trace-id: d9e91ecb3e900c26
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 204 0
bat.bing.com/actionp/ 0
120 B 94ms
93ms Ping
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=11041900&Ver=2&mid=4cbb6a9b-c345-451a-b362-4f8b322818f0&sid=5aeb64a00c6011eea9cc793dabc181b9&vid=5aec3cc00c6011eeb02959747b14f9f4&vids=1&msclkid=N&evt=dedup

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Jun 2023 16:10:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96F59642B313410BAAA3E9BC7E7B69AC Ref B: FRAEDGE2015 Ref C: 2023-06-16T16:10:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 122ms
118ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=11041900&Ver=2&mid=9a15beb6-2865-4a18-9457-9bdc23279d99&sid=5aeb64a00c6011eea9cc793dabc181b9&vid=5aec3cc00c6011eeb02959747b14f9f4&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ibotta&p=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&r=&lt=778&evt=pageLoad&sv=1&rn=304614

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Jun 2023 16:10:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4FFBF09B392A490F931A8DC0F2C2D41C Ref B: FRAEDGE2015 Ref C: 2023-06-16T16:10:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 88ms
87ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-29017381-1&cid=82006616.1686931848&jid=563040273&_u=YADAAUAAAAAAACAFK~&z=2134783474

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 86ms
85ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-29017381-1&cid=82006616.1686931848&jid=563040273&_u=YADAAUAAAAAAACAFK~&z=2134783474

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 chunk.8c5af17.js
ibotta.com/_nuxt/ 6 KB
3 KB 80ms
80ms Script
text/javascript 2600:9000:2250:da00:14:fc27:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.8c5af17.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.4d77fad.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2250:da00:14:fc27:88c0:93a1 , United States, ASN (),

Reverse DNS

Software

none /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/r/onmcjom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Tue, 13 Jun 2023 19:17:28 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-request-id: 7H4B2X50PEVS3K8D
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 248001
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PhG62yFPnUcOSlnT3hqg2E1jd/Eei81Dv06cbWeZqU9333XWsoZxUeE1bFeMSxsZ0msI6NyguLg=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 13 Jun 2023 19:06:57 GMT
server: none
etag: W/"ae9bdb3d31620f8086aa66b72169ef47"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: -0ysUCnW1hYjpbDYOcfQcy4nmbMy-SqFOVEzvwSjYJHCyQ3rSlJMEQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 35ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=45je36e0&_p=1923087536&cid=82006616.1686931848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1686931847&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&dt=Ibotta&en=scroll&ep.gtm_container_id=GTM-WDDWDQ&ep.gtm_container_version=248&ep.referral_page=&ep.user_timezone_timestamp=Fri%20Jun%2016%202023%2016%3A10%3A47%20GMT%2B0000%20(GMT)&ep.session_id_custom_dimension=1686931847314.m92rzw8&epn.user_timezone_offset=0&ep.user_agent_string=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&ep.language_custom_dimension=English&ep.responsive_breakpoint=desktop&ep.gtm_tag_name=GA4%20Configuration&epn.percent_scrolled=90&_et=16
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
60ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1923087536&t=event&ni=1&_s=1&dl=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&dr=&dp=%2Fr%2Fonmcjom&ul=en-us&de=UTF-8&dt=Ibotta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user&ea=client%20id&el=82006616.1686931848&_u=aADAAUABAAAAACAFK~&jid=&gjid=&cid=82006616.1686931848&tid=UA-29017381-1&_gid=928569443.1686931848&gtm=45He36e0n71WDDWDQ&cd1=logged_out&cd8=GTM-WDDWDQ&cd9=248&cd10=&cd12=Fri%20Jun%2016%202023%2016%3A10%3A48%20GMT%2B0000%20(GMT)&cd13=1686931848043.7i4au6yl&cd14=0&cd15=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&cd16=English&cd17=desktop&cd19=4.126.0&cd20=82006616.1686931848&cd21=82006616.1686931848&z=1743890282

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 19:24:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74757
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/926984635/ 42 B
64 B 113ms
113ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/926984635/?random=1686931847349&cv=11&fst=1686931200000&bg=ffffff&guid=ON&async=1&gtm=45He36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&label=2-KHCMGBzGYQu9OCugM&frm=0&tiba=Ibotta&fmt=3&is_vtc=1&random=2422626498&rmt_tld=0&ipr=y

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.fi/pagead/1p-user-list/926984635/ 42 B
64 B 113ms
113ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-user-list/926984635/?random=1686931847349&cv=11&fst=1686931200000&bg=ffffff&guid=ON&async=1&gtm=45He36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&label=2-KHCMGBzGYQu9OCugM&frm=0&tiba=Ibotta&fmt=3&is_vtc=1&random=2422626498&rmt_tld=1&ipr=y

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/user/ 567 B
614 B 316ms
110ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615531578369&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1686931848186&dep=2%2CPAGE_LOAD
Requested by: Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pin-unauth: dWlkPU1qaG1OV1EwWlRFdE1EUTRZeTAwT0dFNUxXSXpPR1V0WldJNU1HWmlOR000WkdVMg
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Fri, 16 Jun 2023 16:10:48 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibotta.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1489934347086237
content-length: 389
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MWE4ZjFkYTAyMQ.js
analytics.tiktok.com/i18n/pixel/static/ 310 KB
82 KB 95ms
94ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CB6TC3JC77UFIN9HHQVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: 5a08af
date: Fri, 16 Jun 2023 16:10:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230615120917DD244FE7993BE8DB97AF
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010e26a03730e71f9298020b8bd17476ffe756457775ca8baeaea3986aa7614e103a16503778dee65e9e0134f536726d099e37a3e009a29423b0eab7ceb5b3dd79edfbc7eb2dfcab181a0392e7707ad93fb83c2a38a6c483ba86797435e9876aaa
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 83476

