urlscan.io logo urlscan.io
SecurityTrails logo

authenticate.ibotta.com Open in urlscan Pro
2606:4700::6810:aafd  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ibotta.onelink.me/iUfE/1005cd3f?friend_code=iyuviul
Effective URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZI...
Submission: On July 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 60 IPs in 4 countries across 44 domains to perform 138 HTTP transactions. The main IP is 2606:4700::6810:aafd, located in United States and belongs to CLOUDFLARENET, US. The main domain is authenticate.ibotta.com. The Cisco Umbrella rank of the primary domain is 61905.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 12th 2022. Valid for: a year.
This is the only time authenticate.ibotta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.64.103.26 16509 (AMAZON-02)
7 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a02:26f0:480... 20940 (AKAMAI-ASN1)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 151.101.194.217 54113 (FASTLY)
2 2600:1901:0:7... 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:1f18:24e... 14618 (AMAZON-AES)
1 35.201.112.186 15169 (GOOGLE)
2 18.64.79.47 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.248.151.210 16509 (AMAZON-02)
4 54.174.240.34 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.186.194.58 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::3 44788 (ASN-CRITE...)
2 2a04:4e42:4b::84 54113 (FASTLY)
1 108.157.4.113 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2600:9000:215... 16509 (AMAZON-02)
2 104.90.105.115 16625 (AKAMAI-AS)
1 35.244.142.80 15169 (GOOGLE)
1 108.138.15.119 16509 (AMAZON-02)
1 35.186.249.72 15169 (GOOGLE)
1 2a04:4e42::396 54113 (FASTLY)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
5 2.16.241.99 20940 (AKAMAI-ASN1)
1 172.217.16.194 15169 (GOOGLE)
2 52.201.110.110 14618 (AMAZON-AES)
1 13.32.118.2 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 108.157.4.45 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 108.157.4.7 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.3.108.241 16625 (AKAMAI-AS)
1 178.250.2.146 44788 (ASN-CRITE...)
1 151.101.65.140 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.33.220.150 16509 (AMAZON-02)
1 18.64.98.49 16509 (AMAZON-02)
1 35.224.31.30 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 104.197.43.56 15169 (GOOGLE)
2 34.66.3.160 396982 (GOOGLE-CL...)
138 60
1    18.64.103.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-26.txl50.r.cloudfront.net
ibotta.onelink.me
7    2600:9000:225f:0:14:fc27:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
ibotta.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a02:26f0:480:f::213:7ed2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.rokt.com
7    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a02:26f0:f7::5c7b:e0fa (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
4    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
3    2606:4700::6810:aafd (United States)

ASN13335 (CLOUDFLARENET, US)
authenticate.ibotta.com
2    2600:1f18:24e6:b901:e25d:f1d5:70aa:971 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum-http-intake.logs.datadoghq.com
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
2    18.64.79.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-47.txl50.r.cloudfront.net
cdn.heapanalytics.com
2    2606:4700:10::6816:35fc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.quantummetric.com
1    13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com
clientstream.launchdarkly.com
4    54.174.240.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-240-34.compute-1.amazonaws.com
api.ibops.net
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    2600:9000:206f:600:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)
d2hrivdxn8ekm8.cloudfront.net
1    2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a04:4e42:4b::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    108.157.4.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-113.dus51.r.cloudfront.net
static.hotjar.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2600:9000:2156:e00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    104.90.105.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-105-115.deploy.static.akamaitechnologies.com
p.teads.tv
cm.teads.tv
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
d.impactradius-event.com
1    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    2a02:26f0:ef::5c7b:c239 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
websdk.appsflyer.com
5    2.16.241.99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-99.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
www.googleadservices.com
2    52.201.110.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-110-110.compute-1.amazonaws.com
heapanalytics.com
1    13.32.118.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-2.fra60.r.cloudfront.net
dvqigh9b7wa32.cloudfront.net
1    2600:9000:20eb:7e00:3:760:2800:21 (United States)

ASN16509 (AMAZON-02, US)
d330aiyvva2oww.cloudfront.net
1    2600:9000:225e:ea00:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)
d1lu3pmaz2ilpx.cloudfront.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    108.157.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-45.dus51.r.cloudfront.net
script.hotjar.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net
1    108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-7.dus51.r.cloudfront.net
vars.hotjar.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    23.3.108.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-108-241.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
1    18.64.98.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-98-49.txl50.r.cloudfront.net
cdn.auth0.com
1    35.224.31.30 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.31.224.35.bc.googleusercontent.com
home.ibotta.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    104.197.43.56 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 56.43.197.104.bc.googleusercontent.com
ibotta-app.quantummetric.com
2    34.66.3.160 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.3.66.34.bc.googleusercontent.com
rl.quantummetric.com
Apex Domain
Subdomains		 Transfer
11 ibotta.com
ibotta.com — Cisco Umbrella Rank: 34360
authenticate.ibotta.com — Cisco Umbrella Rank: 61905
home.ibotta.com — Cisco Umbrella Rank: 555835
1 MB
9 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2250
ibotta-app.quantummetric.com — Cisco Umbrella Rank: 297761
rl.quantummetric.com — Cisco Umbrella Rank: 5446
147 KB
9 rokt.com
apps.rokt.com — Cisco Umbrella Rank: 8069
232 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
638 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 919
102 KB
5 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 1630
clientstream.launchdarkly.com — Cisco Umbrella Rank: 1553
15 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 572
p.typekit.net — Cisco Umbrella Rank: 688
19 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
159 KB
4 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1896
25 KB
4 cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
dvqigh9b7wa32.cloudfront.net
d330aiyvva2oww.cloudfront.net
d1lu3pmaz2ilpx.cloudfront.net
12 KB
4 ibops.net
api.ibops.net — Cisco Umbrella Rank: 33973
1 KB
4 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3247
heapanalytics.com — Cisco Umbrella Rank: 2711
92 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 397
mug.criteo.com — Cisco Umbrella Rank: 2751
7 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 344
13 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 637
script.hotjar.com — Cisco Umbrella Rank: 795
vars.hotjar.com — Cisco Umbrella Rank: 874
in.hotjar.com Failed
68 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
region1.google-analytics.com — Cisco Umbrella Rank: 2841
20 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
131 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
1 KB
2 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 773
1 KB
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2425
18 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
500 B
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1293
insight.adsrvr.org — Cisco Umbrella Rank: 616
3 KB
2 teads.tv
p.teads.tv — Cisco Umbrella Rank: 6075
cm.teads.tv — Cisco Umbrella Rank: 6530
t.teads.tv Failed
6 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 745
19 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
162 KB
2 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2087
rs.fullstory.com — Cisco Umbrella Rank: 1781
62 KB
2 datadoghq.com
rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 3252
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 1010
35 B
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 8519
52 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1416
157 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5701
501 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 6379
12 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1336
8 KB
1 impactradius-event.com
d.impactradius-event.com — Cisco Umbrella Rank: 2694
13 KB
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 2349
6 KB
1 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3480
rp.liadm.com Failed
10 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 615
csm.nl.eu.criteo.net Failed
14 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 738
3 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1323
46 KB
1 onelink.me
ibotta.onelink.me
353 B
0 clarity.ms Failed
www.clarity.ms Failed
0 linkedin.com Failed
px4.ads.linkedin.com Failed
0 adxcel-ec2.com Failed
data.adxcel-ec2.com Failed
138 44
Domain Requested by
9 apps.rokt.com ibotta.com
apps.rokt.com
7 www.gstatic.com www.google.com
www.recaptcha.net
www.gstatic.com
7 ibotta.com ibotta.com
5 ibotta-app.quantummetric.com cdn.quantummetric.com
5 analytics.tiktok.com ibotta.com
analytics.tiktok.com
4 www.recaptcha.net authenticate.ibotta.com
www.gstatic.com
www.recaptcha.net
4 api.ibops.net ibotta.com
4 app.launchdarkly.com ibotta.com
3 bat.bing.com ibotta.com
bat.bing.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 authenticate.ibotta.com 1 redirects ibotta.com
3 use.typekit.net ibotta.com
use.typekit.net
3 www.google.com ibotta.com
3 securepubads.g.doubleclick.net ibotta.com
securepubads.g.doubleclick.net
2 rl.quantummetric.com cdn.quantummetric.com
2 ct.pinterest.com ibotta.com
2 us-central1-adaptive-growth.cloudfunctions.net ibotta.com
2 www.facebook.com
2 gum.criteo.com 1 redirects static.criteo.net
2 heapanalytics.com authenticate.ibotta.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 www.google-analytics.com www.googletagmanager.com
ibotta.com
2 www.googletagmanager.com ibotta.com
www.googletagmanager.com
2 cdn.quantummetric.com ibotta.com
authenticate.ibotta.com
2 cdn.heapanalytics.com ibotta.com
authenticate.ibotta.com
2 rum-http-intake.logs.datadoghq.com ibotta.com
2 sessions.bugsnag.com ibotta.com
2 p.typekit.net use.typekit.net
1 fonts.gstatic.com www.recaptcha.net
1 home.ibotta.com authenticate.ibotta.com
1 cdn.auth0.com authenticate.ibotta.com
1 insight.adsrvr.org js.adsrvr.org
1 googleads.g.doubleclick.net www.googleadservices.com
1 cm.teads.tv ibotta.com
1 alb.reddit.com
1 mug.criteo.com
1 www.google.de
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net ibotta.com
1 region1.google-analytics.com www.googletagmanager.com
1 d1lu3pmaz2ilpx.cloudfront.net ibotta.com
1 d330aiyvva2oww.cloudfront.net ibotta.com
1 dvqigh9b7wa32.cloudfront.net ibotta.com
1 www.googleadservices.com www.googletagmanager.com
1 websdk.appsflyer.com ibotta.com
1 www.redditstatic.com ibotta.com
1 d.impactradius-event.com ibotta.com
1 js.adsrvr.org www.googletagmanager.com
1 cdn.pdst.fm ibotta.com
1 p.teads.tv www.googletagmanager.com
1 b-code.liadm.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 static.criteo.net www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 d2hrivdxn8ekm8.cloudfront.net ibotta.com
1 rs.fullstory.com ibotta.com
1 clientstream.launchdarkly.com ibotta.com
1 edge.fullstory.com ibotta.com
1 www.googleoptimize.com ibotta.com
1 ibotta.onelink.me 1 redirects
0 csm.nl.eu.criteo.net Failed gum.criteo.com
0 t.teads.tv Failed p.teads.tv
0 in.hotjar.com Failed ibotta.com
0 www.clarity.ms Failed bat.bing.com
0 rp.liadm.com Failed ibotta.com
0 px4.ads.linkedin.com Failed
0 data.adxcel-ec2.com Failed
138 68

This site contains links to these domains. Also see Links.

