urlscan.io logo urlscan.io
SecurityTrails logo

authenticate.ibotta.com Open in urlscan Pro
104.19.167.24  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ibotta.onelink.me/iUfE/8cc13c64?friend_code=frfskzv
Effective URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZI...
Submission: On April 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 3 countries across 26 domains to perform 95 HTTP transactions. The main IP is 104.19.167.24, located in and belongs to CLOUDFLARENET, US. The main domain is authenticate.ibotta.com. The Cisco Umbrella rank of the primary domain is 101254.
TLS certificate: Issued by E1 on February 18th 2024. Valid for: 3 months.
This is the only time authenticate.ibotta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.50.131.88 20940 (AKAMAI-ASN1)
9 2600:9000:235... 16509 (AMAZON-02)
5 2600:9000:211... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.228 15169 (GOOGLE)
1 23.50.131.28 20940 (AKAMAI-ASN1)
3 34.96.102.137 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 13.33.187.125 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 18.173.154.122 16509 (AMAZON-02)
4 151.101.130.217 54113 (FASTLY)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 142.250.185.98 15169 (GOOGLE)
4 34.66.73.214 396982 (GOOGLE-CL...)
3 3.210.91.20 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.248.151.210 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:26e... 16509 (AMAZON-02)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 35.244.142.80 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 23.36.162.216 20940 (AKAMAI-ASN1)
1 2600:9000:225... 16509 (AMAZON-02)
1 50.19.252.206 14618 (AMAZON-AES)
1 142.250.186.40 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 65.9.7.174 16509 (AMAZON-02)
1 2600:9000:272... 16509 (AMAZON-02)
1 2600:9000:26d... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
4 44.205.117.71 14618 (AMAZON-AES)
1 104.19.167.24 13335 (CLOUDFLAR...)
1 2600:9000:26d... 16509 (AMAZON-02)
1 141.193.213.20 209242 (CLOUDFLAR...)
95 38
1    23.50.131.88 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-88.deploy.static.akamaitechnologies.com
ibotta.onelink.me
9    2600:9000:235a:f800:14:fc27:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
ibotta.com
5    2600:9000:211e:2e00:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.transcend.io
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
1    23.50.131.28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-28.deploy.static.akamaitechnologies.com
apps.rokt.com
3    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a02:26f0:3500:16::215:1499 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
6    13.33.187.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-125.fra60.r.cloudfront.net
ibotta.com
2    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
4    18.173.154.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-122.muc50.r.cloudfront.net
cdn.heapanalytics.com
4    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
4    2a02:26f0:3500:11::215:14d1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.rokt.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
4    34.66.73.214 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.73.66.34.bc.googleusercontent.com
client-api.auryc.com
3    3.210.91.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-91-20.compute-1.amazonaws.com
heapanalytics.com
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
1    13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com
clientstream.launchdarkly.com
2    2606:4700::6813:a718 (United States)

ASN13335 (CLOUDFLARENET, US)
authenticate.ibotta.com
1    2600:9000:26e8:7400:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)
d2hrivdxn8ekm8.cloudfront.net
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
1    2a02:26f0:3500:11::215:14d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
websdk.appsflyer.com
4    23.36.162.216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-216.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2600:9000:225b:1200:1b:e40d:4a00:21 (United States)

ASN16509 (AMAZON-02, US)
d34r8q7sht0t9k.cloudfront.net
1    50.19.252.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-252-206.compute-1.amazonaws.com
data.adxcel-ec2.com
1    142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net
www.googletagmanager.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    65.9.7.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-174.fra56.r.cloudfront.net
dvqigh9b7wa32.cloudfront.net
1    2600:9000:2724:da00:3:760:2800:21 (United States)

ASN16509 (AMAZON-02, US)
d330aiyvva2oww.cloudfront.net
1    2600:9000:26da:d000:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)
d1lu3pmaz2ilpx.cloudfront.net
2    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net
4    44.205.117.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-117-71.compute-1.amazonaws.com
api.ibops.net
1    104.19.167.24 (None, )

ASN13335 (CLOUDFLARENET, US)
authenticate.ibotta.com
1    2600:9000:26db:9a00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
1    141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
home.ibotta.com
Apex Domain
Subdomains		 Transfer
19 ibotta.com
ibotta.com — Cisco Umbrella Rank: 59473
authenticate.ibotta.com — Cisco Umbrella Rank: 101254
home.ibotta.com — Cisco Umbrella Rank: 557884
786 KB
7 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 883
heapanalytics.com — Cisco Umbrella Rank: 779
44 KB
5 cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d34r8q7sht0t9k.cloudfront.net
dvqigh9b7wa32.cloudfront.net
d330aiyvva2oww.cloudfront.net
d1lu3pmaz2ilpx.cloudfront.net
14 KB
5 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 720
clientstream.launchdarkly.com — Cisco Umbrella Rank: 823
18 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 462
p.typekit.net — Cisco Umbrella Rank: 566
19 KB
5 rokt.com
apps.rokt.com — Cisco Umbrella Rank: 7283
19 KB
5 transcend.io
cdn.transcend.io — Cisco Umbrella Rank: 5967
132 KB
4 ibops.net
api.ibops.net — Cisco Umbrella Rank: 29069
1 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 710
156 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
403 KB
4 auryc.com
client-api.auryc.com — Cisco Umbrella Rank: 8583
275 B
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2548
358 B
3 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2849
9 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210
169 KB
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 3265
123 B
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6764
63 KB
1 adxcel-ec2.com
data.adxcel-ec2.com — Cisco Umbrella Rank: 5792
131 B
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 4712
12 KB
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 3208
6 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
59 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 2867
62 KB
1 gstatic.com
www.gstatic.com
201 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
856 B
1 onelink.me
ibotta.onelink.me
268 B
0 quantummetric.com Failed
cdn.quantummetric.com Failed
0 podscribe.com Failed
ipv4.podscribe.com Failed
verifi.podscribe.com Failed
95 26
Domain Requested by
15 ibotta.com ibotta.com
5 apps.rokt.com ibotta.com
apps.rokt.com
5 cdn.transcend.io ibotta.com
cdn.transcend.io
4 api.ibops.net ibotta.com
4 analytics.tiktok.com ibotta.com
analytics.tiktok.com
4 www.googletagmanager.com ibotta.com
www.googletagmanager.com
4 client-api.auryc.com ibotta.com
cdn.heapanalytics.com
4 app.launchdarkly.com ibotta.com
4 cdn.heapanalytics.com ibotta.com
cdn.heapanalytics.com
authenticate.ibotta.com
3 region1.google-analytics.com www.googletagmanager.com
3 authenticate.ibotta.com 1 redirects ibotta.com
3 heapanalytics.com ibotta.com
3 use.typekit.net client
use.typekit.net
3 dev.visualwebsiteoptimizer.com ibotta.com
3 securepubads.g.doubleclick.net ibotta.com
securepubads.g.doubleclick.net
2 us-central1-adaptive-growth.cloudfunctions.net ibotta.com
2 p.typekit.net use.typekit.net
1 home.ibotta.com authenticate.ibotta.com
1 cdn.auth0.com authenticate.ibotta.com
1 d1lu3pmaz2ilpx.cloudfront.net ibotta.com
1 d330aiyvva2oww.cloudfront.net ibotta.com
1 dvqigh9b7wa32.cloudfront.net ibotta.com
1 data.adxcel-ec2.com ibotta.com
1 d34r8q7sht0t9k.cloudfront.net ibotta.com
1 websdk.appsflyer.com ibotta.com
1 cdn.pdst.fm ibotta.com
1 connect.facebook.net www.googletagmanager.com
connect.facebook.net
1 d2hrivdxn8ekm8.cloudfront.net ibotta.com
1 clientstream.launchdarkly.com ibotta.com
1 www.googleoptimize.com ibotta.com
1 www.gstatic.com www.google.com
1 www.google.com ibotta.com
1 ibotta.onelink.me 1 redirects
0 cdn.quantummetric.com Failed authenticate.ibotta.com
0 verifi.podscribe.com Failed
0 ipv4.podscribe.com Failed ibotta.com
95 36

This site contains links to these domains. Also see Links.