GET
H2 204 2893975
vc.hotjar.io/sessions/ 0
259 B 250ms
82ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2893975?s=0.25&r=0.0644975944052204
Requested by: Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:48 GMT
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: J_5fk7AXX3fZQJtZhaijGKf7V6fxVtzkTiKcw87XPhAQyYVgEdzGeA==

GET
H2 200 l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ 17 KB
17 KB 283ms
72ms Font
application/font-woff2 2a02:26f0:3100::1735:28f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lys1mao.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://use.typekit.net/lys1mao.css
Origin: https://ibotta.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:48 GMT
server: nginx
etag: "b5e7c2e377d10b344b022d96a04daef295e61ac1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17052

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 88ms
88ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615531578369&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2214eb2ef4%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1686931848413
Requested by: Host: ibotta.com
URL: https://ibotta.com/r/onmcjom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:48 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1356290784162512
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

Primary Request signup Show response
authenticate.ibotta.com/u/
Redirect Chain

https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%...
https://authenticate.ibotta.com/u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGhNUml1Vk8tVFFlNnhpbWw3Y1dlck9GUnJWbDhHVzk4o2NpZNkgVzRISGZOUEF6b2h5Z1...

76 KB
77 KB

640ms
640ms

Document
text/html

2606:4700::6810:5267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authenticate.ibotta.com/u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGhNUml1Vk8tVFFlNnhpbWw3Y1dlck9GUnJWbDhHVzk4o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.472ec7f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5267 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5389b7fb9050b0199e1612a3563a3da2e88030b0713ed2f668d570a1cc096e76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ibotta.com/r/onmcjom
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7d845336e836d953-HEL
content-language: en
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 16:10:49 GMT
etag: W/"130f2-xfreiDRPmpIGs8IqVsHzD10m2uk"
expires: Fri, 16 Jun 2023 16:10:49 GMT
ot-baggage-auth0-request-id: 7d845336e836d953
ot-tracer-sampled: true
ot-tracer-spanid: 0649ffd753b18025
ot-tracer-traceid: 3619b86b4411532b
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-00000000000000003619b86b4411532b-0649ffd753b18025-01
tracestate: auth0-request-id=7d845336e836d953,auth0=true
vary: Accept-Encoding
x-auth0-requestid: b89057b780cbeb7b8de9
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 20
x-ratelimit-remaining: 19
x-ratelimit-reset: 1686931856
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7d845334fffad973-HEL
content-length: 426
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 16:10:48 GMT
location: /u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGhNUml1Vk8tVFFlNnhpbWw3Y1dlck9GUnJWbDhHVzk4o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
ot-baggage-auth0-request-id: 7d845334fffad973
ot-tracer-sampled: true
ot-tracer-spanid: 73f4f61c1c09fe6b
ot-tracer-traceid: 26a752835b3b7f1e
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-000000000000000026a752835b3b7f1e-73f4f61c1c09fe6b-01
tracestate: auth0-request-id=7d845334fffad973,auth0=true
vary: Accept, Accept-Encoding
x-auth0-requestid: 53ac238fe446052410ee
x-content-type-options: nosniff
x-ratelimit-limit: 500
x-ratelimit-remaining: 499
x-ratelimit-reset: 1686931849

GET
H2 200 bat.js
bat.bing.com/ 40 KB
12 KB 87ms
87ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/r/onmcjom

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 16 Jun 2023 16:10:48 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C931502B57D94C92B01AEEAA57433BCA Ref B: FRAEDGE2015 Ref C: 2023-06-16T16:10:48Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 A1304920-7676-40c5-9812-43f71a4d287e1.js
d.impactradius-event.com/ 41 KB
13 KB 34ms
33ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A1304920-7676-40c5-9812-43f71a4d287e1.js
Requested by: Host: ibotta.com
URL: https://ibotta.com/r/onmcjom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:47 GMT
content-encoding: gzip
age: 1
x-guploader-uploadid: ADPycduG1qQnUUmvhvVnwKz3zYc5wcuITuC0EQylhHxV8VyGM18nl8yVSpyGQ3D0uLH9CFJS9uqmfu4XmLc7nA9KBtaLbQl7WPcn
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13115
last-modified: Mon, 25 Oct 2021 14:14:02 GMT
server: UploadServer
etag: "2c6efde33ef386577e927634502efe1a"
vary: Accept-Encoding
x-goog-generation: 1635171242474403
x-goog-hash: crc32c=v/i33w==, md5=LG794z7zhld+knY0UC7+Gg==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13115
accept-ranges: bytes
expires: Fri, 16 Jun 2023 16:15:47 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
64ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1923087536&t=pageview&_s=1&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Donmcjom&dr=&dp=%2Fregister%3Ffriend%3Donmcjom&ul=en-us&de=UTF-8&dt=Ibotta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAFK~&jid=&gjid=&cid=82006616.1686931848&tid=UA-29017381-1&_gid=928569443.1686931848&gtm=45He36e0n71WDDWDQ&cd1=logged_out&cd8=GTM-WDDWDQ&cd9=248&cd10=&cd12=Fri%20Jun%2016%202023%2016%3A10%3A48%20GMT%2B0000%20(GMT)&cd13=1686931848466.rymxoy9a&cd14=0&cd15=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&cd16=English&cd17=desktop&cd18=GA%20Page%20View%20-%20Core%20Page%20View&cd19=4.126.0&cd30=web-v2&cd20=82006616.1686931848&cd21=82006616.1686931848&z=1444684984