Domain
legal.ibotta.com
Subject Issuer Validity Valid
ibotta.com
Amazon		 2021-09-20 -
2022-10-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
apps.rokt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-28 -
2022-12-20		 8 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-26 -
2023-04-26		 a year crt.sh
authenticate.ibotta.com
Cloudflare Inc ECC CA-3		 2022-04-12 -
2023-04-12		 a year crt.sh
*.logs.datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-26 -
2023-04-26		 a year crt.sh
edge.fullstory.com
GTS CA 1D4		 2022-06-11 -
2022-09-09		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
clientstream.launchdarkly.com
Amazon		 2021-09-21 -
2022-10-19		 a year crt.sh
api.ibops.net
Amazon		 2021-09-17 -
2022-10-16		 a year crt.sh
*.fullstory.com
R3		 2022-06-14 -
2022-09-12		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-04 -
2022-08-02		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-05		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
cdn.pdst.fm
GTS CA 1D4		 2022-06-12 -
2022-09-10		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.impactradius-event.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-10 -
2023-01-06		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
*.appsflyer.com
DigiCert SHA2 Secure Server CA		 2021-10-09 -
2022-10-11		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
*.auth0.com
Amazon		 2022-03-26 -
2023-04-24		 a year crt.sh
home.ibotta.com
R3		 2022-06-11 -
2022-09-09		 3 months crt.sh
*.quantummetric.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-18 -
2023-02-13		 a year crt.sh
rl.quantummetric.com
R3		 2022-07-16 -
2022-10-14		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Frame ID: 7DDD550B19A7609F25652A74294B67ED
Requests: 108 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/controller/index.html
Frame ID: 023669027D299131F6BC0BF2EAEA374A
Requests: 4 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Frame ID: BD855283E7CCA7526F3CA8C72ABC429A
Requests: 2 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugins/widget/index.html
Frame ID: 70C999C800A7C10169C6F529C18EF1C8
Requests: 2 HTTP requests in this frame

Frame: https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&scope=openid%20profile%20email&response_type=code&response_mode=web_message&state=N2lRTWxSNUtHWllzSWMxYkV0WU9aai5LM09zaGpxSzdDaDFUVmtZdUc3RA%3D%3D&nonce=aE5lOTZrNDRGRU02by12aGphVUV%2BZVJieFc1MFBrVzNVR1VyWn5CVEIwQQ%3D%3D&code_challenge=BxfBDwWKpaugntwSwT-4rPac2AAxJOlNe6KYahYlj1I&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTkuMiJ9
Frame ID: F7F499CBCEA8CC2EAA67A8DB36539FD5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=ibotta.com&origin=onetag
Frame ID: FFA2593F477BEA5A727AA9BF9729ECBF
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: DC62C76CFCED32AFF753A6C33E7EC13D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=c4z9ofs&ref=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&upid=3mhtzqi&upv=1.1.0
Frame ID: C23B8D494ED5B82D5C6BAF257D3C4AA5
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB&co=aHR0cHM6Ly9hdXRoZW50aWNhdGUuaWJvdHRhLmNvbTo0NDM.&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=normal&cb=nyoim390d592
Frame ID: 1C7280BE0E01F9508CFB2BF0C7278F07
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB
Frame ID: 1F696A47D3207B4FD772602B6271B4BD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign up | Web & BEX

Page URL History Show full URLs

  1. https://ibotta.onelink.me/iUfE/1005cd3f?friend_code=iyuviul HTTP 302
    https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=... Page URL
  2. https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&audience=https%3A%2F%2F... HTTP 302
    https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • d\.impactradius-event\.com
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

138
Requests

87 %
HTTPS

55 %
IPv6

44
Domains

68
Subdomains

60
IPs

4
Countries

3288 kB
Transfer

11279 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ibotta.onelink.me/iUfE/1005cd3f?friend_code=iyuviul HTTP 302
    https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App Page URL
  2. https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&screen_hint=signup&app_version=2.589.0%3Aweb_v2%3Achrome&global_session_id=4e33b220e2f243839b03b741b7a8d8bc&early_identifier=88b77393eed7497c9f95fce521a54990&scope=openid%20profile%20email&response_type=code&response_mode=query&state=R2tFSTN4eXFKNHY0U0ZvM2o3aDYycWRXNHp3YmZQemFUUk5OZnA0RzBoZg%3D%3D&nonce=TFJ1dzAud1FKbXZIeW9STzBma3h5alNhbmRBOGtrUk1RczliZ0tuNDE0aA%3D%3D&code_challenge=S6dPqiKHuzchbC4BHLzD3dxbdFzInddqBn5YgtHtyJA&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTkuMiJ9 HTTP 302
    https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ibotta.onelink.me/iUfE/1005cd3f?friend_code=iyuviul HTTP 302
  • https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Request Chain 69
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1658792392486&url=https%3A%2F%2Fibotta.com%2Fregister%3Faf_channel%3DMobile%2520App%26friend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1658792392486&url=https%3A%2F%2Fibotta.com%2Fregister%3Faf_channel%3DMobile%2520App%26friend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App&e_ipv6=AQLiXkoKnywXmwAAAYI3uzk_CBkwo6Dpu5_df43y9j-rR8vDEP2Y0FG4VlnRa6FrRTcvMG4sfw
Request Chain 90
  • https://gum.criteo.com/sid/json?origin=onetag&domain=ibotta.com&sn=ChromeSyncframe&so=0&topUrl=ibotta.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Xe6fkHx1VS9XRmxjWWRRb0FuSmVvVWdVajBkUHhXT0tuaE1sUmJnWWQ2ei80OE1Sb2NIbmIyZUlDcXBDNjVDNjFrdHQvWjQ5d2tBa0ZtcmRkM0FiL1NpTmhKSUd4aEY1Qnh0SHNCa3JyekRKTVB2OHdQUXdaZmdCamFxNzgweFM4YllrdkNtMWRlRnQ5RktQbnh0MUlxSGNGaUJoaEtrRlUwQUxYSmh0SHBaNWw0aDdhZ2JHdlNmQTc4TVJXNCtUZGdCSHkvMlI1SXN5NjZCUDRhbkJTVlRtY0VRTXZwc0lmL05QSXJKaVluSUFGdzVDRm9xR2tIRlB6MWxTYnFzUzRQSTFaU0ZBZTgybHRid3dYS2NTL0tnZlUzUT09fA&cppv=2

138 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
register
ibotta.com/
Redirect Chain
  • https://ibotta.onelink.me/iUfE/1005cd3f?friend_code=iyuviul
  • https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:0:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
99e93294c68058a65ac238ab04da6e278c9b1e7cf82caf124961e40bb3fa73b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14713
cache-control
max-age=60, s-maxage=86400
content-encoding
br
content-type
text/html
date
Mon, 25 Jul 2022 19:34:38 GMT
etag
W/"9bf67f175313d7c1887a4a77bc011f22"
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
last-modified
Mon, 25 Jul 2022 19:32:29 GMT
referrer-policy
same-origin
server
none
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 23f4d6fe05b7a037f9e8a8a9a9896368.cloudfront.net (CloudFront)
x-amz-cf-id
HzNZB7SNYQXvJsQ7c41I25LxWe85a-SI2B71RA4zzxjmYdzDYOUVow==
x-amz-cf-pop
TXL50-P2
x-amz-id-2
VeYqM1frZgVLyRdvcuf+v6F9az3drxsCBanLcM5e5CE9tBE5GTGwO//eS5Pf7urv4dpj2F5d8Xo=
x-amz-request-id
MP3WCX50APCV2S0P
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-type
application/octet-stream
date
Mon, 25 Jul 2022 23:39:50 GMT
location
https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile App&af_channel=Mobile App
server
http-kit
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f5a41f2e2650c6e3da553e0f45e52bfa.cloudfront.net (CloudFront)
x-amz-cf-id
Uq_8-UfaDzNJaUSkWx_OzeAHo0DAcXTg0JHILvQC4vpPkAPXFRetJw==
x-amz-cf-pop
TXL50-P3
x-cache
Miss from cloudfront
optimize.js
www.googleoptimize.com/ 		121 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-WDJL74V
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2558493bb4367df70bad3b6145ac97b3e0f8460f0dd368b79c01a5db8fd79257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46466
x-xss-protection
0
expires
Mon, 25 Jul 2022 23:39:50 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
59afe49d8d94432df123096e0bcbad0377dd2252e89edbcb04b1d337371abf01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28375
x-xss-protection
0
server
sffe
etag
"1284 / 800 of 1000 / last-modified: 1658787395"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 25 Jul 2022 23:39:50 GMT
api.js
www.google.com/recaptcha/ 		850 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb20f2bd22fd57615fb848f5ec91d2652028d683111c2023be956d689c865e42
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Mon, 25 Jul 2022 23:39:50 GMT
app.8aef4466.css
ibotta.com/css/ 		216 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/css/app.8aef4466.css
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:0:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
0682a2b5a4b51833cf7ec111425962973cc3cec38724e7fc8de99e27a09c8c9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 19:35:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
14635
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
2J9TKSX2B75XF96B
x-amz-id-2
8L7Rtzgu3xlJKQFYQ5K7xne/vAKqwtO30jwRd8A7x2iuhCKjErXeQN/kVmtbsI6pAPJ4QzF6c9w=
referrer-policy
same-origin
last-modified
Mon, 25 Jul 2022 19:32:31 GMT
server
none
x-frame-options
SAMEORIGIN
etag
W/"d43a8dfd7cdb1ac409b844fb511bd151"
vary
Accept-Encoding
content-type
text/css
via
1.1 23f4d6fe05b7a037f9e8a8a9a9896368.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
-9Q1KA2Cx8-YhWI6y9OgRL10OZd4KGwoXKR1MHYqqTxKYza70rCzGg==
chunk-vendors.b23a1efe.css
ibotta.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/css/chunk-vendors.b23a1efe.css
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:0:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
17fd49227238fe025352bd22267f04a70777d6d5270962c581db5f3dff6b2619
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 01:05:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