Domain
legal.ibotta.com
Subject Issuer Validity Valid
ibotta.com
Amazon RSA 2048 M03		 2024-03-24 -
2025-04-22		 a year crt.sh
transcend.io
Amazon RSA 2048 M02		 2023-06-20 -
2024-07-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
apps.rokt.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-14 -
2024-12-20		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2023-07-06 -
2024-07-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
*.auryc.com
R3		 2024-03-25 -
2024-06-23		 3 months crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2023-11-09 -
2024-12-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02		 2023-08-09 -
2024-09-05		 a year crt.sh
authenticate.ibotta.com
E1		 2024-02-18 -
2024-05-18		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-24 -
2024-04-23		 3 months crt.sh
cdn.pdst.fm
GTS CA 1D4		 2024-03-19 -
2024-06-17		 3 months crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-27 -
2024-07-27		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
adxcel-ec2.com
Amazon RSA 2048 M01		 2023-09-18 -
2024-10-17		 a year crt.sh
misc.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
api.ibops.net
Amazon RSA 2048 M02		 2023-08-28 -
2024-09-25		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
home.ibotta.com
Cloudflare Inc ECC CA-3		 2023-06-15 -
2024-06-13		 a year crt.sh

This page contains 6 frames:

Primary Page: https://authenticate.ibotta.com/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExHVmxmWEd5NkRpRnJBQzZTTUxZT2lQS1NkOS1jalYxo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Frame ID: 3D3516667373A437D19ABB84217692B7
Requests: 87 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/controller/index.html
Frame ID: AB534A8A88157831675FA908FF0D0B10
Requests: 1 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Frame ID: F33871E047E991082BC7F37CC972B614
Requests: 1 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugins/widget/index.html
Frame ID: 34FDBA2ED81E7EB3E09A15E0620B0A69
Requests: 1 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugins/dcui/index.html
Frame ID: 777EB3FF34DAF94F6C62C6E59B290AC2
Requests: 1 HTTP requests in this frame

Frame: https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&prompt=none&response_type=code&response_mode=web_message&state=V0NVaDFUV1ZuS0loQWNQR0N4dHAtTzFybkJ4dlZHZDNwdlBYaTZoWTA2RA%3D%3D&nonce=LTMzdVh0MUFnOWpVMW5IRlIwZWU1V05LN0kwQ0x%2BT2xhU2wzQzdJSW04YQ%3D%3D&code_challenge=e8dAlUBCm5qFriWQIETyjrlkNuaFIjTFmxq6Bp0IE5w&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC44In0%3D
Frame ID: EFFCC384C391C36EAA2D69572664D112
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Create Ibotta Account

Page URL History Show full URLs

  1. https://ibotta.onelink.me/iUfE/8cc13c64?friend_code=frfskzv HTTP 301
    https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=... Page URL
  2. https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+em... HTTP 302
    https://authenticate.ibotta.com/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