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 19:24:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74757
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 138ms
137ms Image
image/gif 3.222.187.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=560310507&u=5213903776079348&v=3031111398378121&s=2918830188135571&b=web&tv=4.0&z=2&h=%2Fregister&q=%3Ffriend%3Donmcjom&d=ibotta.com&t=Create%20Ibotta%20Account%20%7C%20Ibotta&k=web-v-2-down-for-maintenance&k=false&k=web-v-2-popular-online-cpg-retailer-list&k=true&k=web-v-2-popular-search-terms-data&k=true&k=web-v-2-popular-sort-option&k=false&k=web-v-2-recommended-offers-enabled&k=false&k=web-v-2-referral-page-copy&k=true&k=web-v-2-referral-page-terms&k=Savers%20will%20earn%20%2410%20when%20they%20refer%20a%20friend%20who%3A%20(i)%20is%20a%20new%20user%20to%20Ibotta%3B%20(ii)%20registers%20with%20Ibotta%20on%20a%20unique%20device%20with%20the%20Saver%E2%80%99s%20referral%20code%20(the%20%E2%80%9CReferred%20Saver%E2%80%9D)%3B%20and%20(iii)%20completes%20a%20Qualifying%20Offer%20(as%20defined%20below)%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20The%20Referred%20Saver%20will%20earn%20a%20referral%20bonus%20upon%20registration%20and%20completion%20of%20a%20Qualifying%20Offer%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20A%20Qualifying%20Offer%20includes%20an%20offer%2C%20Any%20Brand%2C%20or%20Any%20Receipt%20offer.%20Online%20shopping%20transactions%20are%20not%20considered%20a%20Qualifying%20Offer%20until%20the%20offer%20pending%20period%20is%20complete%2C%20and%20the%20offer%20is%20credited%20to%20the%20Referred%20Saver%E2%80%99s%20account.%20Ibotta%20reserves%20the%20right%20to%20adjust%20these%20terms%20or%20the%20bonus%20amounts%20at%20any%20time.%20Prices%2C%20offers%2C%20cash-back%20amounts%2C%20bonuses%2C%20and%20the%20referral%20period%20may%20vary%20and%20are%20subject%20to%20change%20without%20notice.%20All%20accounts%20are%20subject%20to%20review.%20Additional%20terms%20and%20conditions%20may%20apply.&k=web-v-2-sold-out-offers-list&k=true&k=web-v-2-registration-page-copy&k=true&k=web-v-2-cashout-on-web-payments-env&k=production&k=web-v-2-customer-metadata-override&k=false&k=web-v-2-browser-profiling-is-enabled&k=false&k=web-v-2-browser-profiling-home-is-enabled&k=false&k=web-v-2-browser-profiling-cashout-is-enabled&k=true&k=web-v-2-bex-required-retailer-update-enabled&k=true&k=web-v2-direct-integration-retailer-list&k=true&k=web-v-2-feedback-survey&k=true&k=web-disco-cashout-age-threshold&k=7&k=web-v-2-special-deals-enabled&k=true&k=web-v-2-retailer-thumbnail-updates-enabled&k=true&k=web-v-2-logged-out-item-offers&k=true&k=web-v-2-home-page-recommendation&k=Control&k=web-messaging-auth-enabled&k=false&k=web-v-2-in-store-retailers-enabled&k=false&k=web-v-2-retailer-groups-enabled&k=false&k=unified-account-linking-retailer-list&k=true&ts=1686931848509&pr=%2Fr%2Fonmcjom&sp=ts&sp=1686931846984&sp=d&sp=ibotta.com&sp=h&sp=%2Fr%2Fonmcjom&st=1686931848510

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.187.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-187-124.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 ct.html
ct.pinterest.com/ Frame F680 565 B
403 B 84ms
83ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.14eb2ef4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 16:10:48 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1571431424343625

GET
H2 200 identify_f7fa8.js
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 59ms
59ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_f7fa8.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: 5a0900
date: Fri, 16 Jun 2023 16:10:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230615120918F26473E06A471A2FDD3E
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010e26a03730e71f9298020b8bd17476ffe756457775ca8baeaea3986aa7614e1081608435dfd70d7b52dfe7325cce41ec3d820016f77420fca4d7e967f9d8b17754341e72ec1a77dc21a5d7c81371a2f072f8a819af6289e5af5d56ae3bbf8645
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30819

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
688 B 194ms
194ms Ping
text/plain 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b6ab3661.5a0911
date: Fri, 16 Jun 2023 16:10:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 128,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=39, inner; dur=35
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202306161610485B26415A4B1231795401
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.220.104.8
x-tt-trace-host: 01f46b4174a3e1b36dfb6f9a81be98bee6116fd9983461e85939eeb1213ad73906b0afdd33cdf27bfd9338c1194b58908460bfa2c2ca601912c8ecce8f86f3b119fd75fcf0d843535a154a818ae3cd59cb2c1ad40ed1bce3e6ec1dde2145eca73316c058f8e5fca20c79d6af3b5c47c557
expires: Fri, 16 Jun 2023 16:10:48 GMT

POST
H2 204 0
bat.bing.com/actionp/ 0
119 B 88ms
87ms Ping
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=11041900&Ver=2&mid=9a15beb6-2865-4a18-9457-9bdc23279d99&sid=5aeb64a00c6011eea9cc793dabc181b9&vid=5aec3cc00c6011eeb02959747b14f9f4&vids=0&msclkid=N&evt=dedup