4228486
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
1VXD4MAADWY697EV
x-amz-id-2
xFFEOp7p+hk7D/H2GX8yB2UHxrO8ha6SYfTxdnic+GPuzQn1finSJSnTSLPrQDPfRG9YBbva1qc=
referrer-policy
same-origin
last-modified
Mon, 06 Jun 2022 16:25:11 GMT
server
none
x-frame-options
SAMEORIGIN
etag
W/"38a510040f5f7142b249cda2c28d4f8d"
vary
Accept-Encoding
content-type
text/css
via
1.1 23f4d6fe05b7a037f9e8a8a9a9896368.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
kSyJl6NtANLZy6TbljM2mQMmg7IxYB_tVoD2hgZ76r-KWn38DMpyRg==
pando.6363a7a7.css
ibotta.com/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/css/pando.6363a7a7.css
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:0:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
1494e0b964d029bf34f09cc6cfecc5f9175b8aebf0987b2e41e5baec29dc96d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 22 May 2022 00:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
5612647
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
JGRC70JGHHV0W9WN
x-amz-id-2
XB60/SvIGoGpGMQEmWO1v6HZ4FYfi16D7U0HFEXGbGjf5O3CAUjzhDrg6vBwod/5AtCIId9ko9Y=
referrer-policy
same-origin
last-modified
Fri, 20 May 2022 20:45:48 GMT
server
none
x-frame-options
SAMEORIGIN
etag
W/"8b03f21648be720bf846d469b0b19be9"
vary
Accept-Encoding
content-type
text/css
via
1.1 23f4d6fe05b7a037f9e8a8a9a9896368.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
1ZVXQRvvj44r5G2lNVPGTeeDxCpvVwhLfJ0Vs3N2Q5HCwX-gACX-ZA==
app.dd57cfa4.js
ibotta.com/js/ 		1 MB
360 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/js/app.dd57cfa4.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:0:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
c6af60c995ec7207d546984c060b29ef52d331258eda3b4bc3772443e881fd94
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 19:35:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
14635
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
2J9PGCMNXZQZ4G53
x-amz-id-2
Cw7c+K/bFzHArEr6UGBOKQvzLLbVjOK1vikzu1OgHYG3kBUf7Z/22D9ChIBCq+1Mrzjpklk3/PA=
referrer-policy
same-origin
last-modified
Mon, 25 Jul 2022 19:32:50 GMT
server
none
x-frame-options
SAMEORIGIN
etag
W/"bb00188afe7e491ec248c9dfa128da32"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 23f4d6fe05b7a037f9e8a8a9a9896368.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
WSu95GiVGYJWqfSlxUvLDepaU4Ga_YcAzSr4v-asRo08qBrVmcnkjg==
chunk-vendors.ea461c68.js
ibotta.com/js/ 		2 MB
614 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/js/chunk-vendors.ea461c68.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:0:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
56fd4f80dd0053b789d37f6425b9f8c6cabe721163c77316e18efc6245f4c3d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 19:35:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
14635
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
2J9Q5X6519GMX4FZ
x-amz-id-2
WCxk2DLLw/6qBdsJO5xz3sf+Fy2hOiHbi0xH5vzCVXLRxJckhYzasEyI2ay7kIwv3AzmB5GMts0=
referrer-policy
same-origin
last-modified
Mon, 25 Jul 2022 19:32:51 GMT
server
none
x-frame-options
SAMEORIGIN
etag
W/"aa47fc1af25fd740611a25df6b9c70ac"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 23f4d6fe05b7a037f9e8a8a9a9896368.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
vTvdT2X9-rS1mD82rZUjSyKTbmdbn8cdpIw0i22KpLw4vthLhMa1xA==
pando.b0013d3a.js
ibotta.com/js/ 		242 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/js/pando.b0013d3a.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:0:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
8a08c2f8e454fe179ec90eb118292c8d296a1f863ef477e66c74582bab07c2b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 21:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
440593
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
K8EDK6CSJA3CQXNJ
x-amz-id-2
opKMmLasP0b6WiNmKrMXWzKno48pUiQhaWoIJFBHa0TWmZEx11948hrVFF1cxPqW46MqGMvLTj0=
referrer-policy
same-origin
last-modified
Wed, 20 Jul 2022 21:16:04 GMT
server
none
x-frame-options
SAMEORIGIN
etag
W/"6b8aee04ccd84fd7fc35595bf7ac63bb"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 23f4d6fe05b7a037f9e8a8a9a9896368.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
5L2andHCA16Aj6R_pSScFS_90y7JzAmXxtqqI49kJXdu7WFYF-58GA==
snippet.js
apps.rokt.com/wsdk/integrations/ 		71 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/integrations/snippet.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6276f9a7f664589b173d6d90be87231658a74e424aeb82f4a0ef6fbf86edcf15
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
x-amz-request-id
GRA0X1Z7JN2S34T8
access-control-max-age
86400
content-length
16968
x-amz-id-2
9A2RT/P/AydKIkiV7Wlkmal9xcMmDpdmuQbqPB84i+3/99HnGhBHh3pyCjZlFRF9CnZzvahfV5w=
last-modified
Thu, 21 Jul 2022 04:39:35 GMT
server
AmazonS3
etag
"d2eab80bad1ea4fe0ca6d66af27a1054"
strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1200, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
recaptcha__de.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ 		365 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://ibotta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 15:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147954
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Jul 2023 15:40:36 GMT
lys1mao.css
use.typekit.net/ 		3 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/lys1mao.css
Requested by
Host: ibotta.com
URL: https://ibotta.com/css/pando.6363a7a7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e0fa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7908bae85fe5eb3aa7b1194d29be3f8a532778df49bde86ffcb1f67d837a5159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 25 Jul 2022 23:39:50 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
714
pubads_impl_2022071901.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131527
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 08:34:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Jul 2023 23:14:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		65 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibotta.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
349b07be72aecbe92b17729473d7c46838c7129ee03a31730b6de8d45caf766c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Jul 2022 23:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Mon, 25 Jul 2022 23:39:50 GMT
wng3obt.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wng3obt.css
Requested by
Host: ibotta.com
URL: https://ibotta.com/css/app.8aef4466.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e0fa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0fc33a319991ddb723d77e1d72ce9e1c73b58539378c16e1e9a39700c88be93f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 25 Jul 2022 23:39:50 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
884
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wng3obt&ht=tk&f=2005.2006.2007.2008.2009.2010.2011.2012&a=101957218&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wng3obt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:51 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=lys1mao&ht=tk&f=2005.2007.2009.2011&a=86732618&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lys1mao.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:51 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
5c6b28dadb8ac42df4f22587
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5c6b28dadb8ac42df4f22587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 25 Jul 2022 23:39:51 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-cdg20727-CDG
x-timer
S1658792391.463071,VS0,VE1
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Jul 2022 23:39:51 GMT
via
1.1 google
5c6b28dadb8ac42df4f22587
app.launchdarkly.com/sdk/goals/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5c6b28dadb8ac42df4f22587
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.18.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
access-control-max-age
300
date
Mon, 25 Jul 2022 23:39:51 GMT
content-length
26
x-served-by
cache-cdg20727-CDG
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1658792392.513721,VS0,VE1
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
1
/
sessions.bugsnag.com/ 		21 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
Bugsnag-Sent-At
2022-07-25T23:39:51.410Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
769fa465ed57105d30af1da7a97d0d6f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:39:51 GMT
via
1.1 google
bugsnag-session-uuid
a823cdd9-5d36-4b4e-a88f-c824bf3d8e86
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiMi41ODkuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiIxM2ZhMzM1MC0wYzczLTExZWQtODVhMy1lMTA0NGZkNDI4YjMifQ
app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiMi41ODkuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiIxM2ZhMzM1MC0wYzczLTExZWQtODVhMy1lMTA0NGZkNDI4YjMifQ?withReasons=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 25 Jul 2022 23:39:51 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-cdg20727-CDG
x-timer
S1658792391.463214,VS0,VE1
eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiMi41ODkuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiIxM2ZhMzM1MC0wYzczLTExZWQtODVhMy1lMTA0NGZkNDI4YjMifQ
app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/ 		102 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiMi41ODkuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiIxM2ZhMzM1MC0wYzczLTExZWQtODVhMy1lMTA0NGZkNDI4YjMifQ?withReasons=true
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ba5096c4f424253f2a89bc1c5a85d978ed05f65fd33311a6743de031f3cadd5