95
Requests

89 %
HTTPS

50 %
IPv6

26
Domains

36
Subdomains

38
IPs

3
Countries

2173 kB
Transfer

7607 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ibotta.onelink.me/iUfE/8cc13c64?friend_code=frfskzv HTTP 301
    https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui Page URL
  2. https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&screen_hint=signup&app_version=4.343.0%3Aweb_v2%3Achrome&global_session_id=fcce846edb394e22b45410d89dd6132d&early_identifier=2b2353a53567490ba9faa3c766b1a812&response_type=code&response_mode=query&state=dHdVWk50eVk3bTFqRFZSUE1XSXpZVnpkbEcxS3ZHLUhwMjUwZ1h2Tn5scA%3D%3D&nonce=Li5%2BVmVXeFl4V3o0TWk3ejdpTy1tYkJJQ1N0N01CYkQ1Z2M2UnJ6alhnNA%3D%3D&code_challenge=-pHNVlMoDH6ZwW31guSiZuwFFKfGwly9_P1Agy21na0&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC44In0%3D HTTP 302
    https://authenticate.ibotta.com/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExHVmxmWEd5NkRpRnJBQzZTTUxZT2lQS1NkOS1jalYxo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ibotta.onelink.me/iUfE/8cc13c64?friend_code=frfskzv HTTP 301
  • https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
register
ibotta.com/
Redirect Chain
  • https://ibotta.onelink.me/iUfE/8cc13c64?friend_code=frfskzv
  • https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f800:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
4e89bd3648e1d990e80aff52c53e34c5131ca424bbac1894d2bc65e918896d05
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
64917
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, s-maxage=86400
content-encoding
br
content-type
text/html
date
Mon, 15 Apr 2024 02:34:42 GMT
etag
W/"0a164ce4226e4624d16575724cd2fb68"
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
last-modified
Thu, 04 Apr 2024 16:47:07 GMT
referrer-policy
same-origin
server
none
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-amz-cf-id
lSQram-LPiEmXg0iEh_4LKe7sfeqMhZDQUFUq7xKskDkUUUcYB3JNQ==
x-amz-cf-pop
FRA60-P9
x-amz-id-2
JZRlRifAUIp8Chvee3tRbjVF4WNhmxuZjsfX1uA7mdQ1WbQh6mX4WgMb4JDv0P8P2BOfl/UlXkI=
x-amz-request-id
TMZ22WD7ZDSD1X72
x-amz-server-side-encryption
AES256
x-amz-version-id
6lVAPNBOEPcOOuMe0Uxa4HbqEYdf35Zb
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
cache-control
no-cache, no-store
content-length
0
content-type
application/octet-stream
date
Mon, 15 Apr 2024 20:36:38 GMT
location
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile App&af_channel=Mobile App&source_caller=ui
server
http-kit
strict-transport-security
max-age=31536000; includeSubDomains
airgap.js
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ 		118 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a4668a8815c89b30cf7e1eaad54e0cb3b80af1f643477ce429cbf340e9574929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:38 GMT
content-encoding
br
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-C2
x-content-type-options
nosniff
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=60,s-maxage=86400
x-amz-cf-id
qsj_TNi-_8eFj4IdHDh4_8r0yJIA5Gx8lf6J5wuzMIY1HhIfTlrTGw==
x-xss-protection
1; mode=block
rokt.js
ibotta.com/scripts/ 		665 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/scripts/rokt.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f800:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
2d18666f0070c1d3d86b414b2f63d771c50c085457c31efc9abffb423054baf1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
vbvozlecFKPo9yBtQ7KgCaejHIr2BkZq
date
Mon, 15 Apr 2024 01:19:59 GMT
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
681ERAZY8PKGMJ4Z
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
69400
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
665
x-amz-id-2
OKnW/KOXQ8DFfXKmvifesPSOABHyrCBq49OPrSqBZUC+g29J/EccpQl/lgW7gFnGH5NHq45QVVA=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Apr 2024 16:50:10 GMT
server
none
etag
"aa16c176534bd3b1dc4e7b030cc590ba"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, s-maxage=86400
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-amz-cf-id
TNJS0kSlbOnAVN9z3Z52x99m9e50PXZ-4lCbAs9pJ_yEgXRaZ0guGw==
heap.js
ibotta.com/scripts/ 		933 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/scripts/heap.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f800:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
2b5a46b2b8cdb89baa4ae90c0b0d7aafc03370b37c05b4797a78204c4bccfdc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 05:29:55 GMT
x-amz-version-id
4igr48VHCE9eQQIuevMc00CLYlK9ywro
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
5JPXCAGMVEXJ99Q5
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
54403
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
933
x-amz-id-2
TzKPg2XsfKnGOvp381zevNbxgZhPifM8jF6zKL3YI862TvUvZUAE/xDvdVWz8lw+Khe/warDiPM=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Apr 2024 16:50:10 GMT
server
none
etag
"4045aa9706089c0eb4c3ee77ae743994"
content-type
text/javascript
cache-control
max-age=0, s-maxage=86400
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-amz-cf-id
o9ytgbGCas9MbPtJYSlFrb1J7VGnvT9iK6cCdtw7CbKCHxgfrkOKkw==
vwo.js
ibotta.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/scripts/vwo.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f800:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
e25c2d7db36b5369b06e4eabdfdc581e82866e22af4b78865ea2431882b22d04
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 01:16:54 GMT
x-amz-version-id
_zrxNlK1iI2PrKI5FV3HlC2MnhXGerXH
content-encoding
br
x-content-type-options
nosniff
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
RPNVVMAC7ETH9CHZ
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
69585
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VXcCAYjbUyNYsxg4cPWXJ+YALauuqbHys+dXnT0iKkUlVS6xeJ1ChvO7LNuYvX13hdTFnQ7Kyuk=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Apr 2024 16:50:11 GMT
server
none
etag
W/"c0b15a3b5f417cfa81d854e4ad4b6c0d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, s-maxage=86400
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id
5_0CZXG5Gb-3R4k2P2h4W3n9wz2P4PIjFTR_lN8w9NTqNUtHqvo8NQ==
google-publisher.js
ibotta.com/scripts/ 		93 B
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/scripts/google-publisher.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f800:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
3557177e20754969b0b0dd9a5200a4c654ad8380fe7afcff3f6638cda5139abe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
4xDGw8Yy3WuxQPi94I9EzD_qm_2zaA77
date
Mon, 15 Apr 2024 01:32:17 GMT
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
8ZMGV07B4PTEP13A
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
68662
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
93
x-amz-id-2
PzpQVbKe+5Mrau7FW7ZCiBULYVWejGf6Qkii61H5SZP0fqHZdFVY9aC8t6sIjkmcDKKpQ+mlbQUzTUAXjRGPtYhb+nkLOgyMvIISluu942I=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Apr 2024 16:50:09 GMT
server
none
etag
"7e05c1c037892735ea4a27594640b4b2"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, s-maxage=86400
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-amz-cf-id
Hv2cs4EqoXNhtlIQV5gRdyc3mrVrJq_LdPUJmMGZwdjWv0NCGIDgsw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f7326b12f64688c1806c98284b52ce52df24c73ae9b847b784cd243e4855a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29467
x-xss-protection
0
server
cafe
etag
104 / 19828 / 31082722 / config-hash: 11277659435841430330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Apr 2024 20:36:39 GMT
api.js
www.google.com/recaptcha/ 		1 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
0eb1d1903c6765eb52f6fba4dd782620116b398b8f11de986533eafcd838b616
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 15 Apr 2024 20:36:38 GMT
app.9827762.js
ibotta.com/_nuxt/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/_nuxt/app.9827762.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f800:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
6f0735ea215653dd058efac62e72bf850bd81b2964fd4fc32672023bbb474836
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 16:52:36 GMT
x-amz-version-id
ZxIh.AeePjbDB5YPBCEhPonwNhbkNRSr
content-encoding
br
x-content-type-options
nosniff
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
ERKXTY55B09VGDWQ
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
963843
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
OCSqxLF5wTA9nYig2BgivM6sNycG44PGijkbdoy2UPHJzYJpTxwoA9aIoZCfB+BhxIOMxq4qQ0E=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Apr 2024 16:47:07 GMT
server
none
etag
W/"94b58faceb2108fb70d0ffe063b2a0cd"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id
xMrSYJ-a8V3avOnfreX7YNqO8NBiQ20Pm9ySZtLRjMVdUESm_X1RQA==
chunk.c4a3ba1.js
ibotta.com/_nuxt/ 		347 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/_nuxt/chunk.c4a3ba1.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f800:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
a739a5266926fcd40a18abed5380b3852029614bdbca326c3684827a3e98fd2c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Mar 2024 20:14:10 GMT
x-amz-version-id
fVbxoYLWtIGNTQAHJb.3.Ufpcr4s4f2u
content-encoding
br
x-content-type-options
nosniff
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
F628HVKBA31TRZWS
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
2247749
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Eny3p3VG5o2TskSqmJSU/wHkf9DLX8OAxuWgC27pzplbD1FPefEh4F+QwaaUW8i4N8De/jYaCro=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 20 Mar 2024 20:09:53 GMT
server
none
etag
W/"e201a9673613e5a1dfa9c5f7625ad28b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id
D0eyb_-RPQzf5V-PU_X6W1uxjwiA-BY1gSQ_4TrjwaJ6cbCHMq9EHg==
chunk.0a0ec8a.js
ibotta.com/_nuxt/ 		1 MB
367 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f800:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
1bf6398e1f54db56285a98b0a985c11013396a5bff6b015fd63032e2cb2a9c77
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 16:52:36 GMT
x-amz-version-id
dC4NNe0SnzVjzqkX9ZGc9EgUjImIQ2or
content-encoding
br
x-content-type-options
nosniff
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
ERKKBRSCBVCEZ7X9
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
963843
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
YWJSc7EW0mjT1APSLdVY/lUntxGpv25hEefTtGmeCl88YlxDp0VPFClOglmeCqrrUALNDKreSqU=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Apr 2024 16:47:14 GMT
server
none
etag
W/"3e0ea28cbda7b6555fa302f3a055ae3b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id
9UBFV6nfYM04uGZ0hYQcOzRHXUFDfZbspwkclo3us77ljftFxuCZ6g==
chunk.0630113.js
ibotta.com/_nuxt/ 		663 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/_nuxt/chunk.0630113.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f800:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
none /
Resource Hash
7b90cacb5c24685efcde289bdf3728199cb25258c743765fde1241a00942c319
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 16:52:36 GMT
x-amz-version-id
evT2Q5GBCTZIXcr_K0yvueTBSDlvsUVX
content-encoding
br
x-content-type-options
nosniff
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-request-id
ERKX3S99ND80TR3B
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
963843
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
t6Qjpk4yHbzsR+WL+rEQATaJ2zKDNsOFC37Re4teAswJLQTxnIbIE4wM2H8yeRauDIvCaLazJaQXvnIKhN2A39UjxCh7Bkc2vJgtuIZ7mbQ=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Apr 2024 16:47:11 GMT
server
none
etag
W/"5d6191a004fe6b4434ca3a077c3beab9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id
FWuZ-7JYf3vhSdtRWFEBS3pZ2wqr5p94qGuQeSRYcR4xSpuEhwIoNQ==
ui.js
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ 		310 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ui.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21f8935959d304109119f009f05f8c700e07537fc9106063cadd5e71effd5849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://ibotta.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:24:02 GMT
x-amz-version-id
WbKbu_Az8t5S0Jjm8gJrVCkrgl6Yj.Kn
content-encoding
br
x-content-type-options
nosniff
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-C2
age
58357
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 14 Feb 2024 16:16:37 GMT
server
AmazonS3
etag
W/"ca75f449d70bcf20c466187c52d180f4-1"
x-frame-options
SAMEORIGIN
access-control-max-age
3600
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=60,s-maxage=86400
vary
Accept-Encoding
x-amz-cf-id
_o8ilYDZKQostPFAwLF5IU-w7qCg2LF9a4hUFBp2qNm8uJKcLceycA==
snippet.js
apps.rokt.com/wsdk/integrations/ 		77 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/integrations/snippet.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/scripts/rokt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e19e7784107545456f7c9ee40b1f59159b60fa4f7afb406445e3a629f068f212
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-request-id
K2Q0RF2AK6BE0XHR
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
18802
x-amz-id-2
+H/b0lGHN/94zPy5lHcrjGEAWBdi526fsKd+RvhsRxcbmYWNlpNmctyrKIGxOhNIioL77ZVoyuA=
last-modified
Mon, 15 Apr 2024 00:38:04 GMT
server
AmazonS3
etag
"0040fcc1676ec507f6d9cdeb31984d74"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1200, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
j.php
dev.visualwebsiteoptimizer.com/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=736203&u=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Dfrfskzv%26shortlink%3D8cc13c64%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App%26source_caller%3Dui&vn=2
Requested by
Host: ibotta.com
URL: https://ibotta.com/scripts/vwo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
5fde5faba7952ba4afc1eb2a531bd4bba9a3d456dbfccf409c808ee38f3ebdae