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Jun 2023 16:10:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 470AD71DCD634926B21B2F102F5AD606 Ref B: FRAEDGE2015 Ref C: 2023-06-16T16:10:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.analytics.google.com/g/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

GET
H2 200 main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.75.5/css/ 248 KB
60 KB 212ms
64ms Stylesheet
text/css 2600:9000:214f:e00:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/ulp/react-components/1.75.5/css/main.cdn.min.css
Requested by: Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGhNUml1Vk8tVFFlNnhpbWw3Y1dlck9GUnJWbDhHVzk4o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85bd359fdb84baf3ee29f3b91bd1b23ad2bedf57257b537b28125f9af77af3df

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: _pXBW2Nv4yqFHNMANO_uesJawlfXutCV
content-encoding: gzip
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
date: Fri, 16 Jun 2023 03:16:40 GMT
x-amz-cf-pop: FRA53-C1
age: 46449
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Tue, 06 Jun 2023 17:44:45 GMT
server: AmazonS3
etag: W/"a697fcc6dba78afed508a3b99ad8b627"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000,public
x-amz-cf-id: A1YRstyaJHz6C_BU_xgIz7hGAbuvKqI2166FGl56MR_5otHdLL25tg==

GET
H2 200 IbottaLogo_Primary_Pink.png
home.ibotta.com/wp-content/uploads/2019/06/ 8 KB
8 KB 157ms
50ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.ibotta.com/wp-content/uploads/2019/06/IbottaLogo_Primary_Pink.png
Requested by: Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGhNUml1Vk8tVFFlNnhpbWw3Y1dlck9GUnJWbDhHVzk4o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23066efd6ca168e650f9d4eeb195ce3c641446a359b39c9f4782c1653ce5a042

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:49 GMT
cf-cache-status: HIT
age: 188748
cf-polished: origFmt=png, origSize=17157
content-disposition: inline; filename="IbottaLogo_Primary_Pink.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8102
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2023 23:19:54 GMT
server: cloudflare
etag: "63d9a21a-4305"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d84533bc8b42d6f-ARN

GET
H2 200 heap-560310507.js Show response
cdn.heapanalytics.com/js/ 112 KB
36 KB 63ms
62ms Script
application/javascript 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-560310507.js

Requested by

Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGhNUml1Vk8tVFFlNnhpbWw3Y1dlck9GUnJWbDhHVzk4o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

nginx / Express

Resource Hash

3c67a0eea1a39842a5e8d3fd97976433fe0f85a87b94dccbf90af92d00a3e7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:10:38 GMT
content-encoding: br
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA60-P1
age: 11
x-powered-by: Express
etag: W/"1bfb9-tUR8n2YeMSbYFm3T4vwCNYJJilg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: w1bZdIPZxCSn4trGFhZjeLssI--GlJ6hMU6XnNt9t5CoInYH2zqV2Q==

GET
H2 404 quantum-ibotta.js
cdn.quantummetric.com/qscripts/ 0
0 721ms
643ms Script
text/html 2606:4700:10::6816:35fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Requested by: Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGhNUml1Vk8tVFFlNnhpbWw3Y1dlck9GUnJWbDhHVzk4o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin: https://authenticate.ibotta.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40509b0dde867ef35b2ea1d935c4293e4dd27408934ea8284eb626d0560ff142

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 688 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 435 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6066c4de3dc65aabbcddba7ab83bc2396fa8327501c57e5902c8ba5057c88c6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 134ms
134ms Image
image/gif 3.222.187.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=560310507&u=5213903776079348&v=4878798470893678&s=2918830188135571&b=web&tv=4.0&z=2&h=%2Fu%2Fsignup&q=%3Fstate%3DhKFo2SBqeEEtNHNxZjFuRUcyZ09ZMm1fQTFNUklPcEdJS1c5N6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGhNUml1Vk8tVFFlNnhpbWw3Y1dlck9GUnJWbDhHVzk4o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08&d=authenticate.ibotta.com&t=Create%20Ibotta%20Account&k=web-v-2-down-for-maintenance&k=false&k=web-v-2-popular-online-cpg-retailer-list&k=true&k=web-v-2-popular-search-terms-data&k=true&k=web-v-2-popular-sort-option&k=false&k=web-v-2-recommended-offers-enabled&k=false&k=web-v-2-referral-page-copy&k=true&k=web-v-2-referral-page-terms&k=Savers%20will%20earn%20%2410%20when%20they%20refer%20a%20friend%20who%3A%20(i)%20is%20a%20new%20user%20to%20Ibotta%3B%20(ii)%20registers%20with%20Ibotta%20on%20a%20unique%20device%20with%20the%20Saver%E2%80%99s%20referral%20code%20(the%20%E2%80%9CReferred%20Saver%E2%80%9D)%3B%20and%20(iii)%20completes%20a%20Qualifying%20Offer%20(as%20defined%20below)%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20The%20Referred%20Saver%20will%20earn%20a%20referral%20bonus%20upon%20registration%20and%20completion%20of%20a%20Qualifying%20Offer%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20A%20Qualifying%20Offer%20includes%20an%20offer%2C%20Any%20Brand%2C%20or%20Any%20Receipt%20offer.%20Online%20shopping%20transactions%20are%20not%20considered%20a%20Qualifying%20Offer%20until%20the%20offer%20pending%20period%20is%20complete%2C%20and%20the%20offer%20is%20credited%20to%20the%20Referred%20Saver%E2%80%99s%20account.%20Ibotta%20reserves%20the%20right%20to%20adjust%20these%20terms%20or%20the%20bonus%20amounts%20at%20any%20time.%20Prices%2C%20offers%2C%20cash-back%20amounts%2C%20bonuses%2C%20and%20the%20referral%20period%20may%20vary%20and%20are%20subject%20to%20change%20without%20notice.%20All%20accounts%20are%20subject%20to%20review.%20Additional%20terms%20and%20conditions%20may%20apply.&k=web-v-2-sold-out-offers-list&k=true&k=web-v-2-registration-page-copy&k=true&k=web-v-2-cashout-on-web-payments-env&k=production&k=web-v-2-customer-metadata-override&k=false&k=web-v-2-browser-profiling-is-enabled&k=false&k=web-v-2-browser-profiling-home-is-enabled&k=false&k=web-v-2-browser-profiling-cashout-is-enabled&k=true&k=web-v-2-bex-required-retailer-update-enabled&k=true&k=web-v2-direct-integration-retailer-list&k=true&k=web-v-2-feedback-survey&k=true&k=web-disco-cashout-age-threshold&k=7&k=web-v-2-special-deals-enabled&k=true&k=web-v-2-retailer-thumbnail-updates-enabled&k=true&k=web-v-2-logged-out-item-offers&k=true&k=web-v-2-home-page-recommendation&k=Control&k=web-messaging-auth-enabled&k=false&k=web-v-2-in-store-retailers-enabled&k=false&k=web-v-2-retailer-groups-enabled&k=false&k=unified-account-linking-retailer-list&k=true&ts=1686931849813&sp=ts&sp=1686931846984&sp=d&sp=ibotta.com&sp=h&sp=%2Fr%2Fonmcjom&st=1686931849814