Request headers

Referer
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.18.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:51 GMT
content-encoding
gzip
vary
Authorization, Accept-Encoding
age
0
x-cache
MISS
content-length
14862
x-served-by
cache-cdg20744-CDG, cache-cdg20727-CDG
access-control-allow-origin
*
x-timer
S1658792392.515243,VS0,VE372
etag
"9577dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lys1mao.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e0fa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af

Request headers

Referer
https://use.typekit.net/lys1mao.css
Origin
https://ibotta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:51 GMT
server
nginx
etag
"b5e7c2e377d10b344b022d96a04daef295e61ac1"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17052
index.html
apps.rokt.com/wsdk/controller/ Frame 0236 		1 KB
953 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/controller/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
def585959da4272041b13f4c12a29039a10e47e7d57c7bb679751525bbebd2d4
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1200, public
content-encoding
br
content-length
519
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 23:39:51 GMT
etag
"6a5ea9f771f150c9eed6f7af212a08a4"
last-modified
Thu, 21 Jul 2022 04:39:33 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
+G8YVa4m9VJZuExWMFxK/BOE/GdL5rg3hlLEdPH0P5iLCeLAaBEwj71VfzS73SHCiQDtN67PDe0=
x-amz-request-id
Y85Z4X0AWZ6JDWKG
x-content-type-options
nosniff
index.html
apps.rokt.com/wsdk/plugin-runtime/ Frame BD85 		726 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugin-runtime/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d6fc9399eefba8382bcb0eab383bddd35fc44fa79d134a1d70e3614dff870d5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1200, public
content-encoding
br
content-length
291
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 23:39:51 GMT
etag
"b58f1785c664ab6218efd34eeb2158a7"
last-modified
Thu, 21 Jul 2022 04:39:40 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
UOJHTh9z151PDBCX9eJ0yUImyK9OcA7xvwZTb8suPGtBuCtds1aGhMfr2x8hILg85ZBO7aKNM7Q=
x-amz-request-id
JG6GRZFAGJY49KCD
x-content-type-options
nosniff
index.html
apps.rokt.com/wsdk/plugins/widget/ Frame 70C9 		730 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugins/widget/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac917b0e777e5b18ba7f751034031aa03ae73eecae148f7bd8a5c5df8ca8f765
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1200, public
content-encoding
br
content-length
300
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 23:39:51 GMT
etag
"8ee732abda033c9eefeed9cb4834bc09"
last-modified
Fri, 22 Jul 2022 23:00:49 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
rdF2n7wG5UzwIfwzxU9MnzIVUKwJh7GDScSk2fzM9qVacRlN0wkNgv3jvDN4SykbzKf42C6SS/0=
x-amz-request-id
D741YRQAG2PX7792
x-content-type-options
nosniff
authorize
authenticate.ibotta.com/ Frame F7F4 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&scope=openid%20profile%20email&response_type=code&response_mode=web_message&state=N2lRTWxSNUtHWllzSWMxYkV0WU9aai5LM09zaGpxSzdDaDFUVmtZdUc3RA%3D%3D&nonce=aE5lOTZrNDRGRU02by12aGphVUV%2BZVJieFc1MFBrVzNVR1VyWn5CVEIwQQ%3D%3D&code_challenge=BxfBDwWKpaugntwSwT-4rPac2AAxJOlNe6KYahYlj1I&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTkuMiJ9
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aafd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6558588dc273468c6828c24942c0a698eadcc4565da9ab8d6ff3f27b58034ae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7308bcc08f89cc46-ZRH
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 25 Jul 2022 23:39:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
7308bcc08f89cc46
ot-tracer-sampled
true
ot-tracer-spanid
3d3d9cd13525d0ba
ot-tracer-traceid
0073dcdb545bec71
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-3d3d9cd13525d0ba-00000000000000000073dcdb545bec71-01
tracestate
auth0-request-id=7308bcc08f89cc46
vary
Accept-Encoding
x-auth0-requestid
e68df6d5fd6ea430095d
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1658792393
global-reporter.js
apps.rokt.com/wsdk/reporter/ Frame 0236 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/reporter/global-reporter.js
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d00d1b84250a4886d05eb8146180447a656d25ac69cf41eda4ee0b4993a1d34c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.rokt.com/wsdk/controller/index.html
Origin
https://apps.rokt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
T0TAYG25VES3QFCX
strict-transport-security
max-age=16070400; includeSubDomains
vary
Accept-Encoding
content-length
2840
x-amz-id-2
us8TpYtOHG0q0eNPHB6YhGP83sUnZgQfMSOF2RQMPB91wds0mSb9SCYavl6u4MnPOMWEEuZicXU=
last-modified
Sun, 08 Aug 2021 23:10:23 GMT
server
AmazonS3
etag
"1d663c18a8f56b3de25954a30bd3e8c0"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1200, must-revalidate, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
index.681045fd6577859a33d7.js
apps.rokt.com/wsdk/controller/ Frame 0236 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/controller/index.681045fd6577859a33d7.js
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85270fe58dfe8886c2beff187f4bd3279cbe93fb9efeced3dfbb7c9c11f96baa
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.rokt.com/wsdk/controller/index.html
Origin
https://apps.rokt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
x-amz-request-id
43P244SCNKZ81M2F
access-control-max-age
86400
content-length
14408
x-amz-id-2
zA/uLotCPnbhXa0biN4o6IGS1aeE99XFOpQ6LiQXPcYJnUB8egQl87XmHgGZ9veeMaCUpI6VRCY=
last-modified
Thu, 21 Jul 2022 04:39:32 GMT
server
AmazonS3
etag
"27809924a796ab19ec12229417bdc15d"
strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, immutable, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
index.0015d447cecb35b15f18.js
apps.rokt.com/wsdk/plugin-runtime/ Frame BD85 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugin-runtime/index.0015d447cecb35b15f18.js
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8387923a7e39c9c30b9d783fde075dd969ab2ea6f81413f738158fef8304049
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.rokt.com/wsdk/plugin-runtime/index.html
Origin
https://apps.rokt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
x-amz-request-id
2GXR2X39Q05PZ1TM
access-control-max-age
86400
content-length
18308
x-amz-id-2
spLyVs5RbY27+SVrwkFg7ActJkYgOyouBjDV6KGLvvNnISuMGzi1FpI4gpc55scyDw60vjW1zBg=
last-modified
Thu, 21 Jul 2022 04:39:39 GMT
server
AmazonS3
etag
"981975a2f12a2487009cfc0dc5293cbc"
strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, immutable, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
index.6d805acab00dee380227.js
apps.rokt.com/wsdk/plugins/widget/modern/ Frame 70C9 		829 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugins/widget/modern/index.6d805acab00dee380227.js
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugins/widget/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
696fa31b050b8438b6aa9beaf9c1fc38e359cbedcf39bccfb3871c8750851797
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apps.rokt.com/wsdk/plugins/widget/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
x-amz-request-id
4D73KD4ZBX7CTFZK
access-control-max-age
86400
content-length
178751
x-amz-id-2
9i9Q2eWhCM5FSSvzKYvzPXHIXrUeab3K3De+6hVUKsmxFpBicI16FoL9djjDdZqZGxssmhbLAwo=
last-modified
Fri, 22 Jul 2022 23:00:46 GMT
server
AmazonS3
etag
"19ed4ea49235d85004bdda5be6314e48"
strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, immutable, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
session
apps.rokt.com/v1/ Frame 0236 		0
688 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/v1/session
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.681045fd6577859a33d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; report-uri https://rokt.report-uri.io/r/default/csp/enforce
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apps.rokt.com/wsdk/controller/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
upgrade-insecure-requests; report-uri https://rokt.report-uri.io/r/default/csp/enforce
referrer-policy
no-referrer-when-downgrade
server
istio-envoy
etag
d2f3e4b4-a9e8-4349-b079-179e93371d12
content-security-policy-report-only
upgrade-insecure-requests; default-src https:; report-uri https://rokt.report-uri.io/r/default/csp/reportOnly
x-xss-protection
1; mode=block
access-control-expose-headers
ETag
cache-control
max-age=0, no-cache, no-store
date
Mon, 25 Jul 2022 23:39:51 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-robots-tag
noindex, nofollow, noimageindex
content-length
0
x-content-type-options
nosniff
expires
Mon, 25 Jul 2022 23:39:51 GMT
pubd08f056573c4b96db239f3180e7d6da8
rum-http-intake.logs.datadoghq.com/v1/input/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubd08f056573c4b96db239f3180e7d6da8?ddsource=browser&ddtags=sdk_version%3A3.6.11%2Cenv%3Aproduction%2Cservice%3Aweb_v2%2Cversion%3A2.589.0&batch_time=1658792392014
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:e25d:f1d5:70aa:971 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
fs.js
edge.fullstory.com/s/ 		243 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
Origin
https://ibotta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 22:46:23 GMT
content-encoding
br
age
3209
x-guploader-uploadid
ADPycdsPVsSucmgYLmZYSPqQIwnyv54I4DpuiAIdY53dplyc3JZ492lqM6iCE1YpYee0bgCUu2OkAZ_w5EFwIsO0WR7lSA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62394
last-modified
Fri, 15 Jul 2022 14:11:44 GMT
server
UploadServer
etag
"e43931d231585d2c3bc5fd1ca844a6b9"
vary
Accept-Encoding
x-goog-hash
crc32c=QJ1U2Q==, md5=5Dkx0jFYXSw7xf0cqESmuQ==
x-goog-generation
1657894304906053
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
62394
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 25 Jul 2022 23:46:23 GMT
heap-560310507.js
cdn.heapanalytics.com/js/ 		114 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-560310507.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-47.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:38:20 GMT
content-encoding
gzip
server
nginx
age
92
etag
W/"1c9ae-WDvhHRHtGpkllg/JnzI66g"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 6ffd9144e1bc0d7518dfec3f04843cdc.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
TXL50-P2
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
Yzso-5qwNNxFo0UX4vaxuti8PYQr60q3Kw9h3FD-8bO6xT-EvtesIQ==
quantum-ibotta.js
cdn.quantummetric.com/qscripts/ 		226 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/app.dd57cfa4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
etag
W/"165833424999316575519327471658736002514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
strict-transport-security
max-age=31536000
cf-ray
7308bcc33d9ccc62-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiMi41ODkuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiIxM2ZhMzM1MC0wYzczLTExZWQtODVhMy1lMTA0NGZkNDI4YjMifQ
clientstream.launchdarkly.com/eval/5c6b28dadb8ac42df4f22587/ 		103 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/5c6b28dadb8ac42df4f22587/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiMi41ODkuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiIxM2ZhMzM1MC0wYzczLTExZWQtODVhMy1lMTA0NGZkNDI4YjMifQ?withReasons=true
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.151.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
graphql
api.ibops.net/browser-extension/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ibops.net/browser-extension/graphql?name=track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.240.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-240-34.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-app-session,x-app-version,x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method
POST
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-app-session,x-app-version,x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTION
access-control-allow-origin
https://ibotta.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 25 Jul 2022 23:39:52 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		319 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91564
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 22:37:33 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Jul 2022 23:39:52 GMT
graphql
api.ibops.net/browser-extension/ 		33 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ibops.net/browser-extension/graphql?name=track
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.240.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-240-34.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-App-Version
2.589.0:web_v2:chrome
accept-language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-datadog-sampling-priority
1
Content-Type
application/json
Accept
application/json
Referer
x-datadog-trace-id
8877568371184688220
x-datadog-parent-id
1886419295169984462
x-datadog-sampled
1
X-App-Session
0d844bdb-934b-4edb-bb91-57ccd710c503