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:38 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1713191565_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 		501 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://ibotta.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 18:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205471
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 04:30:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Apr 2025 18:25:17 GMT
lys1mao.css
use.typekit.net/ 		3 KB
937 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/lys1mao.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1499 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
97f4d2d4d817492fbc77b060edb4bbe7131de020da5b7e2e8ac38cb1c764a059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 15 Apr 2024 20:36:38 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
714
wng3obt.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wng3obt.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1499 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b7e69735f5f0350bf7466650e0e79cabb81ab1f935b845aa108e63b2520b2adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 15 Apr 2024 20:36:38 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
884
chunk.83cf3ba.js
ibotta.com/_nuxt/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/_nuxt/chunk.83cf3ba.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.9827762.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-125.fra60.r.cloudfront.net
Software
none /
Resource Hash
8ecfcd61758ef53608c6ae2c4895fecff19ccdb00bf92e5088cdf967a27c451b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Wed, 14 Feb 2024 18:46:51 GMT
content-encoding
br
x-amz-version-id
vLzxlPAgAhAAAVqjvzC.q0KfgTE0llsx
via
1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
APR4BBPRXMRFH0N6
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
5276988
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Jms6WflcxS5oqTvIuC518dMk5Z8tatXy5IlrgidNRLTvqrNODf0NiJd3ZU2umJJDtKnO2cBPbbM=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Feb 2024 18:32:00 GMT
server
none
etag
W/"29c37cc2a432bcad84655b685ee8cd71"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id
31_XIcfVd8BnaDvtTWU1fCtHrUHG0yOmhA74iySWIpGUu2gy5_IvgQ==
chunk.73e83ad.js
ibotta.com/_nuxt/ 		155 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/_nuxt/chunk.73e83ad.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.9827762.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-125.fra60.r.cloudfront.net
Software
none /
Resource Hash
238119034de650d1b8893d2182af5806016668a5312f8a8738feb06e2d0d3569
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Tue, 16 Jan 2024 17:23:27 GMT
content-encoding
br
x-amz-version-id
9ZJe0kVU4IlNrJXW1i17jZiECl50rnwz
via
1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
B4XKGFKE90G25APH
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
7787592
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dIFcYVjZ88KDqrYLy8RitaR/XLMzAvZh+a7Em0r9FUEEER/a02R1rzlaZ3uWymOcIG8b5fHkGiM=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 16 Jan 2024 17:19:59 GMT
server
none
etag
W/"51a33635d8c0ae0a54cb2f5bd43216b8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id
WgDfXl0NrlS4YuOoA00nxDpOHfBjosxvD61io2C4ua8ntC8AYA0tiA==
chunk.36438fd.js
ibotta.com/_nuxt/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/_nuxt/chunk.36438fd.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.9827762.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-125.fra60.r.cloudfront.net
Software
none /
Resource Hash
1c7e01659ef5bf29c9042e346c03bebdf3c91a022675eb0e97239069d19468dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Tue, 16 Jan 2024 17:23:27 GMT
content-encoding
br
x-amz-version-id
412TzahFAChPRE8mbhNsYuK9DM.anxh5
via
1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
B4XZMP1RRGYWJAKD
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
7787592
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
C32O6R+WW7eOHMPk3XctfclvHnHOzY0iG2aR2GFpvv45rye5o7k9wgmH6Z7EL8vbizAdMzEacIM=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 16 Jan 2024 17:19:21 GMT
server
none
etag
W/"826a547ad65415468ff14fb95d338a82"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id
8GPQOO55SUgJkbhybwpsYbUFlTEEVVRNqFVu7IbpCOi0ZO5A-Rr7sQ==
cm.css
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/cm.css
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ui.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16070eb3c98c0e3c3df709cbb09bd0eb647919d6bbea8277c3cca3d0f3816f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
8gP8R9I5sNXlwaW63UWCHm04ZMKe85kP
content-encoding
br
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
date
Mon, 15 Apr 2024 07:23:58 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-C2
age
47729
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 14 Feb 2024 16:16:37 GMT
server
AmazonS3
etag
W/"b8298542e7d97216a37c6f9aec07ea15-1"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=60,s-maxage=86400
x-amz-cf-id
d_gBFj2Tz3dIkPFVt9JyvR-0gcuJf4i0PoauHJ6a3sZqaNIEzOTK3w==
en.json
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/translations/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/translations/en.json
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16d438844902a7f496dd3828753e25a8086f221827f6337ee9bf13b10088ec89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hTW3BQ.Hyy0YjZzvYNAHfAAgmPgsDP9h
content-encoding
gzip
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
date
Sun, 14 Apr 2024 22:08:50 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-C2
age
80869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 14 Feb 2024 16:16:37 GMT
server
AmazonS3
etag
W/"c3e51313286a9bc6ce3f34b06e2c3c62-1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=60,s-maxage=86400
x-amz-cf-id
QIS2HSllFbEALsTInb2j3T9urLZI67_gSRV-yA9BxDrUKJXuLQ2p_w==
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=lys1mao&ht=tk&f=2005.2007.2009.2011&a=86732618&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lys1mao.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:38 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
heap-560310507.js
cdn.heapanalytics.com/js/ 		119 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-560310507.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/scripts/heap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-122.muc50.r.cloudfront.net
Software
nginx / Express
Resource Hash
2f9e0ea3305bb07956b74086cc8dd607b7b8f2e3769b1dd2786ec4ae74005454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:16 GMT
content-encoding
br
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
MUC50-P3
age
22
x-powered-by
Express
etag
W/"1dcaa-4JNRzaqQpHN+DkUB3HhO154Ogw0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
JT2Vhc2GOaJhX0bp2OAl2RnojVnNY1FRZVhg_JUX2PU2SK85kmyTWA==
chunk.7035be8.js
ibotta.com/_nuxt/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/_nuxt/chunk.7035be8.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.9827762.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-125.fra60.r.cloudfront.net
Software
none /
Resource Hash
a0a936f99e40a70b0aa3c1d7498bb3c85a33b92ca64ae38f0460d2509ef38206
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Tue, 16 Jan 2024 17:23:30 GMT
content-encoding
br
x-amz-version-id
BEDIOubq2scsBXC2wM2KVfFNF_EdtnwP
via
1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
H72EKN92HNR8348Q
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
7787589
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2Qf/KbId+SCkBH1dDZ3txTv2gg6nLmYId5MYZuywI8/U2D6k5qLQyzWEvt1ZN58uXq+O/NkwGV8=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 16 Jan 2024 17:19:54 GMT
server
none
etag
W/"3a8fe517373edc50d0a11bb2c0b5a576"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id
lFyqR5oiKH97h3icP4x39LaHKv7r0uu2vsoIr2rtReyB8gF6VkUHzw==
chunk.6ebe8f3.js
ibotta.com/_nuxt/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/_nuxt/chunk.6ebe8f3.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/app.9827762.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-125.fra60.r.cloudfront.net
Software
none /
Resource Hash
17bbebca6d86b4d34000e6f0f2f6f378ec613d96fc6a47f868910763fd53aaba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Thu, 04 Apr 2024 16:52:39 GMT
content-encoding
br
x-amz-version-id
QzxYOf9U0XE.zXWkWg8kramVpm.Edt0_
via
1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
XR1NQSP546YJFJKH
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
963840
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LFH04migNi1wVtdBi7+YGxphfalsSPislQsriYDQmjDUi71lbvCdEDLFlLT0yGqYQ3F26ICkcDBGGmkN3RdzYwyleh7w8B5H9vCN4fGDFhM=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Apr 2024 16:48:20 GMT
server
none
etag
W/"d4dba91f214490085ecddbc999de8e74"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id
v8oxansCQraZv4YHf-M5PzvWFM8xcHdZEua_UsLofmNrCqz37qV_TA==
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wng3obt&ht=tk&f=2005.2006.2007.2008.2009.2010.2011.2012&a=101957218&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wng3obt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:38 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
5c6b28dadb8ac42df4f22587
app.launchdarkly.com/sdk/goals/ 		2 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5c6b28dadb8ac42df4f22587
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Mon, 15 Apr 2024 20:36:39 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-fra-etou8220063-FRA
x-timer
S1713213399.132097,VS0,VE98
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4zNDMuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJkYzIyYjc1MC1mYjY3LTExZWUtYjViZC05NWQxNDVjZDhkMGYifQ
app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/contexts/ 		112 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/contexts/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4zNDMuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJkYzIyYjc1MC1mYjY3LTExZWUtYjViZC05NWQxNDVjZDhkMGYifQ?withReasons=true
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af7500941df1ac9f2cf1e783b25f5e6785fdd058d98a35af99849532bcbed813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Mon, 15 Apr 2024 20:36:39 GMT
age
0
x-cache
MISS
content-length
18621
x-served-by
cache-fra-etou8220063-FRA
x-timer
S1713213399.130317,VS0,VE211
etag
"51db"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding, Authorization
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
0
5c6b28dadb8ac42df4f22587
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5c6b28dadb8ac42df4f22587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 15 Apr 2024 20:36:39 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220063-FRA
x-timer
S1713213399.991343,VS0,VE102
eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4zNDMuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJkYzIyYjc1MC1mYjY3LTExZWUtYjViZC05NWQxNDVjZDhkMGYifQ
app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/contexts/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4zNDMuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJkYzIyYjc1MC1mYjY3LTExZWUtYjViZC05NWQxNDVjZDhkMGYifQ?withReasons=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 15 Apr 2024 20:36:39 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220063-FRA
x-timer
S1713213399.991356,VS0,VE100
index.html
apps.rokt.com/wsdk/controller/ Frame AB53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/controller/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control
max-age=1200, public
content-encoding
br
content-length
513
content-type
text/html; charset=utf-8
date
Mon, 15 Apr 2024 20:36:39 GMT
etag
"e23e35c5de9ced653046bdbe9f922c5b"
last-modified
Mon, 15 Apr 2024 00:38:01 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
BA3/AYV8oGpTRscWjkqghbf4I0MqX7+GRyL/cZZu8+ZlWKklC8W8pcYxQGRRt6H//AbzKtEZ9FI=
x-amz-request-id
K2Q9ACV9B36YTBA3
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
index.html
apps.rokt.com/wsdk/plugin-runtime/ Frame F338 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugin-runtime/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1200, public
content-encoding
br
content-length
278
content-type
text/html; charset=utf-8
date
Mon, 15 Apr 2024 20:36:39 GMT
etag
"0c46582acb9989aee3c49c546193ce84"
last-modified
Mon, 15 Apr 2024 00:38:10 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
u8ManmUkpHRMZbuO9nxdeYW+yyB8WximIwSHVMUhKHPgdqXyBdxzfHEJ7zr0b9rjWowyhwCuqgM=
x-amz-request-id
K2Q68Y2XBWRN179G
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
index.html
apps.rokt.com/wsdk/plugins/widget/ Frame 34FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugins/widget/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1200, public
content-encoding
br
content-length
305
content-type
text/html; charset=utf-8
date
Mon, 15 Apr 2024 20:36:39 GMT
etag
"d423ab7412d32936f1d61457e6b313a4"
last-modified
Mon, 15 Apr 2024 18:28:51 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
Q1o+CFjJXQBszGvegWc8dzZz1OdTmsZh+G39MPDd5JRqvHn73djjVCczV3BvZCVCsZ+su/CO0rU=
x-amz-request-id
72BM3DF9Z4EJ2FRC
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
index.html
apps.rokt.com/wsdk/plugins/dcui/ Frame 777E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugins/dcui/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1200, public
content-encoding
br
content-length
377
content-type
text/html; charset=utf-8
date
Mon, 15 Apr 2024 20:36:39 GMT
etag
"859abff93ed7e8a18551c918a7355dcc"
last-modified
Mon, 15 Apr 2024 05:59:01 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
a9jiV05LCXm3hTxwR4ixLCR7g5B3dS+X0omU5I/wXJ1eDusP9OA2KydxWcPg3BpmvN4m1j3ozUU=
x-amz-request-id
1BW8YGTCYFFB68KT
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=736203&d=ibotta.com&u=D24DBF2B7179B28CD1CBB7B46F9B87E1B&h=4973bca118b3001e2c3abe4520066eaf&t=false
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:39 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
ee.gif
dev.visualwebsiteoptimizer.com/ 		35 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/ee.gif?a=736203&s=j.php&e=use_existing_jquery%20is%20not%20defined%26vn%3D
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 15 Apr 2024 20:36:39 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
11fd0f14-da39-4405-b674-900eb0b67c70
https://ibotta.com/ 		731 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ibotta.com/11fd0f14-da39-4405-b674-900eb0b67c70
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33b040a0b27baaac5b43c79a67343571ffb4600b9081a23d28b2d6abd114be70