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.187.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-187-124.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 16:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1919782858327617?v=2.9.107&r=stable

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=45je36e0&_p=1923087536&cid=82006616.1686931848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1686931847&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fr%2Fonmcjom&dt=Ibotta&_s=3

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=11041900&Ver=2&mid=4cbb6a9b-c345-451a-b362-4f8b322818f0&sid=5aeb64a00c6011eea9cc793dabc181b9&vid=5aec3cc00c6011eeb02959747b14f9f4&vids=1&msclkid=N&evt=pageHide

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=11041900&Ver=2&mid=9a15beb6-2865-4a18-9457-9bdc23279d99&sid=5aeb64a00c6011eea9cc793dabc181b9&vid=5aec3cc00c6011eeb02959747b14f9f4&vids=0&msclkid=N&evt=pageHide

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| heap

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ibotta.com/	1970-01-20 12:35:32	Name: _dd_s Value: rum=0&expire=1686932745891
ibotta.com/	1970-01-20 21:21:07	Name: i18n_redirected Value: en
.ibotta.com/	1970-01-20 14:45:07	Name: %40%40 Value: 1
ibotta.com/	1970-01-20 21:21:07	Name: RoktRecogniser Value: 252983f0-e657-4e57-89c6-af9df492d48f
apps.rokt.com/	1969-12-31 23:59:59	Name: akaalb_Instance-1 Value: ~op=Prod_API:Prod-API-EU-West-1\|Prod_WSDK_S3:Prod-SDK-S3\|~rv=30~m=Prod-API-EU-West-1:0\|Prod-SDK-S3:0\|~os=141f223fa3e939d66e4926adb7c49b34~id=4278372de8d3b38b4e9bba0a24e84ae5
.ibotta.com/	1970-01-20 14:45:07	Name: vuex Value: {%22user%22:null}
ibotta.com/	1969-12-31 23:59:59	Name: gsi Value: f0437df1f7974c3bad05777edd3a5327
ibotta.com/	1970-01-20 21:21:07	Name: early_identifier Value: a128136080654a6b9f582a45d6b6ade7
ibotta.com/	1969-12-31 23:59:59	Name: ibotta-ts Value: {%22exp%22:1686933646877%2C%22id%22:%22af84ec19-1a34-4810-b4fd-c3d1d9342623%22%2C%22timestamp%22:1686931846877}
.ibotta.com/	1970-01-20 22:03:29	Name: _hp2_props.560310507 Value: %7B%22web-v-2-down-for-maintenance%22%3Afalse%2C%22web-v-2-popular-online-cpg-retailer-list%22%3Atrue%2C%22web-v-2-popular-search-terms-data%22%3Atrue%2C%22web-v-2-popular-sort-option%22%3Afalse%2C%22web-v-2-recommended-offers-enabled%22%3Afalse%2C%22web-v-2-referral-page-copy%22%3Atrue%2C%22web-v-2-referral-page-terms%22%3A%22Savers%20will%20earn%20%2410%20when%20they%20refer%20a%20friend%20who%3A%20(i)%20is%20a%20new%20user%20to%20Ibotta%3B%20(ii)%20registers%20with%20Ibotta%20on%20a%20unique%20device%20with%20the%20Saver%E2%80%99s%20referral%20code%20(the%20%E2%80%9CReferred%20Saver%E2%80%9D)%3B%20and%20(iii)%20completes%20a%20Qualifying%20Offer%20(as%20defined%20below)%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20The%20Referred%20Saver%20will%20earn%20a%20referral%20bonus%20upon%20registration%20and%20completion%20of%20a%20Qualifying%20Offer%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20A%20Qualifying%20Offer%20includes%20an%20offer%2C%20Any%20Brand%2C%20or%20Any%20Receipt%20offer.%20Online%20shopping%20transactions%20are%20not%20considered%20a%20Qualifying%20Offer%20until%20the%20offer%20pending%20period%20is%20complete%2C%20and%20the%20offer%20is%20credited%20to%20the%20Referred%20Saver%E2%80%99s%20account.%20Ibotta%20reserves%20the%20right%20to%20adjust%20these%20terms%20or%20the%20bonus%20amounts%20at%20any%20time.%20Prices%2C%20offers%2C%20cash-back%20amounts%2C%20bonuses%2C%20and%20the%20referral%20period%20may%20vary%20and%20are%20subject%20to%20change%20without%20notice.%20All%20accounts%20are%20subject%20to%20review.%20Additional%20terms%20and%20conditions%20may%20apply.