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
33
x-xss-protection
0
x-request-id
33a9017ab562385312e4fe1faf59c7ca
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 25 Jul 2022 23:39:52 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
etag
W/"21-ZB8zl8RfgSFnHZaKd4YLO6ORhz8"
graphql
api.ibops.net/browser-extension/ 		33 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ibops.net/browser-extension/graphql?name=track
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.240.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-240-34.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-App-Version
2.589.0:web_v2:chrome
accept-language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-datadog-sampling-priority
1
Content-Type
application/json
Accept
application/json
Referer
x-datadog-trace-id
4556925282194451465
x-datadog-parent-id
138240356036506181
x-datadog-sampled
1
X-App-Session
0d844bdb-934b-4edb-bb91-57ccd710c503

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
33
x-xss-protection
0
x-request-id
ca6cb1e9945337b421c8db082d4cf28e
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 25 Jul 2022 23:39:52 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
etag
W/"21-ZB8zl8RfgSFnHZaKd4YLO6ORhz8"
graphql
api.ibops.net/browser-extension/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ibops.net/browser-extension/graphql?name=track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.240.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-240-34.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-app-session,x-app-version,x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method
POST
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-app-session,x-app-version,x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTION
access-control-allow-origin
https://ibotta.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 25 Jul 2022 23:39:52 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
Primary Request signup
authenticate.ibotta.com/u/
Redirect Chain
  • https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&screen_...
  • https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1...
69 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:aafd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006cfe7fb3f26e9a99a8fa12e5fbd060db317ecac2cea6c35d5efc015145a1a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
7308bcc71fa923df-ZRH
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 23:39:53 GMT
etag
W/"1134b-CGnNWSywrrTpqMFH3E75Aq0A+zY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 25 Jul 2022 23:39:53 GMT
ot-baggage-auth0-request-id
7308bcc71fa923df
ot-tracer-sampled
true
ot-tracer-spanid
0e10dba571d28507
ot-tracer-traceid
22b31fa602d52c03
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-0e10dba571d28507-000000000000000022b31fa602d52c03-01
tracestate
auth0-request-id=7308bcc71fa923df
vary
Accept-Encoding
x-auth0-requestid
d18672593432d77f999e
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1658792400
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
7308bcc35cc923df-ZRH
content-length
426
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 23:39:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
ot-baggage-auth0-request-id
7308bcc35cc923df
ot-tracer-sampled
true
ot-tracer-spanid
1be96eb4385c6155
ot-tracer-traceid
377c970d75a6469f
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-1be96eb4385c6155-0000000000000000377c970d75a6469f-01
tracestate
auth0-request-id=7308bcc35cc923df
vary
Accept, Accept-Encoding
x-auth0-requestid
b4bbd42bdfc3de2ec6d9
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1658792393
pubd08f056573c4b96db239f3180e7d6da8
rum-http-intake.logs.datadoghq.com/v1/input/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubd08f056573c4b96db239f3180e7d6da8?ddsource=browser&ddtags=sdk_version%3A3.6.11%2Cenv%3Aproduction%2Cservice%3Aweb_v2%2Cversion%3A2.589.0&batch_time=1658792392169
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:e25d:f1d5:70aa:971 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
page
rs.fullstory.com/rec/ 		47 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ibotta.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47
js
www.googletagmanager.com/gtag/ 		204 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74093
x-xss-protection
0
expires
Mon, 25 Jul 2022 23:39:52 GMT
tracker-latest.min.js
d2hrivdxn8ekm8.cloudfront.net/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:600:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 05:33:21 GMT
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 19:33:58 GMT
server
AmazonS3
age
65192
etag
"2fd76c8e88356206a1c7a31860e7fe72"
x-cache
Hit from cloudfront
x-amz-version-id
nxP954O2qyuHFEWoPjj05B2blGcZvYQN
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
10025
x-amz-cf-id
ivbRakD9sinlGhDGMhL4kd53rmD8SDl-M16HQiad7eINRKICG7hnSg==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 23:39:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=36266
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26093
x-xss-protection
0
pragma
public
x-fb-debug
gT2DKrN6Gben6qfeSOnSSfsGYIKuYtyYtpXs9BWQBs5sWSyC+hsQLhpNmYsqHNQz1znaZWsdA58d9wUbmQc8kA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Mon, 25 Jul 2022 23:39:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2035
date
Mon, 25 Jul 2022 23:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 26 Jul 2022 01:05:57 GMT
ld.js
static.criteo.net/js/ld/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 07:49:23 GMT
server
nginx
etag
W/"62bc0403-a792"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 26 Jul 2022 23:39:52 GMT
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
fastly-restarts
1
x-cdn
fastly
etag
"c4a0eea377c5e0da574e46f4d6e838e5"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
hotjar-2893975.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2893975.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-113.dus51.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
DUS51-P2
etag
W/b12788bf077934e4380fdf48992f3306
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-amz-cf-id
PSSNKeq5jqV9Bsphf6Bldaj8U6Y4do_Y1mIV3KR9ULZCqdmf-VkVEQ==
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 18:22:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AF6B41A6B61A424880C6C3ABA4D25DC0 Ref B: FRAEDGE1217 Ref C: 2022-07-25T23:39:52Z
etag
"0c8eafcad81d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Mon, 25 Jul 2022 23:39:52 GMT
accept-ranges
bytes
content-length
11360
a-0320.min.js
b-code.liadm.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-0320.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 08:19:10 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
age
55242
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
content-encoding
gzip
x-amz-cf-id
1n5z-yAqbKCnCB0wHHf430Lx_2FxMkxE38qEB5l5qznJkeo5ozFNvQ==
teads-fellow.js
p.teads.tv/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.teads.tv/teads-fellow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.90.105.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-105-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Mon, 25 Jul 2022 23:39:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jun 2022 07:41:03 GMT
Server
AmazonS3
x-amz-request-id
8PQNK1VCV7GN975Y
ETag
"a483ab54f15ef5b4755923baf02b68cb"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=346
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5706
x-amz-id-2
2wk7ipVCtLQYwH7fCZEJ1wPx6x0QD/pfs30lsNdPGZa5JBcAbHaO7k0EXFo1p33LjZdjhr47OMA=
ping.min.js
cdn.pdst.fm/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 22:56:27 GMT
content-encoding
gzip
age
2605
x-guploader-uploadid
ADPycdtkOaRQtNzKP2DPo-8doUwkIhzWyehPHkTFY3E7iwxtJQFUqnPP1nW4d6OHrGmLI-GSpztIFRD6Gm3r4Yl3oFnQgZnKgIQZ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation
1622234043862937
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Mon, 25 Jul 2022 23:56:27 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 02:01:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
77902
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P7
X-Amz-Cf-Id
tSWaE0-LYgtsLVSwzzmF14Y-JBQYeaHvw3F3fEAlGLLmHECCzbBYMA==
A1304920-7676-40c5-9812-43f71a4d287e1.js
d.impactradius-event.com/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.impactradius-event.com/A1304920-7676-40c5-9812-43f71a4d287e1.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycduKmJFWe6f3YKxDiCJJ9H2wIce3wdi1jYZGOTyOaaBN7JUH2cG5ETxBFOBu3zfJmZmpQpBfCJ9hTHDXArrdz8R6Tw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13115
last-modified
Mon, 25 Oct 2021 14:14:02 GMT
server
UploadServer
etag
"2c6efde33ef386577e927634502efe1a"
vary
Accept-Encoding
x-goog-hash
crc32c=v/i33w==, md5=LG794z7zhld+knY0UC7+Gg==
x-goog-generation
1635171242474403
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
13115
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Mon, 25 Jul 2022 23:44:52 GMT
pixel.js
www.redditstatic.com/ads/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 19 Jul 2022 22:48:09 GMT
server
snooserv
etag
"95212d33cfff78ad59f5af5b20c48c53"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges
bytes
content-encoding
gzip
content-length
7722
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c239 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Mon, 25 Jul 2022 23:39:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Apr 2022 08:41:42 GMT
Server
AmazonS3
x-amz-request-id
QBCZFTPJZQS2RA4D
ETag
"08179f9adc55b98cc307cd6770e123ad"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1693
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11541
x-amz-id-2
k439erDrxRlBvl+9nyRArbeTMb0ltPoYKyytjhOOcSqARr8XKoelk/SPJveoUhLmqSV6DlUUVY4=
Expires
Tue, 26 Jul 2022 00:08:05 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		141 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9G7VNRC77U60GOTBT20&lib=ttq
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-99.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
a4900206.7c98a65
date
Mon, 25 Jul 2022 23:39:52 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-219.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-240-35.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
106,2.16.240.35
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=19, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
202207252339520100040030077350020250DE1BE5B
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,23.220.104.219
x-tt-trace-host
01a828f9d3649cf64498c4759433165bfecdd9b564a3fb0d4fd4aad00e790cac27032f2ba0c72cc7698b5354d6676f06c488c8be80267f79647d8d9d2dcc1827258fb0faef6831d409d576adea35a919b3e4d3c5279d3b8bd6ecea8c16ed4f1176
expires
Mon, 25 Jul 2022 23:39:52 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		141 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CB6TC3JC77UFIN9HHQVG&lib=ttq
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-99.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:52 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20220725233952010002007637004005006003024100AE406
vary
Accept-Encoding
x-cache
TCP_MISS from a2-16-240-35.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
103,2.16.240.35
x-tt-trace-host
01a828f9d3649cf64498c4759433165bfeff10e2c9131ccde07bda63720f664208d04521ea8db2485a9424690a4ec69806728b3e8666e07cbdfe9dabe899dc11c0da499153bcb6788ee76a5795a65ad09e
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=103
x-akamai-request-id
7c98a66
expires
Mon, 25 Jul 2022 23:39:52 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
server
cafe
etag
9823212955285023900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Jul 2022 23:39:52 GMT
/
data.adxcel-ec2.com/pixel/ 		0
0
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=560310507&u=3822710773049949&v=5421361111146146&s=1219627283200419&b=web&tv=4.0&z=0&h=%2Fregister&q=%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&d=ibotta.com&t=Register%20%7C%20Ibotta&ts=1658792392401&st=1658792392403
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.110.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-110-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:53 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.66
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
WfSndNd4qL3U0cFGNKy4TDhwqT+yfchTP1Kzk6E6KdU+yIJSkGkzm0Or9Sxe54wj5NADykuhURei24AF/qOqfg==
x-frame-options
DENY
date
Mon, 25 Jul 2022 23:39:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1919782858327617
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1919782858327617?v=2.9.66&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
DdPxfjMKSd8SzfqTkHC77EQvaDxERv0JhJujxq0hmzAs9aWJgrXgW8XnxYGu7AlLIGw0Azyn2zcTX/ciy2qhZg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 25 Jul 2022 23:39:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658792392560
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1658792392486&url=https%3A%2F%2Fibotta.com%2Fregister%3Faf_channel%3DMobile%2520App%26friend_code%3Diyuviul%26shortlink%3D1005cd3f%26pi...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1658792392486&url=https%3A%2F%2Fibotta.com%2Fregister%3Faf_channel%3DMobile%2520App%26friend_code%3Diyuviul%26shortlink%3D1005cd3f%26p...
0
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2047250851&t=pageview&_s=1&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&dr=&dp=%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&ul=en-us&de=UTF-8&dt=Register%20%7C%20Ibotta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADAAAAAC~&jid=998803616&gjid=170868105&cid=1347777858.1658792392&tid=UA-29017381-1&_gid=2076103865.1658792392&_r=1&gtm=2wg7k0WDDWDQ&cd8=GTM-WDDWDQ&cd9=199&cd10=&cd12=Mon%20Jul%2025%202022%2023%3A39%3A52%20GMT%2B0000%20(GMT)&cd13=1658792392363.n4f4wjv&cd14=0&cd15=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36&cd16=English&cd17=desktop&cd18=GA%20Page%20View%20-%20Core%20Page%20View&cd20=1347777858.1658792392&cd21=1347777858.1658792392&z=747037748
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ibotta.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
5a28e627
dvqigh9b7wa32.cloudfront.net/ 		43 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49YWI0MGI5ODktMjEzMi00NmY5LWI4YjUtOTc0NGZkOWZlNDgxJnNlc3Npb25JZD1mMzdmYTNkZi04ODEyLTA0MGUtYjlhOC01MTZlMmIxNzEyYjU%3D&date=1658792392499
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-2.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 06:11:09 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
62924
x-cache
Hit from cloudfront
content-length
43
last-modified
Wed, 08 Mar 2017 06:19:28 GMT
server
AmazonS3
etag
"fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
NzW0mAOY__o4Zzvl6u2_vPqUDD_IPzlgzGyciVWErWoTCjbWjjeHqA==
5a28e627
d330aiyvva2oww.cloudfront.net/ 		43 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE1JnRva2VuPWFiNDBiOTg5LTIxMzItNDZmOS1iOGI1LTk3NDRmZDlmZTQ4MSZzZXNzaW9uSWQ9ZjM3ZmEzZGYtODgxMi0wNDBlLWI5YTgtNTE2ZTJiMTcxMmI1&date=1658792392499
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7e00:3:760:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 06:31:20 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
61713
x-cache
Hit from cloudfront
content-length
43
last-modified
Wed, 08 Mar 2017 06:19:28 GMT
server
AmazonS3
etag
"fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
IV2VipAKsIoGUB2PyeWgt69Am0eP1AOL3mH_Cbtc22TuZ4E74JwRnw==
5a28e627
d1lu3pmaz2ilpx.cloudfront.net/ 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49YWI0MGI5ODktMjEzMi00NmY5LWI4YjUtOTc0NGZkOWZlNDgxJnNlc3Npb25JZD1mMzdmYTNkZi04ODEyLTA0MGUtYjlhOC01MTZlMmIxNzEyYjUmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRmlib3R0YS5jb20lMkZyZWdpc3RlciUzRmZyaWVuZF9jb2RlJTNEaXl1dml1bCUyNnNob3J0bGluayUzRDEwMDVjZDNmJTI2cGlkJTNETW9iaWxlJTI1MjBBcHAlMjZhZl9jaGFubmVsJTNETW9iaWxlJTI1MjBBcHA%3D&date=1658792392502