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
731
Content-Type
application/javascript
container.js
cdn.heapanalytics.com/js/replay/4557-Main-prod-heap/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/replay/4557-Main-prod-heap/container.js
Requested by
Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/heap-560310507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-122.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0780accd25b571e92a47282eb3d17550305ce142ec0bf6f86d581e740b5ac03

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
X.BnhRq2dMNqGkAE5jn5rEV4paE_LXS6
content-encoding
gzip
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
date
Mon, 15 Apr 2024 20:36:39 GMT
x-amz-cf-pop
MUC50-P3
age
50981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
4603
last-modified
Wed, 31 Jan 2024 15:24:47 GMT
server
AmazonS3
etag
"2cfae8f985351c405efa0b84ceaaf6c1"
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
x-amz-cf-id
W2tfVV59RtX91Pmikcx4NN60XMOhi5X9sJzHCv72nyIQwtvt04kaoA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/ 		445 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082722
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aca0e28aa55849ee4eb13733950c025c8944325eb0bb737dd666294a833790ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 08:40:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
42945
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142427
x-xss-protection
0
server
cafe
etag
9854340156555383671
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 15 Apr 2025 08:40:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		86 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibotta.com
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
5b5ae92ae6d4675f25dd4bc86b909b1ec2b0eaa627f4c996ad85a5b3b218ee0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-xss-protection
0
expires
Mon, 15 Apr 2024 20:36:39 GMT
releasesettings
client-api.auryc.com/ 		2 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-api.auryc.com/releasesettings?lib=Web
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.73.66.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-authorized-identity
4557-Main-prod-heap
Referer
x-authorized-token
58c798788847cc6815c2b4d091e1553b
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 20:36:39 GMT
server
istio-envoy
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://ibotta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
x-xss-protection
1; mode=block
expires
0
releasesettings
client-api.auryc.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-api.auryc.com/releasesettings?lib=Web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.73.66.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-authorized-identity,x-authorized-token
Access-Control-Request-Method
GET
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-authorized-identity, x-authorized-token
access-control-allow-methods
OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://ibotta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Mon, 15 Apr 2024 20:36:38 GMT
expires
0
pragma
no-cache
server
istio-envoy
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
x-frame-options
DENY
x-xss-protection
1; mode=block
telemetry
heapanalytics.com/api/ 		32 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=560310507&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1713213399373&hv=4.21.0
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.91.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-91-20.compute-1.amazonaws.com
Software
/
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 15 Apr 2024 20:36:39 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
content-length
32
content-type
image/gif
gtm.js
www.googletagmanager.com/ 		456 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
36409c5f54cbce46693116b77d3d28cd5ebd6f42569c434efea8e57651e7d67c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132345
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 18:40:52 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Apr 2024 20:36:39 GMT
optimize.js
www.googleoptimize.com/ 		169 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-WDJL74V
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0630113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfaa6d6e3556f36e1aee5fce1c0a853c8d39280e31dd28bb92d2b66ecb2a555b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62807
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 18:40:52 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Apr 2024 20:36:39 GMT
eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4zNDMuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJkYzIyYjc1MC1mYjY3LTExZWUtYjViZC05NWQxNDVjZDhkMGYifQ
clientstream.launchdarkly.com/eval/5c6b28dadb8ac42df4f22587/ 		112 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/5c6b28dadb8ac42df4f22587/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4zNDMuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJkYzIyYjc1MC1mYjY3LTExZWUtYjViZC05NWQxNDVjZDhkMGYifQ?withReasons=true
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.151.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/event-stream
Cache-Control
no-cache
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:39 GMT
strict-transport-security
max-age=31536000
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
authorize
authenticate.ibotta.com/ Frame EFFC 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&prompt=none&response_type=code&response_mode=web_message&state=V0NVaDFUV1ZuS0loQWNQR0N4dHAtTzFybkJ4dlZHZDNwdlBYaTZoWTA2RA%3D%3D&nonce=LTMzdVh0MUFnOWpVMW5IRlIwZWU1V05LN0kwQ0x%2BT2xhU2wzQzdJSW04YQ%3D%3D&code_challenge=e8dAlUBCm5qFriWQIETyjrlkNuaFIjTFmxq6Bp0IE5w&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC44In0%3D
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a718 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
626d55ff82f02db64ab3aa9d77866b015c2186bcefbc6d947eeab19312837472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
874ebaa39b26922f-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 15 Apr 2024 20:36:39 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
698eee0f54c40a22c229
x-content-type-options
nosniff
x-ratelimit-limit
500
x-ratelimit-remaining
499
x-ratelimit-reset
1713213400
js
www.googletagmanager.com/gtag/ 		313 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e83cc9993b1537104a9ddff90c3ceca6030adcf6f899e572a4df54746ac6e063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103737
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Apr 2024 20:36:39 GMT
tracker-latest.min.js
d2hrivdxn8ekm8.cloudfront.net/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:7400:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddb69b95a6bdcf5d227ce30d7184839da682c7794fbb93e603b9e39c53a87440