%22%2C%22web-v-2-sold-out-offers-list%22%3Atrue%2C%22web-v-2-registration-page-copy%22%3Atrue%2C%22web-v-2-cashout-on-web-payments-env%22%3A%22production%22%2C%22web-v-2-customer-metadata-override%22%3Afalse%2C%22web-v-2-browser-profiling-is-enabled%22%3Afalse%2C%22web-v-2-browser-profiling-home-is-enabled%22%3Afalse%2C%22web-v-2-browser-profiling-cashout-is-enabled%22%3Atrue%2C%22web-v-2-bex-required-retailer-update-enabled%22%3Atrue%2C%22web-v2-direct-integration-retailer-list%22%3Atrue%2C%22web-v-2-feedback-survey%22%3Atrue%2C%22web-disco-cashout-age-threshold%22%3A7%2C%22web-v-2-special-deals-enabled%22%3Atrue%2C%22web-v-2-retailer-thumbnail-updates-enabled%22%3Atrue%2C%22web-v-2-logged-out-item-offers%22%3Atrue%2C%22web-v-2-home-page-recommendation%22%3A%22Control%22%2C%22web-messaging-auth-enabled%22%3Afalse%2C%22web-v-2-in-store-retailers-enabled%22%3Afalse%2C%22web-v-2-retailer-groups-enabled%22%3Afalse%2C%22unified-account-linking-retailer-list%22%3Atrue%7D
.ibotta.com/	1970-01-20 14:45:07	Name: _gcl_au Value: 1.1.330733662.1686931847
.ibotta.com/	1970-01-20 12:35:33	Name: _hp2_ses_props.560310507 Value: %7B%22ts%22%3A1686931846984%2C%22d%22%3A%22ibotta.com%22%2C%22h%22%3A%22%2Fr%2Fonmcjom%22%7D
ibotta.com/	1970-01-20 21:21:07	Name: __pdst Value: 8e90688e8266493ba5ac0775e1368a11
ibotta.com/	1970-01-20 22:11:31	Name: tatari-cookie-test Value: 77917347
.ibotta.com/	1970-01-20 22:11:31	Name: tatari-session-cookie Value: 06771bab-6e66-1efa-a525-f856859702d5
.ibotta.com/	1970-01-20 12:35:32	Name: t-ip Value: 1
.ibotta.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .ibotta.com
.ibotta.com/	1970-01-20 22:11:31	Name: _lc2_fpi Value: 4564d05c840b--01h32fjee34e7a9pdeg6fe7r9c
authenticate.ibotta.com/	1970-01-20 21:21:29	Name: did Value: s%3Av0%3A5ad27600-0c60-11ee-b4a6-39478067faec.a%2FXagXwscteGqNLTlBeUDNuT3gHXY7s3CWFgwKCVzpw
authenticate.ibotta.com/	1970-01-20 21:21:29	Name: did_compat Value: s%3Av0%3A5ad27600-0c60-11ee-b4a6-39478067faec.a%2FXagXwscteGqNLTlBeUDNuT3gHXY7s3CWFgwKCVzpw
.ibotta.com/	1970-01-20 12:36:58	Name: _gid Value: GA1.2.928569443.1686931848
.ibotta.com/	1970-01-20 12:35:31	Name: _gat_UA-29017381-1 Value: 1
.doubleclick.net/	1970-01-20 12:35:32	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-20 21:57:07	Name: MUID Value: 1DEDAE02540160B02775BD3055D361BA
.tiktok.com/	1970-01-20 21:57:07	Name: _ttp Value: 2RIJprW1G3NEFv3lyxLRUDyAsdj
.ibotta.com/	1969-12-31 23:59:59	Name: IR_gbd Value: ibotta.com
.ibotta.com/	1970-01-20 22:11:31	Name: _ga_JP10KW76MD Value: GS1.1.1686931847.1.0.1686931847.0.0.0
.ibotta.com/	1970-01-20 12:36:58	Name: _uetsid Value: 5aeb64a00c6011eea9cc793dabc181b9
.ibotta.com/	1970-01-20 21:57:07	Name: _uetvid Value: 5aec3cc00c6011eeb02959747b14f9f4
ibotta.com/	1970-01-20 12:36:58	Name: ln_or Value: eyI4ODE4MyI6ImQifQ%3D%3D
.linkedin.com/	1970-01-20 21:21:07	Name: bcookie Value: "v=2&6b834099-4f1d-4897-8fc7-eb29904c6ce4"
.linkedin.com/	1970-01-20 16:54:43	Name: li_gc Value: MTswOzE2ODY5MzE4NDc7MjswMjEyfE7lc7Hia544F/zxpHBrG/BNDAYXEgLw6Yzh2Z+H5Q==
.linkedin.com/	1970-01-20 12:36:58	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2778:u=1:x=1:i=1686931847:t=1687018247:v=2:sig=AQFs_YcqoxsIfFyxGSIIRLaCuuFk8r9h"
.ibotta.com/	1970-01-20 22:11:31	Name: _ga Value: GA1.2.82006616.1686931848
.ibotta.com/	1970-01-20 21:21:07	Name: _hjSessionUser_2893975 Value: eyJpZCI6ImIyZDgxYWFlLWU4OWMtNWZmZC1iN2NlLWQ1M2YzYzE2YWRjMCIsImNyZWF0ZWQiOjE2ODY5MzE4NDgyOTcsImV4aXN0aW5nIjpmYWxzZX0=
.ibotta.com/	1970-01-20 12:35:33	Name: _hjFirstSeen Value: 1
.ibotta.com/	1970-01-20 12:35:31	Name: _hjIncludedInSessionSample_2893975 Value: 0
.ibotta.com/	1970-01-20 12:35:33	Name: _hjSession_2893975 Value: eyJpZCI6ImIzNWZkNzVjLTQzMmItNDk3Ni1hOWFlLTA0MGQ0Zjc3ZjM1MCIsImNyZWF0ZWQiOjE2ODY5MzE4NDgzNDQsImluU2FtcGxlIjpmYWxzZX0=
.ibotta.com/	1970-01-20 12:35:33	Name: _hjAbsoluteSessionInProgress Value: 1