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:ea00:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 06:36:12 GMT
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
vary
Origin
age
61421
x-cache
Hit from cloudfront
content-length
43
last-modified
Wed, 08 Mar 2017 06:19:28 GMT
server
AmazonS3
etag
"fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
aX8hBgIffELCnQ6vXE_Blc_ITxJsmpLZamM7HyDHBgpjALEiYRZsOQ==
collect
region1.google-analytics.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=2oe7k0&_p=2047250851&_z=ccd.v9B&cid=1347777858.1658792392&ul=en-us&sr=1600x1200&_s=1&sid=1658792392&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&dt=Register%20%7C%20Ibotta&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ibotta.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-29017381-1&cid=1347777858.1658792392&jid=998803616&gjid=170868105&_gid=2076103865.1658792392&_u=aGBAAUACAAAAAC~&z=1037262872
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 25 Jul 2022 23:39:52 GMT
content-type
text/plain
access-control-allow-origin
https://ibotta.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame FFA2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=ibotta.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 25 Jul 2022 23:39:52 GMT
server-processing-duration-in-ticks
3177
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
modules.6a5da0d590df764ca613.js
script.hotjar.com/ 		247 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6a5da0d590df764ca613.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2893975.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-45.dus51.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 09:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
396047
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64657
access-control-allow-origin
*
last-modified
Thu, 21 Jul 2022 09:39:03 GMT
etag
"2bddb6ee72f2a47166ed0f5f35ee713b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
EAw6SnWOkusPEDsSg1aLh_APVlXNEM0Z-6dpJ3HxPnaKQ-cYqvbDkQ==
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1919782858327617&ev=PageView&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&rl=&if=false&ts=1658792392642&sw=1600&sh=1200&v=2.9.66&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1658792392641.1689095554&it=1658792392476&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 25 Jul 2022 23:39:52 GMT
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Jul 2022 23:39:53 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server
Google Frontend
access-control-allow-headers
Content-Type, Accept
x-powered-by
Express
access-control-allow-methods
GET, POST
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
eebb0c70068a6ef6065c277706ddc3b0
function-execution-id
ilauut9msn9l
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 23:39:52 GMT
etag
W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id
voirqmc03kuy
server
Google Frontend
x-cloud-trace-context
8ad9cb74f329a3a0ca28b87302c720b0
x-powered-by
Express
box-0004cb77850b00d4aa7e1e08ff61e8f0.html
vars.hotjar.com/ Frame DC62 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2893975.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-7.dus51.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
898065
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 14:12:07 GMT
etag
"d2caf2e569940c65a88268a169f3facf"
last-modified
Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-amz-cf-id
WEXgXo6RmFz1CTIvvoN23qJQV8IHOsGTI2laC91qlJgn2mvYttuBkA==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-robots-tag
none
main.32155010.js
s.pinimg.com/ct/lib/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.32155010.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:52 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"fd86de14455274a7c147dc95b77e18e3"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
18298
access-control-expose-headers
X-CDN
11041900.js
bat.bing.com/p/action/ 		828 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/11041900.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9C152D73D48144399C3E02A9D3753026 Ref B: FRAEDGE1217 Ref C: 2022-07-25T23:39:52Z
date
Mon, 25 Jul 2022 23:39:52 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
571
0
bat.bing.com/action/ 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=11041900&Ver=2&mid=f9928e09-6a58-4f3e-97e8-bb10ab4a07ec&sid=14bfa8c00c7311eda97159d7bdb70c5f&vid=14bfcdb00c7311ed87e27f8f3c5efb9a&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Register%20%7C%20Ibotta&p=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&r=&lt=1250&evt=pageLoad&msclkid=N&sv=1&rn=954733
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 15B5848CC3734A95A27F038355001220 Ref B: FRAEDGE1217 Ref C: 2022-07-25T23:39:52Z
date
Mon, 25 Jul 2022 23:39:52 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-29017381-1&cid=1347777858.1658792392&jid=998803616&_u=aGBAAUACAAAAAC~&z=1501357020
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-29017381-1&cid=1347777858.1658792392&jid=998803616&_u=aGBAAUACAAAAAC~&z=1501357020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ 		488 B
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2615531578369&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A0%7D&cb=1658792392749
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.108.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.3c580317.1658792393.18747a8c
x-envoy-upstream-service-time
1
x-pinterest-rid
1793859210048694
pin-unauth
dWlkPU56TXpObVl3TTJZdFltSTVOaTAwWkdGakxXSTJaVFF0WkdOa05qVmhaVEF5WkdZeQ
access-control-allow-origin
https://ibotta.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
350
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2615531578369&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A0%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1658792392750
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.108.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:53 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.3c580317.1658792393.18747a8e
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
2010311149609014
expires
Sat, 01 Jan 2000 00:00:00 GMT
j
rp.liadm.com/ 		0
0
sid
mug.criteo.com/ Frame FFA2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=ibotta.com&sn=ChromeSyncframe&so=0&topUrl=ibotta.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Xe6fkHx1VS9XRmxjWWRRb0FuSmVvVWdVajBkUHhXT0tuaE1sUmJnWWQ2ei80OE1Sb2NIbmIyZUlDcXBDNjVDNjFrdHQvWjQ5d2tBa0ZtcmRkM0FiL1NpTmhKSUd4aEY1Qnh0SHNCa3JyekRKTVB2OHdQUXdaZmdCamFxNz...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Xe6fkHx1VS9XRmxjWWRRb0FuSmVvVWdVajBkUHhXT0tuaE1sUmJnWWQ2ei80OE1Sb2NIbmIyZUlDcXBDNjVDNjFrdHQvWjQ5d2tBa0ZtcmRkM0FiL1NpTmhKSUd4aEY1Qnh0SHNCa3JyekRKTVB2OHdQUXdaZmdCamFxNzgweFM4YllrdkNtMWRlRnQ5RktQbnh0MUlxSGNGaUJoaEtrRlUwQUxYSmh0SHBaNWw0aDdhZ2JHdlNmQTc4TVJXNCtUZGdCSHkvMlI1SXN5NjZCUDRhbkJTVlRtY0VRTXZwc0lmL05QSXJKaVluSUFGdzVDRm9xR2tIRlB6MWxTYnFzUzRQSTFaU0ZBZTgybHRid3dYS2NTL0tnZlUzUT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:53 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3845
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:52 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=Xe6fkHx1VS9XRmxjWWRRb0FuSmVvVWdVajBkUHhXT0tuaE1sUmJnWWQ2ei80OE1Sb2NIbmIyZUlDcXBDNjVDNjFrdHQvWjQ5d2tBa0ZtcmRkM0FiL1NpTmhKSUd4aEY1Qnh0SHNCa3JyekRKTVB2OHdQUXdaZmdCamFxNzgweFM4YllrdkNtMWRlRnQ5RktQbnh0MUlxSGNGaUJoaEtrRlUwQUxYSmh0SHBaNWw0aDdhZ2JHdlNmQTc4TVJXNCtUZGdCSHkvMlI1SXN5NjZCUDRhbkJTVlRtY0VRTXZwc0lmL05QSXJKaVluSUFGdzVDRm9xR2tIRlB6MWxTYnFzUzRQSTFaU0ZBZTgybHRid3dYS2NTL0tnZlUzUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1976
content-length
541
expires
0
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1658792392848&id=t2_jywjdw7o&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=69d83894-e18f-4793-bb7f-34180384b2a1&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:53 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
advertiser
cm.teads.tv/v2/ 		81 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&advertiser_id=34918
Requested by
Host: ibotta.com
URL: https://ibotta.com/js/chunk-vendors.ea461c68.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.90.105.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-105-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Jul 2022 23:39:53 GMT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ibotta.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
81
Expires
Mon, 25 Jul 2022 23:39:53 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/926984635/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/926984635/?random=1658792392851&cv=9&fst=1658792392851&num=1&label=2-KHCMGBzGYQu9OCugM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&tiba=Register%20%7C%20Ibotta&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1120
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame C23B 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=c4z9ofs&ref=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&upid=3mhtzqi&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Mon, 25 Jul 2022 23:39:53 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
identify.js
analytics.tiktok.com/i18n/pixel/ 		17 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9G7VNRC77U60GOTBT20&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-99.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:53 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2022072523395301000200773500201209D9200A
vary
Accept-Encoding
x-cache
TCP_MISS from a2-16-240-35.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
94,2.16.240.35
x-tt-trace-host
01a828f9d3649cf64498c4759433165bfeff10e2c9131ccde07bda63720f664208238435f0dc16d98ae7e363621e3d28c1deb3794a5060b2b72c9c28664d49a09109263b1315bfe4e43adb0b9874ac4251
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=94
x-akamai-request-id
7c98a9f
expires
Mon, 25 Jul 2022 23:39:53 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C9G7VNRC77U60GOTBT20&hostname=ibotta.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9G7VNRC77U60GOTBT20&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-99.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
cbe8528.7c98aa7
date
Mon, 25 Jul 2022 23:39:53 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-240-35.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
96,2.16.240.35
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
2022072523395301000400300773500204209112D34
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.220.104.204
x-tt-trace-host
01a828f9d3649cf64498c4759433165bfecdd9b564a3fb0d4fd4aad00e790cac2707b861a95bbefb9ebac9535dcc18886a5d28d4a876d27b3c7e439a5a983eadbe8ed4cd28dd921245c1a84d1f6c3bcef8095b8837a5f31ddc3782f0f4431cb7b8
expires
Mon, 25 Jul 2022 23:39:53 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		874 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CB6TC3JC77UFIN9HHQVG&hostname=ibotta.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9G7VNRC77U60GOTBT20&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-99.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
7c98aa8
date
Mon, 25 Jul 2022 23:39:53 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-240-35.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=99
content-length
352
pragma
no-cache
server
nginx
x-tt-logid
20220725233953010002007735002018020C9760
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
99,2.16.240.35
x-tt-trace-host
01a828f9d3649cf64498c4759433165bfeff10e2c9131ccde07bda63720f66420886f0c13c49d7517e748ca61754cb4d7a688b344a6d2b3adddab02303335c83c5167ae15da029bac64cadbceda2c95a00
expires
Mon, 25 Jul 2022 23:39:53 GMT
11041900
www.clarity.ms/tag/uet/ 		0
0
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1919782858327617&ev=Microdata&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&rl=&if=false&ts=1658792393149&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Register%20%7C%20Ibotta%22%2C%22meta%3Adescription%22%3A%22Better%20than%20coupons!%20Earn%20real%20cash%20back%20on%20your%20everyday%20purchases%20%E2%80%94%20in-store%20and%20online.%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fhome.ibotta.com%2Fwp-content%2Fuploads%2F2019%2F11%2Ffeatured-ibotta.png%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Better%20than%20coupons!%20Earn%20real%20cash%20back%20on%20your%20everyday%20purchases%20%E2%80%94%20in-store%20and%20online.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.66&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1658792392641.1689095554&it=1658792392476&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 25 Jul 2022 23:39:53 GMT
visit-data
in.hotjar.com/api/v2/client/sites/2893975/ 		0
0
/
www.google.com/pagead/1p-user-list/926984635/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/926984635/?random=1658792392851&cv=9&fst=1658790000000&num=1&label=2-KHCMGBzGYQu9OCugM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&frm=0&url=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&tiba=Register%20%7C%20Ibotta&async=1&fmt=3&is_vtc=1&random=127292288&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/926984635/ 		0
0
track
t.teads.tv/ 		0
0
4322119f-14bd-43af-8ad7-c432081a3b82
https://ibotta.com/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ibotta.com/4322119f-14bd-43af-8ad7-c432081a3b82
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibotta.com/register?friend_code=iyuviul&shortlink=1005cd3f&pid=Mobile%20App&af_channel=Mobile%20App
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
17224
Content-Type
application/javascript
pixel
analytics.tiktok.com/api/v2/ 		0
0
pixel
analytics.tiktok.com/api/v2/ 		0
0
collect
region1.google-analytics.com/g/ 		0
0
0
bat.bing.com/actionp/ 		0
0
pubd08f056573c4b96db239f3180e7d6da8
rum-http-intake.logs.datadoghq.com/v1/input/ 		0
0
track
t.teads.tv/ 		0
0
iev
csm.nl.eu.criteo.net/ Frame FFA2 		0
0
iex
csm.nl.eu.criteo.net/ Frame FFA2 		0
0
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.59.32/css/ 		223 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.59.32/css/main.cdn.min.css
Requested by
Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.98.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-98-49.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
694ecb38cee2a1fc1cdbd79bdf4d25b1796a1d7b0101d6283e1d660eb7032a5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 00:52:23 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 19:32:05 GMT
server
AmazonS3
age
82051
etag
W/"a133312497ed99ec2aa3b4d709346d0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
1Z_ZbcNCJGiuDwHBGcQ9.Y3tjj1izSmq
via
1.1 c7331ab95afecf4071ad214632e5f042.cloudfront.net (CloudFront)
cache-control
max-age=2628000,public
x-amz-replication-status
FAILED
x-amz-cf-pop
TXL50-P3
content-type
text/css
x-amz-cf-id
LUS2bDh2xZ2rukebp29G5s9DBDGEtw7rnOvUnSw9nqP0204daEPycw==
IbottaLogo_Primary_Pink.png
home.ibotta.com/wp-content/uploads/2019/06/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.ibotta.com/wp-content/uploads/2019/06/IbottaLogo_Primary_Pink.png
Requested by
Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.224.31.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.31.224.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7b732521610bdffdcdfdc3f768a08932dbe89ed3e3d8be639645146f7f8e19bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:53 GMT
last-modified