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
F2_skBoyyTZPk30T0KU4aWlDbb3s6sr6
date
Mon, 15 Apr 2024 02:18:16 GMT
via
1.1 e161fd49d3d858d9f9d1d337fc91ce8e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jan 2024 17:50:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
65904
x-amz-server-side-encryption
AES256
etag
"ebd50fe79b30e9f210e354a1edede7ec"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
content-length
9781
x-amz-cf-id
Z_MHsHpqLhFL9gAfc4JIcHFjb03HM5L0cyRRMngYlSrZIOQglje-UA==
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 Apr 2024 20:36:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=12, mss=1294, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
NXbi7/J9zsYIgr8l0Al+T5wsqSS6erI/IoFp4l645bWasIAjB8lz05/F965WmTRcNTUAbpteOOGcp2Ow/5zYhQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ping.min.js
cdn.pdst.fm/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:24 GMT
content-encoding
gzip
age
15
x-guploader-uploadid
ABPtcPqYS3IX9AwejQzrnMLGSv7F9KJPYVp8wDsh2uU74l8JkNbjtu7dEhr2NjZhOHNRT5pN6uRKtE2bmQ
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-generation
1622234043862937
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Mon, 15 Apr 2024 21:36:24 GMT
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 20:36:39 GMT
Content-Encoding
gzip
x-amz-request-id
2YBFDHXY2BG0X743
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
11792
x-amz-id-2
X0mLy+zhQfGcMJeE6Lu48tPmxFSWqOpnSxdZQBh4ixekSso906hm/iT5X8JInwPSkeLM9fgFwoQ=
Last-Modified
Wed, 14 Jun 2023 06:58:45 GMT
Server
AmazonS3
ETag
"5a676288bcea03bd05e483bc4ce066ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1426
Accept-Ranges
bytes
X-DataStream-Cache-Status
1
Expires
Mon, 15 Apr 2024 21:00:25 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CB6TC3JC77UFIN9HHQVG&lib=ttq
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
764d2362.b1d37a9
date
Mon, 15 Apr 2024 20:36:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24041520363972A0CDBAB7ABA11C44DA-26FD641F006F226F-00
x-cache
TCP_MISS from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time
107,23.206.213.216
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=13, inner; dur=2
content-length
1933
pragma
no-cache
server
nginx
x-tt-logid
2024041520363972A0CDBAB7ABA11C44DA
x-cache-remote
TCP_MISS from a184-28-17-152.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,184.28.17.152
x-tt-trace-host
017d0578f327b57d1558311a3c4228a516fbe7f7fe36be2e19df1be2b932c38614b74e0f863fc10b0d8f8781e38d5c4a4647f6e01b440bb94b49cf3a5a4a1be79743ec2bf9b4b00961c68d3daee65a2ef1e15e69821e84416286ead4864eb3f4ef83a245a227da6af516efcc910ec3b862
expires
Mon, 15 Apr 2024 20:36:39 GMT
tag.js
d34r8q7sht0t9k.cloudfront.net/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34r8q7sht0t9k.cloudfront.net/tag.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:1200:1b:e40d:4a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:41 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 20:13:16 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
"cbae520e055d9fb016666ac03963e83d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
2469
x-amz-cf-id
-Or-y5indzJnfuOYMVqKUB0XHLvwxs8P7-hbRYMZeyf6E4Aq-oLuww==
destination
www.googletagmanager.com/gtag/ 		209 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-926984635&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d22eba4a7c395f07fa42bacc198aebf1a51aadc8ffbb7d70ab4150f3936e6bbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77953
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 18:40:52 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Apr 2024 20:36:39 GMT
/
data.adxcel-ec2.com/pixel/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=misc&pixid=380ca1d0-4cad-4a81-93f9-09ffcb719de9&gtmcb=665613155
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.252.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-252-206.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Length
43
Content-Type
image/gif
auryc.lib.js
cdn.heapanalytics.com/js/replay/libs/latest/ 		0
0
destination
www.googletagmanager.com/gtag/ 		282 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-JP10KW76MD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97408
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Apr 2024 20:36:39 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=45je44a0v879409214z872215009za200&_p=1713213399400&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=160703212.1713213400&ul=de-de&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1713213399&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Dfrfskzv%26shortlink%3D8cc13c64%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App%26source_caller%3Dui&dt=Ibotta&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_id=GTM-WDDWDQ&ep.gtm_container_version=276&ep.referral_page=&ep.session_id_custom_dimension=1713213399700.xl9am56i&epn.user_timezone_offset=-2&ep.user_agent_string=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&ep.language_custom_dimension=English&ep.responsive_breakpoint=desktop&ep.gtm_tag_name=GA4%20Configuration&tfd=1932
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 15 Apr 2024 20:36:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ibotta.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5a28e627
dvqigh9b7wa32.cloudfront.net/ 		43 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YWI0MGI5ODktMjEzMi00NmY5LWI4YjUtOTc0NGZkOWZlNDgxJnNlc3Npb25JZD1kZDIwYjg5Mi1iYTM0LTVmM2QtYzQ0YS0xZmJjOWUyMjBhYmE%3D&date=1713213399848
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-174.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 02:08:54 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
69650
x-cache
Hit from cloudfront
content-length
43
last-modified
Wed, 08 Mar 2017 06:19:28 GMT
server
AmazonS3
etag
"fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
8AcjUZ0WpOoX2HXlt3gaIfrFKJVMrLUdWaRNjJP32yFTnJhAy3_JWA==
5a28e627
d330aiyvva2oww.cloudfront.net/ 		43 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE3JnRva2VuPWFiNDBiOTg5LTIxMzItNDZmOS1iOGI1LTk3NDRmZDlmZTQ4MSZzZXNzaW9uSWQ9ZGQyMGI4OTItYmEzNC01ZjNkLWM0NGEtMWZiYzllMjIwYWJh&date=1713213399848
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:da00:3:760:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 09:13:20 GMT
via
1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
41997
x-cache
Hit from cloudfront
content-length
43
last-modified
Wed, 08 Mar 2017 06:19:28 GMT
server
AmazonS3
etag
"fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
SdVX4r2nypNMGAjo_h3vqXqogIQoqGTnsCYLwwJ6qKMEZjuXcbLMtg==
5a28e627
d1lu3pmaz2ilpx.cloudfront.net/ 		43 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YWI0MGI5ODktMjEzMi00NmY5LWI4YjUtOTc0NGZkOWZlNDgxJnNlc3Npb25JZD1kZDIwYjg5Mi1iYTM0LTVmM2QtYzQ0YS0xZmJjOWUyMjBhYmEmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRmlib3R0YS5jb20lMkZyZWdpc3RlciUzRmZyaWVuZF9jb2RlJTNEZnJmc2t6diUyNnNob3J0bGluayUzRDhjYzEzYzY0JTI2cGlkJTNETW9iaWxlJTI1MjBBcHAlMjZhZl9jaGFubmVsJTNETW9iaWxlJTI1MjBBcHAlMjZzb3VyY2VfY2FsbGVyJTNEdWk%3D&date=1713213399849
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:d000:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 02:12:26 GMT
via
1.1 03f0b5e1388e49b279dc44f8ff1caa78.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
66254
x-cache
Hit from cloudfront
content-length
43
last-modified
Wed, 08 Mar 2017 06:19:28 GMT
server
AmazonS3
etag
"fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
vary
Origin
accept-ranges
bytes
x-amz-cf-id
a1SO9xNCeTF68BLnWvxeZNkvAIyXXMzsXfL4CE6g8FEJFmWrQrMFfg==
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 		2 B
123 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:40 GMT
content-encoding
gzip
server
Google Frontend
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
3881d7c84a6492236744fad365363b48
cache-control
private
function-execution-id
042vn9x69mpl
access-control-allow-headers
Content-Type, Accept
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Mon, 15 Apr 2024 20:36:40 GMT
function-execution-id
0isme24l7dnz
server
Google Frontend
x-cloud-trace-context
e1d58668b5d668b0925df832cc0f2eda
graphql
api.ibops.net/browser-extension/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ibops.net/browser-extension/graphql?name=track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.117.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-117-71.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-app-session,x-app-version
Access-Control-Request-Method
POST
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-app-session,x-app-version
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTION
access-control-allow-origin
https://ibotta.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 15 Apr 2024 20:36:40 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
graphql
api.ibops.net/browser-extension/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ibops.net/browser-extension/graphql?name=track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.117.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-117-71.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-app-session,x-app-version
Access-Control-Request-Method
POST
Origin
https://ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-app-session,x-app-version
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTION
access-control-allow-origin
https://ibotta.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 15 Apr 2024 20:36:40 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
graphql
api.ibops.net/browser-extension/ 		33 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ibops.net/browser-extension/graphql?name=track
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.117.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-117-71.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-App-Session
1fe72c13-72fc-4618-92e8-4cb4cb37591f
X-App-Version
4.343.0:web_v2:chrome
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:40 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
33
x-xss-protection
0
x-request-id
0650d94134af12555f18d5c9b2ff2277
referrer-policy
no-referrer
etag