.liadm.com/	1970-01-20 22:11:31	Name: lidid Value: 5bfcca2c-81d6-4aa3-91e6-916dfb7af45c
.ibotta.com/	1969-12-31 23:59:59	Name: IR_8841 Value: 1686931847966%7C0%7C1686931847966%7C%7C
.ibotta.com/	1970-01-20 21:21:07	Name: _pin_unauth Value: dWlkPU1qaG1OV1EwWlRFdE1EUTRZeTAwT0dFNUxXSXpPR1V0WldJNU1HWmlOR000WkdVMg
.ibotta.com/	1970-01-20 21:57:07	Name: _tt_enable_cookie Value: 1
.ibotta.com/	1970-01-20 21:57:07	Name: _ttp Value: Ml7liFLgvq4183TlIw0UBVKsWMx
authenticate.ibotta.com/	1970-01-20 12:39:51	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOiLXudcKpadyexQU7AH2TT4Oi941shKxnF9peGtkZNiexek_9mCzpiD5dWhpI_wZVJwFgnwPWszTqYn-PQBQ0imY29va2llg6dleHBpcmVz1_-jyycAZJB-CK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.I2fesIIAFyi5WGHrZyHCs1rCYzwNnqbseBg5VJwlCNQ
authenticate.ibotta.com/	1970-01-20 12:39:51	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOiLXudcKpadyexQU7AH2TT4Oi941shKxnF9peGtkZNiexek_9mCzpiD5dWhpI_wZVJwFgnwPWszTqYn-PQBQ0imY29va2llg6dleHBpcmVz1_-jyycAZJB-CK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.I2fesIIAFyi5WGHrZyHCs1rCYzwNnqbseBg5VJwlCNQ
.ibotta.com/	1970-01-20 22:11:31	Name: _ga_GT6GKTE2DV Value: GS1.1.1686931847.1.0.1686931849.58.0.0
.ibotta.com/	1970-01-20 22:03:29	Name: _hp2_id.560310507 Value: %7B%22userId%22%3A%225213903776079348%22%2C%22pageviewId%22%3A%224878798470893678%22%2C%22sessionId%22%3A%222918830188135571%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.quantummetric.com/qscripts/quantum-ibotta.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.ibops.net
app.launchdarkly.com
apps.rokt.com
authenticate.ibotta.com
b-code.liadm.com
bat.bing.com
cdn.auth0.com
cdn.heapanalytics.com
cdn.linkedin.oribi.io
cdn.pdst.fm
cdn.quantummetric.com
clientstream.launchdarkly.com
connect.facebook.net
ct.pinterest.com
d.impactradius-event.com
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
data.adxcel-ec2.com
dvqigh9b7wa32.cloudfront.net
googleads.g.doubleclick.net
heapanalytics.com
home.ibotta.com
ibotta.com
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
vc.hotjar.io
websdk.appsflyer.com
www.google-analytics.com
www.google.com
www.google.fi
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
bat.bing.com
connect.facebook.net
region1.analytics.google.com
108.138.7.27
13.107.42.14
13.248.151.210
13.32.121.85
141.193.213.21
151.101.128.84
151.101.2.217
18.66.112.110
2001:4860:4802:32::36
2001:4860:4802:36::36
23.36.163.228
2600:1f18:730:b140:9f43:4609:98a4:9314
2600:9000:20eb:f800:2:53b2:240:93a1
2600:9000:214f:e00:10:474e:104a:2961
2600:9000:223f:1800:17:3f5c:f800:21
2600:9000:2250:6000:3:760:2800:21
2600:9000:2250:da00:14:fc27:88c0:93a1
2600:9000:225e:6200:8:8845:1500:93a1
2600:9000:225e:a400:17:f683:1d40:21
2606:4700:10::6816:35fc
2606:4700::6810:5267
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c02::9c
2a02:26f0:3100::1735:28e2
2a02:26f0:3100::1735:28f0
2a02:26f0:3500:11::215:14d5
2a02:26f0:3500:11::215:14d9
2a02:26f0:3500:881::1931
2a03:2880:f083:9:face:b00c:0:3
3.222.187.124
34.206.37.242
35.186.249.72
35.244.142.80
52.1.91.70
52.21.14.181
52.222.236.43
65.9.58.221
0063ead0fc6b4ddafaf004c17771309a5931249b36c40781ced840a776b9755b
05e8e4323760406c6cb21d818a8558c3d5c7ac5fd639b1e1fd0f5d4d86346f83
07785135f8695fc1220cc7c36743c2444831163238808b124490bed367d22061
078678b1fc4b4546ab736d9a552f20b1935eeccb513438dd9c7d73b1f49761a3
1b1c0409e34511f213750c281bc67508aa62efc78c4cac5779b3a7900de362a6
1b9801a9f015a02424dd6f88e64066b54effcb9f1bdc02a06acf7bb5f8be6f8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
23066efd6ca168e650f9d4eeb195ce3c641446a359b39c9f4782c1653ce5a042
2501dc68e894f97954d8bd445940068804b109c43c3d1d8ab8dbc7cd09dcbc8f
25bb1b125f420bd697c938b62f112f7dbdb838cfcc45de82f0b1c449206ec835
29a6e44de81a864485015f9623497c4729266f2be8244bf442caf96b53d43d82