Tue, 19 Jul 2022 05:19:46 GMT
server
nginx
etag
"62d63ef2-4305"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17157
heap-560310507.js
cdn.heapanalytics.com/js/ 		114 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-560310507.js
Requested by
Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-47.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
fdf725f4fd912114c7a723790c29f7b87dce32d1dd9ae5860400a92e0eec5ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:38:20 GMT
content-encoding
gzip
server
nginx
age
93
etag
W/"1c9ae-WDvhHRHtGpkllg/JnzI66g"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 6ffd9144e1bc0d7518dfec3f04843cdc.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
TXL50-P2
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
P9qpkNfm66IRdzWAhgZVFvsBNZT25OBawybdfGloPnnnKUjYY7HjlA==
quantum-ibotta.js
cdn.quantummetric.com/qscripts/ 		226 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Requested by
Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d87c191f8457236f3e8de4139c41bdb9b7ce6c08dd3cd1febe0db928d3063dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:53 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1
etag
W/"165833424999316575519327471658736002514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000
cf-ray
7308bccbef5f23f7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.js
www.recaptcha.net/recaptcha/ 		920 B
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?hl=en&onload=recaptchaCallback_128508
Requested by
Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9c424590082aa22e4be4437529150e29842e330e5c17578fea9d45949f945712
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
582
x-xss-protection
1; mode=block
expires
Mon, 25 Jul 2022 23:39:53 GMT
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin
https://authenticate.ibotta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
h
heapanalytics.com/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=560310507&u=3822710773049949&v=4964450769907747&s=1219627283200419&b=web&tv=4.0&z=2&h=%2Fu%2Fsignup&q=%3Fstate%3DhKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08&d=authenticate.ibotta.com&t=Sign%20up%20%7C%20Web%20%26%20BEX&ts=1658792393631&sp=ts&sp=1658792392401&sp=d&sp=ibotta.com&sp=h&sp=%2Fregister&sp=q&sp=%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&st=1658792393632
Requested by
Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.110.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-110-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:39:53 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
recaptcha__en.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?hl=en&onload=recaptchaCallback_128508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1623c971db0db2b388998de397f9705778141f903b0cfc30f5e76d0ae2cd0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://authenticate.ibotta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 22:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146050
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Jul 2023 22:32:20 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 1C72 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB&co=aHR0cHM6Ly9hdXRoZW50aWNhdGUuaWJvdHRhLmNvbTo0NDM.&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=normal&cb=nyoim390d592
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
21ca4e433e588dd240545e805ac2ccf72b2bf19f55fb64870b4653d488fe6a01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jgxWu044ZWttUbwlJEgF0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22795
content-security-policy
script-src 'report-sample' 'nonce-jgxWu044ZWttUbwlJEgF0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 25 Jul 2022 23:39:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 1C72 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB&co=aHR0cHM6Ly9hdXRoZW50aWNhdGUuaWJvdHRhLmNvbTo0NDM.&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=normal&cb=nyoim390d592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 22:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Jul 2023 22:32:19 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 1C72 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB&co=aHR0cHM6Ly9hdXRoZW50aWNhdGUuaWJvdHRhLmNvbTo0NDM.&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=normal&cb=nyoim390d592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1623c971db0db2b388998de397f9705778141f903b0cfc30f5e76d0ae2cd0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 22:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146050
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Jul 2023 22:32:20 GMT
truncated
/ Frame 1C72 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1C72 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1C72 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 19:40:09 GMT
x-content-type-options
nosniff
age
359984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 28 Jul 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C72 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB&co=aHR0cHM6Ly9hdXRoZW50aWNhdGUuaWJvdHRhLmNvbTo0NDM.&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=normal&cb=nyoim390d592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 17:06:41 GMT
x-content-type-options
nosniff
age
541993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Jul 2023 17:06:41 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 1C72 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB&co=aHR0cHM6Ly9hdXRoZW50aWNhdGUuaWJvdHRhLmNvbTo0NDM.&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=normal&cb=nyoim390d592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e188004f0a39aabe846e187d7aedb30407c55e6d567c3317ae9566313dc58100
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB&co=aHR0cHM6Ly9hdXRoZW50aWNhdGUuaWJvdHRhLmNvbTo0NDM.&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=normal&cb=nyoim390d592
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 25 Jul 2022 23:39:54 GMT
bframe
www.recaptcha.net/recaptcha/api2/ Frame 1F69 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5a21285f0be0eea74792bbb77da0a110ba434fa1ec66d45a35b675a5776e7cdb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O-I2PCVPu_V-qBTkbIVLVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1116
content-security-policy
script-src 'report-sample' 'nonce-O-I2PCVPu_V-qBTkbIVLVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 25 Jul 2022 23:39:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
a58a9778-c281-48f0-9215-0341017a12f0
https://authenticate.ibotta.com/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://authenticate.ibotta.com/a58a9778-c281-48f0-9215-0341017a12f0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b939eec497bda2f6fde6541be0e8b378d151160ad677629c9b4be7819ce0ba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://authenticate.ibotta.com/u/signup?state=hKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
17224
Content-Type
application/javascript
styles__ltr.css
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 1F69 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 22:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Jul 2023 22:32:19 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 1F69 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&k=6LdkbLMaAAAAAKnnd6z4LPH1voJynPoRKJKws3XB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1623c971db0db2b388998de397f9705778141f903b0cfc30f5e76d0ae2cd0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 22:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146050
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Jul 2023 22:32:20 GMT
/
ibotta-app.quantummetric.com/ 		90 B
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibotta-app.quantummetric.com/?T=B&u=https%3A%2F%2Fauthenticate.ibotta.com%2Fu%2Fsignup%3Fstate%3DhKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08&t=1658792394136&v=1658792394661&z=1&S=0&N=0&P=0
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.197.43.56 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
56.43.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
02dccd87dca145297e1ee9d6c1e94c544b602f7fad683dfaf34a42336d49b507
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Jul 2022 23:39:55 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://authenticate.ibotta.com
access-control-allow-credentials
true
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
strict-transport-security
max-age=31536000; includeSubDomains;
x-robots-tag
noindex
/
ibotta-app.quantummetric.com/ 		0
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibotta-app.quantummetric.com/?T=B&u=https%3A%2F%2Fauthenticate.ibotta.com%2Fu%2Fsignup%3Fstate%3DhKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08&t=1658792394136&v=1658792394662&z=1&Q=1&Y=1&X=2532fdbe59f64bb19d5be5601be4e7be
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.197.43.56 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
56.43.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Jul 2022 23:39:55 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains;
content-type
application/json
access-control-allow-origin
https://authenticate.ibotta.com
access-control-allow-credentials
true
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag
noindex
content-length
0
/
ibotta-app.quantummetric.com/ 		28 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibotta-app.quantummetric.com/?s=3851682c2a0f14d0ba354f2b4e1144c0&H=8c4976b340c826272b1fda64&Q=3
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.197.43.56 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
56.43.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:39:55 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://authenticate.ibotta.com
access-control-allow-credentials
true
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
strict-transport-security
max-age=31536000; includeSubDomains;
x-robots-tag
noindex
/
ibotta-app.quantummetric.com/ 		0
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibotta-app.quantummetric.com/?T=B&u=https%3A%2F%2Fauthenticate.ibotta.com%2Fu%2Fsignup%3Fstate%3DhKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08&t=1658792394136&v=1658792395588&H=8c4976b340c826272b1fda64&s=3851682c2a0f14d0ba354f2b4e1144c0&U=3f0389e4a43a7ea4ecae97f6ca115c75&z=1&Q=2&S=0&N=0
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.197.43.56 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
56.43.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Jul 2022 23:39:55 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains;
content-type
application/json
access-control-allow-origin
https://authenticate.ibotta.com
access-control-allow-credentials
true
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag
noindex
content-length
0
/
ibotta-app.quantummetric.com/ 		0
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibotta-app.quantummetric.com/?T=B&u=https%3A%2F%2Fauthenticate.ibotta.com%2Fu%2Fsignup%3Fstate%3DhKFo2SB1UkZDeW1TSDEycVJQdjlOeFhGS1lsSzFhNzhtV2RhMaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGR2TEdQMGduTTNldGlKeHJCQ2xTN1doYThPdjFiX1I0o2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08&t=1658792394136&v=1658792395752&H=8c4976b340c826272b1fda64&s=3851682c2a0f14d0ba354f2b4e1144c0&z=1&S=1104&N=2&P=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.197.43.56 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
56.43.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Jul 2022 23:39:55 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains;
content-type
application/json
access-control-allow-origin
https://authenticate.ibotta.com
access-control-allow-credentials
true
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag
noindex
content-length
0
hash-check
rl.quantummetric.com/ibotta/ 		2 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rl.quantummetric.com/ibotta/hash-check
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
160.3.66.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Jul 2022 23:39:56 GMT
vary
Origin
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://authenticate.ibotta.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
content-length
2
hash-check
rl.quantummetric.com/ibotta/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rl.quantummetric.com/ibotta/hash-check
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
160.3.66.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://authenticate.ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
https://authenticate.ibotta.com
content-length
0
date
Mon, 25 Jul 2022 23:39:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
data.adxcel-ec2.com
URL
https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=misc&pixid=380ca1d0-4cad-4a81-93f9-09ffcb719de9&gtmcb=1884042793
Domain
px4.ads.linkedin.com
URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1658792392486&url=https%3A%2F%2Fibotta.com%2Fregister%3Faf_channel%3DMobile%2520App%26friend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App&e_ipv6=AQLiXkoKnywXmwAAAYI3uzk_CBkwo6Dpu5_df43y9j-rR8vDEP2Y0FG4VlnRa6FrRTcvMG4sfw
Domain
rp.liadm.com
URL
https://rp.liadm.com/j?dtstmp=1658792392801&aid=a-0320&se=e30&duid=4564d05c840b--01g8vvpdze1ap4n9q01995vd94&tna=v2.4.0&pu=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJldHRlciB0aGFuIGNvdXBvbnMhIEVhcm4gcmVhbCBjYXNoIGJhY2sgb24geW91ciBldmVyeWRheSBwdXJjaGFzZXMg4oCUIGluLXN0b3JlIGFuZCBvbmxpbmUuIj48dGl0bGU-UmVnaXN0ZXIgfCBJYm90dGE8L3RpdGxlPg
Domain
www.clarity.ms
URL
https://www.clarity.ms/tag/uet/11041900
Domain
in.hotjar.com
URL
https://in.hotjar.com/api/v2/client/sites/2893975/visit-data?sv=7
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/926984635/?random=1658792392851&cv=9&fst=1658790000000&num=1&label=2-KHCMGBzGYQu9OCugM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&frm=0&url=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&tiba=Register%20%7C%20Ibotta&async=1&fmt=3&is_vtc=1&random=127292288&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Domain
t.teads.tv
URL
https://t.teads.tv/track?action=pageView&env=js-web&tag_version=5.5.4_dee72da&advertiser_id=34918&referer=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&cohort_id=Register%20%7C%20Ibotta
Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/api/v2/pixel
Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/api/v2/pixel
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=2oe7k0&_p=2047250851&_z=ccd.v9B&cid=1347777858.1658792392&ul=en-us&sr=1600x1200&_s=2&sid=1658792392&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&dt=Register%20%7C%20Ibotta&en=scroll&ep.debug_mode=true&epn.percent_scrolled=90&_et=7
Domain
bat.bing.com
URL
https://bat.bing.com/actionp/0?ti=11041900&Ver=2&mid=f9928e09-6a58-4f3e-97e8-bb10ab4a07ec&sid=14bfa8c00c7311eda97159d7bdb70c5f&vid=14bfcdb00c7311ed87e27f8f3c5efb9a&vids=1&evt=pageHide
Domain
rum-http-intake.logs.datadoghq.com
URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubd08f056573c4b96db239f3180e7d6da8?ddsource=browser&ddtags=sdk_version%3A3.6.11%2Cenv%3Aproduction%2Cservice%3Aweb_v2%2Cversion%3A2.589.0&batch_time=1658792393261
Domain
t.teads.tv
URL
https://t.teads.tv/track?action=timeSpent&env=js-web&tag_version=5.5.4_dee72da&advertiser_id=34918&referer=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App&cohort_id=Register%20%7C%20Ibotta
Domain
csm.nl.eu.criteo.net
URL
https://csm.nl.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1
Domain
csm.nl.eu.criteo.net
URL
https://csm.nl.eu.criteo.net/iex?gPath=Gum.ChromeSyncframe.SidReadError&msg=Failed%20to%20fetch&tag=Gum&tag=ChromeSyncframe&tag=SidReadError