W/"21-ZB8zl8RfgSFnHZaKd4YLO6ORhz8"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-download-options
noopen
graphql
api.ibops.net/browser-extension/ 		33 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ibops.net/browser-extension/graphql?name=track
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.117.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-117-71.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-App-Session
1fe72c13-72fc-4618-92e8-4cb4cb37591f
X-App-Version
4.343.0:web_v2:chrome
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:40 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
33
x-xss-protection
0
x-request-id
cdd7bc61c7bc6c6ae5f4c4e9a9775b35
referrer-policy
no-referrer
etag
W/"21-ZB8zl8RfgSFnHZaKd4YLO6ORhz8"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-download-options
noopen
Primary Request signup
authenticate.ibotta.com/u/
Redirect Chain
  • https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%...
  • https://authenticate.ibotta.com/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExHVmxmWEd5NkRpRnJBQzZTTUxZT2lQS1NkOS1jalYxo2NpZNkgVzRISGZOUEF6b2h5Z1...
95 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authenticate.ibotta.com/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExHVmxmWEd5NkRpRnJBQzZTTUxZT2lQS1NkOS1jalYxo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.0a0ec8a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.167.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
787dfe1c4e75e08e581b448d8b4f50ba27751bad16235391fc3bf8f3b9d4cb3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
874ebaa78def79cb-AMS
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Mon, 15 Apr 2024 20:36:40 GMT
etag
W/"17acb-9onmTwka7Id8EPh1Tj24QWpsiSs"
expires
Mon, 15 Apr 2024 20:36:40 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-dl
37
x-auth0-requestid
473d8a3e740a6a8bd7c4
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1713213407
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
874ebaa5fd3a922f-FRA
content-length
426
content-type
text/html; charset=utf-8
date
Mon, 15 Apr 2024 20:36:40 GMT
location
/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExHVmxmWEd5NkRpRnJBQzZTTUxZT2lQS1NkOS1jalYxo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
cdae0e4c028502e16ddb
x-content-type-options
nosniff
x-ratelimit-limit
500
x-ratelimit-remaining
499
x-ratelimit-reset
1713213401
h
heapanalytics.com/ 		37 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=560310507&u=3191771468702998&v=8874318858987209&s=5663828684389237&b=web&tv=4.0&z=0&h=%2Fregister&q=%3Ffriend_code%3Dfrfskzv%26shortlink%3D8cc13c64%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App%26source_caller%3Dui&d=ibotta.com&t=Ibotta&ts=1713213399061&ubv=123.0.6312.122&upv=10.0.0&sch=1200&scw=1600&st=1713213399878
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.91.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-91-20.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 15 Apr 2024 20:36:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
airgap.js
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ 		118 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.c4a3ba1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:38 GMT
content-encoding
br
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-content-type-options
nosniff
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=60,s-maxage=86400
x-amz-cf-id
qsj_TNi-_8eFj4IdHDh4_8r0yJIA5Gx8lf6J5wuzMIY1HhIfTlrTGw==
x-xss-protection
1; mode=block
telemetry
heapanalytics.com/api/ 		32 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=560310507&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1713213399389&hv=4.21.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.91.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-91-20.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 15 Apr 2024 20:36:40 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
content-length
32
content-type
image/gif
l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lys1mao.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1499 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://use.typekit.net/lys1mao.css
Origin
https://ibotta.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:40 GMT
server
nginx
etag
"b5e7c2e377d10b344b022d96a04daef295e61ac1"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17052
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JP10KW76MD&gtm=45je44a0v892505497za200&_p=1713213399400&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=160703212.1713213400&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1713213400&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Dfrfskzv%26shortlink%3D8cc13c64%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App%26source_caller%3Dui&dt=Create%20Ibotta%20Account%20%7C%20Ibotta&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=2119
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-JP10KW76MD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 15 Apr 2024 20:36:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ibotta.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MTFhN2NkNDczMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		431 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CB6TC3JC77UFIN9HHQVG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
b1d3a64
date
Mon, 15 Apr 2024 20:36:40 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024040812454100AA6E7D258AE3C628A1
x-tt-trace-id
00-24040812454100AA6E7D258AE3C628A1-2F032955DF2D7462-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01b7b2354e6eb9f40f30953dd0e21c25dfbf3f97e0c7fffaf22cc7e3ec025564e4aedc2debff85dda4b170ae5510b329641cb5bca580caa7f1ac2e440c8230007059d6692ea193ff3040acc5b90a2ea7d7bc1a9695e9e43885b7c80c2bd1d9c929
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
117700
1919782858327617
connect.facebook.net/signals/config/ 		0
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=45je44a0v879409214za200&_p=1713213399400&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=160703212.1713213400&ul=de-de&pscdl=noapi&_eu=AEA&_geo=1&_rdi=1&_s=2&sid=1713213399&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Dfrfskzv%26shortlink%3D8cc13c64%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App%26source_caller%3Dui&dt=Ibotta&en=scroll&ep.gtm_container_id=GTM-WDDWDQ&ep.gtm_container_version=276&ep.referral_page=&ep.session_id_custom_dimension=1713213399700.xl9am56i&epn.user_timezone_offset=-2&ep.user_agent_string=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&ep.language_custom_dimension=English&ep.responsive_breakpoint=desktop&ep.gtm_tag_name=GA4%20Configuration&epn.percent_scrolled=90&_et=6&tfd=2142
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 15 Apr 2024 20:36:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ibotta.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify_38a7e.js
analytics.tiktok.com/i18n/pixel/static/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_38a7e.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
b1d3c65
date
Mon, 15 Apr 2024 20:36:40 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240408124542696C747E3390234A0F12
x-tt-trace-id
00-240408124542696C747E3390234A0F12-2B21674BB8E55629-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
017ccf9fd54c2bfc09ee83181751c6d75a8265fc6d4aa7deeaa6cdd31e3c18c879e818fd8e6aa78367528d5c7a7da88e74e3fa64643c1bb8345cf1ac057b2bc9598e55071260952089ce7a3ef75c59a3534f78784545ccddb7a1a8adc28d66bea1
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length
36971
pixel
analytics.tiktok.com/api/v2/ 		0
846 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-216.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
bcf934de.b1d3caf
date
Mon, 15 Apr 2024 20:36:40 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404152036405F6F1CCC9DE3081FCD79-71B60F801400CD97-00
x-cache
TCP_MISS from a23-206-213-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time
184,23.206.213.216
server-timing
cdn-cache; desc=MISS, edge; dur=150, origin; dur=81, inner; dur=79
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202404152036405F6F1CCC9DE3081FCD79
x-cache-remote
TCP_MISS from a23-48-200-37.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
82,23.48.200.37
x-tt-trace-host
017d0578f327b57d1558311a3c4228a5166a3b6be399bd80ab3d3ece3ac2b4277d9a7040ded147959b917f85e8af85f25d82cdb3616130d6345356ea7729713ae3f679abde807fd41672c5da570ebd86a8ef526853c17f8c2e123a8a38752d75160fa1c4ca8d2b9054f6828dded2c6ed39
access-control-allow-headers
Authorization,*
expires
Mon, 15 Apr 2024 20:36:40 GMT
/
ipv4.podscribe.com/ 		0
0
act
analytics.tiktok.com/api/v2/pixel/ 		0
0
telemetry
heapanalytics.com/api/ 		0
0
collect
region1.google-analytics.com/g/ 		0
0
tag
verifi.podscribe.com/ 		0
0
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.91.1/css/ 		273 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.91.1/css/main.cdn.min.css
Requested by
Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExHVmxmWEd5NkRpRnJBQzZTTUxZT2lQS1NkOS1jalYxo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:9a00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
047a68719f5d0b97eb39b00b99d484f6e0b188ee0ca656cc905e561ecb515977
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 03:57:21 GMT
x-amz-version-id
nVfygoBeeEI9nA4BgXjNZmFlME9t_6j5
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
59960
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Tue, 09 Apr 2024 11:07:11 GMT
server
AmazonS3
etag
W/"8b8f967f643b52dad846cd1fab8047c7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
x-robots-tag
noindex
x-amz-cf-id
vYna3PJhpqTz5MZplmeKiCpsyppyWoMVHdJxpiXthhWTmn1hKAHqMg==
IbottaLogo_Primary_Pink.png
home.ibotta.com/wp-content/uploads/2019/06/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.ibotta.com/wp-content/uploads/2019/06/IbottaLogo_Primary_Pink.png
Requested by
Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExHVmxmWEd5NkRpRnJBQzZTTUxZT2lQS1NkOS1jalYxo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
23066efd6ca168e650f9d4eeb195ce3c641446a359b39c9f4782c1653ce5a042