2b5a46b2b8cdb89baa4ae90c0b0d7aafc03370b37c05b4797a78204c4bccfdc8
2cc592ab4b5053f100119b00dfe3c96c3a8dc6213a59e789dc6f09bee301c24b
2d18666f0070c1d3d86b414b2f63d771c50c085457c31efc9abffb423054baf1
2da9f9802acf5725de0c738b1f685ca720f92d029ea41836181b104bdda52a7a
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
3557177e20754969b0b0dd9a5200a4c654ad8380fe7afcff3f6638cda5139abe
3851b178b0373dffa9438a26fb712baaef5e039b04217282b20eaef60d550b12
3c67a0eea1a39842a5e8d3fd97976433fe0f85a87b94dccbf90af92d00a3e7e1
3e0d8c2581073748be20b173e508486be2b55770eacb668d19eea1fb3ae7cc75
40509b0dde867ef35b2ea1d935c4293e4dd27408934ea8284eb626d0560ff142
469b9733ce455b6a1d956f75a4f5a345ec8b11ecbe68e0d299c2e80b3b41d3f1
46eb1c3757e1ba6ef4781988c309166541a7d68bce70755ec76cf254b518ca5f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5389b7fb9050b0199e1612a3563a3da2e88030b0713ed2f668d570a1cc096e76
5aeb4d332e4ec64a4a28b9a26b6b73f4e4f80b48ab2dceb386a1afd2bba732ca
5b8fcd721bf1e8f1c66a0a790d01f37e4c55aef338a8cb4ea1b5a3aded88b0c4
5e4c6bb0f7e9f98433911497a906742bf0abc1f0842a6af136cdf97f3badb2e9
6272becd27736d37e5970ac216ab5c0e663878f4b9bea3ab994c551e1600b063
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6b7f9dd9f16dcf6d7deb86eb8aaebb7914ce1ac568a7e818b8da841a633ce287
6ca3cdf5a1ddd325621c6c2e362f0c0da90ef027a0f69d2a513123fe41078813
7189a672dd4779dec6c51a011451cf7a0d22f11824bd9ec0232775108d18ebf1
756701f743db875a5da43e58a3c89a27fd1fb02d77fd48c0774495aed497e41e
75a099d5c0fa41ab884e9c6c125e9d78e3b22ebedf193194c4690e0325071aed
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
802c945809a9528acf5746e56a57c8a05b1df0b12cece9131b707f07eec5294f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85bd359fdb84baf3ee29f3b91bd1b23ad2bedf57257b537b28125f9af77af3df
87de579704ad7c90f1ba13b35ce99f431e6b0d824e6d84d401022e27204400e7
896820402d69ca61150c91dd7fa5c602bb431dfd2a318a00de8c185b37b4f2fb
8af9f3422c8dd10d3c9027aeb9f2a05bf9ae9485d59ba140b7e6b325aa98e242
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bda8637e96396a2ef4aed37661576a0cb4bae2d78f82b2517b1b142842cad135
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c7aea04047dc8a63ad0da4231c1d2320d4c582b51118bd2615ff9d0edc9eca3c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb2a91eba734efcffcbcedbd73640e52dde7569c5420b5fb27579bdd875e1038
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cfdc9706fe9b9ba84f87bb05a4c67a4c8dcc52297179fd44e00052e835cc9196
d00d1b84250a4886d05eb8146180447a656d25ac69cf41eda4ee0b4993a1d34c
d39b2eb4c7f0b0c708bf9e69acdf7ca787557db4a1442b50c345863bb1a7c134
d670621488b45b33d1a17b5e1250319b2ce513ededb4dbec847284c35e06f3d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f62d6cc1d433b2c2b768c56ccc47bcc38bd197235449550d1428dae7730ab1
e5b1f12fb989eb501193daa7feda9d19c11daf266c7f4a4eeea279b8f5d286a2
e6066c4de3dc65aabbcddba7ab83bc2396fa8327501c57e5902c8ba5057c88c6
e662df124d579059eb0791d97bc616082eb425757ef1eeceadbf6a7495a5892f
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a45babc462a62294d09471f880b721a99ae32d8e05fedb6a6a813f4a118eec
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fae0ed9f9784a93048af6335924bfce0833b8d5c51f76c81814ce4a5a41b668e
fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

authenticate.ibotta.com Open in urlscan Pro 2606:4700::6810:5267 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

95 %HTTPS

63 %IPv6

32 Domains

48 Subdomains

45 IPs

3 Countries

2220 kBTransfer

7715 kBSize

48 Cookies

2 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

authenticate.ibotta.com Open in urlscan Pro
2606:4700::6810:5267 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

95 %
HTTPS

63 %
IPv6

32
Domains

48
Subdomains

45
IPs

3
Countries

2220 kB
Transfer

7715 kB
Size

48
Cookies

116 HTTP transactions
4 data transactions