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| heap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| qmErrString function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| consoleError object| recaptcha object| closure_lm_832854 function| qmflate function| _QuantumMetricSymbol

55 Cookies

Domain/Path Name / Value
.ibotta.com/ Name: %40%40
Value: 1
ibotta.com/ Name: _dd_s
Value: rum=1&id=6d5cafae-7b9d-4d26-9d12-fd2781b28d5a&created=1658792391401&expire=1658793291401
ibotta.com/ Name: gsi
Value: 4e33b220e2f243839b03b741b7a8d8bc
ibotta.com/ Name: early_identifier
Value: 88b77393eed7497c9f95fce521a54990
.ibotta.com/ Name: vuex
Value: {%22user%22:null}
apps.rokt.com/ Name: RoktRecogniser
Value: 16f1166c-e2b8-4d25-9c44-0e75a0dcf2c4
ibotta.com/ Name: RoktRecogniser
Value: fd1992ec-9203-4c04-99ba-6c0eb9eb6876
apps.rokt.com/ Name: akaalb_Instance-1
Value: ~op=Prod_API:Prod-API-EU-West-1|Prod_WSDK_S3:Prod-SDK-S3|~rv=16~m=Prod-API-EU-West-1:0|Prod-SDK-S3:0|~os=141f223fa3e939d66e4926adb7c49b34~id=7e3188ba1373309497e854cf054db3d2
ibotta.com/ Name: ib-a0-fg
Value: true
authenticate.ibotta.com/ Name: did
Value: s%3Av0%3A14563600-0c73-11ed-b2e6-03c2f909dea0.QSDea03A8M%2BvictPj00kpV%2Fl9G0%2FD9P3SbNG9wKC2LM
authenticate.ibotta.com/ Name: did_compat
Value: s%3Av0%3A14563600-0c73-11ed-b2e6-03c2f909dea0.QSDea03A8M%2BvictPj00kpV%2Fl9G0%2FD9P3SbNG9wKC2LM
ibotta.com/ Name: ibotta-ts
Value: {%22exp%22:1658794192162%2C%22id%22:%220d844bdb-934b-4edb-bb91-57ccd710c503%22%2C%22timestamp%22:1658792392162}
.ibotta.com/ Name: _gcl_au
Value: 1.1.370782590.1658792392
.ibotta.com/ Name: _gid
Value: GA1.2.2076103865.1658792392
.ibotta.com/ Name: _gat_UA-29017381-1
Value: 1
ibotta.com/ Name: tatari-cookie-test
Value: 9459076
.ibotta.com/ Name: t-ip
Value: 1
.ibotta.com/ Name: tatari-session-cookie
Value: f37fa3df-8812-040e-b9a8-516e2b1712b5
.ibotta.com/ Name: _ga_GT6GKTE2DV
Value: GS1.1.1658792392.1.0.1658792392.0
.ibotta.com/ Name: _ga
Value: GA1.1.1347777858.1658792392
.ibotta.com/ Name: _fbp
Value: fb.1.1658792392641.1689095554
ibotta.com/ Name: __pdst
Value: b2c848ffb3b445558336fc95173659a5
.ibotta.com/ Name: _li_dcdm_c
Value: .ibotta.com
.ibotta.com/ Name: _lc2_fpi
Value: 4564d05c840b--01g8vvpdze1ap4n9q01995vd94
.bing.com/ Name: MUID
Value: 1C72650D3D9861D7384F74E13C4A60E8
.ibotta.com/ Name: _uetsid
Value: 14bfa8c00c7311eda97159d7bdb70c5f
.ibotta.com/ Name: _uetvid
Value: 14bfcdb00c7311ed87e27f8f3c5efb9a
authenticate.ibotta.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAdJ87uazqzVigNa0OwEOKHwrjv96yFBckatZop5NHN6r_QQDMymdD76y7OUWaj73m0pVaqcVvstdPRvng5pKAmmY29va2llg6dleHBpcmVz1_-nm7cAYuMeSK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.DiAEG9ysCv0bKkRqdxaVjK4P3WMrDh5%2F2E6QM0KWoWM
authenticate.ibotta.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAdJ87uazqzVigNa0OwEOKHwrjv96yFBckatZop5NHN6r_QQDMymdD76y7OUWaj73m0pVaqcVvstdPRvng5pKAmmY29va2llg6dleHBpcmVz1_-nm7cAYuMeSK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.DiAEG9ysCv0bKkRqdxaVjK4P3WMrDh5%2F2E6QM0KWoWM
.criteo.com/ Name: uid
Value: b73cc2a2-825d-454a-8b98-8877efd0819a
.ibotta.com/ Name: _rdt_uuid
Value: 1658792392847.69d83894-e18f-4793-bb7f-34180384b2a1
.ibotta.com/ Name: IR_gbd
Value: ibotta.com
.ibotta.com/ Name: IR_8841
Value: 1658792392907%7C0%7C1658792392907%7C%7C
.facebook.com/ Name: fr
Value: 0DXE9LodpQIPBxd09..Bi3ynI...1.0.Bi3ynI.
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&fbc5c448-fc9e-4cbc-8338-271ee748ef7e"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTg3OTIzOTM7MjswMjEKLfRBH+j3XLM+BN4IVd5pkDSGp+sjRR/HKqzCyQ92Ag==
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2878:u=1:x=1:i=1658792393:t=1658878793:v=2:sig=AQHa161ay6796F3p158wmMamKG_QT7YF"
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ibotta.com/ Name: _hjSessionUser_2893975
Value: eyJpZCI6IjAzMzFhZmUxLTY2ODgtNTZlOS1iMzQ2LTNlMDc2NGQ4NDdlNCIsImNyZWF0ZWQiOjE2NTg3OTIzOTMxMzYsImV4aXN0aW5nIjpmYWxzZX0=
.ibotta.com/ Name: _hjFirstSeen
Value: 1
ibotta.com/ Name: _hjIncludedInSessionSample
Value: 0
.ibotta.com/ Name: _hjSession_2893975
Value: eyJpZCI6IjNhODk2MTVlLTdmYzQtNDFiYS04NTg3LTU5MTUzOTBkYzRhNSIsImNyZWF0ZWQiOjE2NTg3OTIzOTMxNTEsImluU2FtcGxlIjpmYWxzZX0=
ibotta.com/ Name: _hjIncludedInPageviewSample
Value: 1
.ibotta.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.ibotta.com/ Name: _pin_unauth
Value: dWlkPU56TXpObVl3TTJZdFltSTVOaTAwWkdGakxXSTJaVFF0WkdOa05qVmhaVEF5WkdZeQ
.ibotta.com/ Name: _hp2_ses_props.560310507
Value: %7B%22ts%22%3A1658792392401%2C%22d%22%3A%22ibotta.com%22%2C%22h%22%3A%22%2Fregister%22%2C%22q%22%3A%22%3Ffriend_code%3Diyuviul%26shortlink%3D1005cd3f%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App%22%7D
.tiktok.com/ Name: _ttp
Value: 2CSOChRQwZj97PGB1cRCP2PUPkV
.ibotta.com/ Name: _tt_enable_cookie
Value: 1
.ibotta.com/ Name: _ttp
Value: 7bfc1339-5660-4de7-9e99-ac0090ac041f
.ibotta.com/ Name: _hp2_id.560310507
Value: %7B%22userId%22%3A%223822710773049949%22%2C%22pageviewId%22%3A%224964450769907747%22%2C%22sessionId%22%3A%221219627283200419%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
ibotta-app.quantummetric.com/ Name: s
Value: 3851682c2a0f14d0ba354f2b4e1144c0
ibotta-app.quantummetric.com/ Name: U
Value: 3f0389e4a43a7ea4ecae97f6ca115c75
.ibotta.com/ Name: QuantumMetricSessionID
Value: 3851682c2a0f14d0ba354f2b4e1144c0
.ibotta.com/ Name: QuantumMetricUserID
Value: 3f0389e4a43a7ea4ecae97f6ca115c75

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.tiktok.com
api.ibops.net
app.launchdarkly.com
apps.rokt.com
authenticate.ibotta.com
b-code.liadm.com
bat.bing.com
cdn.auth0.com
cdn.heapanalytics.com
cdn.pdst.fm
cdn.quantummetric.com
clientstream.launchdarkly.com
cm.teads.tv
connect.facebook.net
csm.nl.eu.criteo.net
ct.pinterest.com
d.impactradius-event.com
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
data.adxcel-ec2.com
dvqigh9b7wa32.cloudfront.net
edge.fullstory.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
heapanalytics.com
home.ibotta.com
ibotta-app.quantummetric.com
ibotta.com
ibotta.onelink.me
in.hotjar.com
insight.adsrvr.org
js.adsrvr.org
mug.criteo.com
p.teads.tv
p.typekit.net
px4.ads.linkedin.com
region1.google-analytics.com
rl.quantummetric.com
rp.liadm.com
rs.fullstory.com
rum-http-intake.logs.datadoghq.com
s.pinimg.com
script.hotjar.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
snap.licdn.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
t.teads.tv
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
vars.hotjar.com
websdk.appsflyer.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
www.redditstatic.com
analytics.tiktok.com
bat.bing.com
csm.nl.eu.criteo.net
data.adxcel-ec2.com
in.hotjar.com
px4.ads.linkedin.com
region1.google-analytics.com
rp.liadm.com
rum-http-intake.logs.datadoghq.com
t.teads.tv
www.clarity.ms
www.google.de
104.197.43.56
104.90.105.115
108.138.15.119
108.157.4.113
108.157.4.45
108.157.4.7
13.248.151.210
13.32.118.2
142.250.185.98
151.101.194.217
151.101.65.140
172.217.16.194
178.250.2.146
18.64.103.26
18.64.79.47
18.64.98.49
2.16.241.99
2001:4860:4802:32::36
2001:4860:4802:36::36
23.3.108.241
2600:1901:0:7a0b::
2600:1f18:24e6:b901:e25d:f1d5:70aa:971
2600:9000:206f:600:17:3f5c:f800:21
2600:9000:20eb:7e00:3:760:2800:21
2600:9000:2156:e00:8:8845:1500:93a1
2600:9000:225e:ea00:17:f683:1d40:21
2600:9000:225f:0:14:fc27:88c0:93a1
2606:4700:10::6816:35fc
2606:4700::6810:aafd
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c1b::9a
2a02:2638:1::13
2a02:2638::3
2a02:26f0:480:f::213:7ed2
2a02:26f0:480:f::213:7ed3
2a02:26f0:480:f::213:7edd
2a02:26f0:ef::5c7b:c239
2a02:26f0:f7::5c7b:e0fa
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:4b::84
2a04:4e42::396
3.33.220.150
34.66.3.160
35.186.194.58
35.186.249.72
35.201.112.186
35.224.31.30
35.244.142.80
52.201.110.110
54.174.240.34
006cfe7fb3f26e9a99a8fa12e5fbd060db317ecac2cea6c35d5efc015145a1a7
02dccd87dca145297e1ee9d6c1e94c544b602f7fad683dfaf34a42336d49b507
0682a2b5a4b51833cf7ec111425962973cc3cec38724e7fc8de99e27a09c8c9c
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0fc33a319991ddb723d77e1d72ce9e1c73b58539378c16e1e9a39700c88be93f
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
1494e0b964d029bf34f09cc6cfecc5f9175b8aebf0987b2e41e5baec29dc96d7
17fd49227238fe025352bd22267f04a70777d6d5270962c581db5f3dff6b2619
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
21ca4e433e588dd240545e805ac2ccf72b2bf19f55fb64870b4653d488fe6a01
2558493bb4367df70bad3b6145ac97b3e0f8460f0dd368b79c01a5db8fd79257
349b07be72aecbe92b17729473d7c46838c7129ee03a31730b6de8d45caf766c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56fd4f80dd0053b789d37f6425b9f8c6cabe721163c77316e18efc6245f4c3d8
59afe49d8d94432df123096e0bcbad0377dd2252e89edbcb04b1d337371abf01
5a21285f0be0eea74792bbb77da0a110ba434fa1ec66d45a35b675a5776e7cdb
5ba5096c4f424253f2a89bc1c5a85d978ed05f65fd33311a6743de031f3cadd5
6276f9a7f664589b173d6d90be87231658a74e424aeb82f4a0ef6fbf86edcf15
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
6558588dc273468c6828c24942c0a698eadcc4565da9ab8d6ff3f27b58034ae6
694ecb38cee2a1fc1cdbd79bdf4d25b1796a1d7b0101d6283e1d660eb7032a5a
696fa31b050b8438b6aa9beaf9c1fc38e359cbedcf39bccfb3871c8750851797
6b939eec497bda2f6fde6541be0e8b378d151160ad677629c9b4be7819ce0ba8
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af
7908bae85fe5eb3aa7b1194d29be3f8a532778df49bde86ffcb1f67d837a5159
7b732521610bdffdcdfdc3f768a08932dbe89ed3e3d8be639645146f7f8e19bd
85270fe58dfe8886c2beff187f4bd3279cbe93fb9efeced3dfbb7c9c11f96baa
8a08c2f8e454fe179ec90eb118292c8d296a1f863ef477e66c74582bab07c2b4
99e93294c68058a65ac238ab04da6e278c9b1e7cf82caf124961e40bb3fa73b7
9c424590082aa22e4be4437529150e29842e330e5c17578fea9d45949f945712
9d6fc9399eefba8382bcb0eab383bddd35fc44fa79d134a1d70e3614dff870d5
9d87c191f8457236f3e8de4139c41bdb9b7ce6c08dd3cd1febe0db928d3063dc
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
ac917b0e777e5b18ba7f751034031aa03ae73eecae148f7bd8a5c5df8ca8f765
bb20f2bd22fd57615fb848f5ec91d2652028d683111c2023be956d689c865e42
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c6af60c995ec7207d546984c060b29ef52d331258eda3b4bc3772443e881fd94
d00d1b84250a4886d05eb8146180447a656d25ac69cf41eda4ee0b4993a1d34c
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
def585959da4272041b13f4c12a29039a10e47e7d57c7bb679751525bbebd2d4
e188004f0a39aabe846e187d7aedb30407c55e6d567c3317ae9566313dc58100
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1623c971db0db2b388998de397f9705778141f903b0cfc30f5e76d0ae2cd0bc
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8387923a7e39c9c30b9d783fde075dd969ab2ea6f81413f738158fef8304049
fdf725f4fd912114c7a723790c29f7b87dce32d1dd9ae5860400a92e0eec5ca4