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:40 GMT
cf-cache-status
HIT
age
1651927
cf-polished
origFmt=png, origSize=17157
content-disposition
inline; filename="IbottaLogo_Primary_Pink.webp"
alt-svc
h3=":443"; ma=86400
content-length
8102
cf-bgj
imgq:100,h2pri
last-modified
Tue, 31 Jan 2023 23:19:54 GMT
server
cloudflare
etag
"63d9a21a-4305"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
874ebaaa6b2258f0-TXL
heap-560310507.js
cdn.heapanalytics.com/js/ 		119 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-560310507.js
Requested by
Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExHVmxmWEd5NkRpRnJBQzZTTUxZT2lQS1NkOS1jalYxo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-122.muc50.r.cloudfront.net
Software
nginx / Express
Resource Hash
2f9e0ea3305bb07956b74086cc8dd607b7b8f2e3769b1dd2786ec4ae74005454

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 20:36:16 GMT
content-encoding
br
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MUC50-P3
age
22
x-powered-by
Express
etag
W/"1dcaa-4JNRzaqQpHN+DkUB3HhO154Ogw0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
JT2Vhc2GOaJhX0bp2OAl2RnojVnNY1FRZVhg_JUX2PU2SK85kmyTWA==
quantum-ibotta.js
cdn.quantummetric.com/qscripts/ 		0
0
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin
https://authenticate.ibotta.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40509b0dde867ef35b2ea1d935c4293e4dd27408934ea8284eb626d0560ff142

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		688 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		435 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6066c4de3dc65aabbcddba7ab83bc2396fa8327501c57e5902c8ba5057c88c6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
container.js
cdn.heapanalytics.com/js/replay/4557-Main-prod-heap/ 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/replay/4557-Main-prod-heap/container.js
Requested by
Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/heap-560310507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-122.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0780accd25b571e92a47282eb3d17550305ce142ec0bf6f86d581e740b5ac03

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
X.BnhRq2dMNqGkAE5jn5rEV4paE_LXS6
content-encoding
gzip
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
date
Mon, 15 Apr 2024 20:36:39 GMT
x-amz-cf-pop
MUC50-P3
age
50981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
4603
last-modified
Wed, 31 Jan 2024 15:24:47 GMT
server
AmazonS3
etag
"2cfae8f985351c405efa0b84ceaaf6c1"
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
x-amz-cf-id
W2tfVV59RtX91Pmikcx4NN60XMOhi5X9sJzHCv72nyIQwtvt04kaoA==
releasesettings
client-api.auryc.com/ 		2 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-api.auryc.com/releasesettings?lib=Web
Requested by
Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/replay/4557-Main-prod-heap/container.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.73.66.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-authorized-identity
4557-Main-prod-heap
Referer
x-authorized-token
58c798788847cc6815c2b4d091e1553b
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 20:36:40 GMT
server
istio-envoy
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://authenticate.ibotta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
x-xss-protection
1; mode=block
expires
0
releasesettings
client-api.auryc.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-api.auryc.com/releasesettings?lib=Web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.73.66.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-authorized-identity,x-authorized-token
Access-Control-Request-Method
GET
Origin
https://authenticate.ibotta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-authorized-identity, x-authorized-token
access-control-allow-methods
OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://authenticate.ibotta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Mon, 15 Apr 2024 20:36:40 GMT
expires
0
pragma
no-cache
server
istio-envoy
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
x-frame-options
DENY
x-xss-protection
1; mode=block
favicon-32x32.png
ibotta.com/img/icons/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/img/icons/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-125.fra60.r.cloudfront.net
Software
none /
Resource Hash
1cabd3598814c6d98529011aa30101be2f5c4fcb744db9c3e9f8255a2735ff91
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 08:04:23 GMT
x-amz-version-id
hvWWzcn6oNIcfjdXbarYMeDQGXA7uMut
via
1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-request-id
4MY279B6P41YNCEG
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
45139
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1233
x-amz-id-2
uSDWkdgwYonHcgQT/MH+tqnMuu2Z7OgTsK/48c+J0zDVsVTFI18+1e9fbbi/O3Gd5laLQdrohJA=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Apr 2024 16:51:17 GMT
server
none
etag
"cdcb2cd8dc98c6d9d0fac908607c454e"
content-type
image/png
cache-control
max-age=86400, s-maxage=86400
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-amz-cf-id
6D9PoByb_yoVWgS4mwlI2PwePisKeiNrjmbkGUN1gDYWAQx1eOmUng==
auryc.lib.js
cdn.heapanalytics.com/js/replay/libs/latest/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.heapanalytics.com
URL
https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js
Domain
connect.facebook.net
URL
https://connect.facebook.net/signals/config/1919782858327617?v=2.9.153&r=stable&domain=ibotta.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Domain
ipv4.podscribe.com
URL
https://ipv4.podscribe.com/
Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/api/v2/pixel/act
Domain
heapanalytics.com
URL
https://heapanalytics.com/api/telemetry?a=560310507&te=type&te=data&te=cm&te=Cookie%20too%20large%20to%20store%20full%20landing%20page%20params&te=val&te=1&st=1713213400100&hv=4.21.0
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=45je44a0v879409214z872215009za200&_p=1713213399400&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=160703212.1713213400&ul=de-de&pscdl=noapi&_geo=1&_rdi=1&_s=3&sid=1713213399&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Dfrfskzv%26shortlink%3D8cc13c64%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App%26source_caller%3Dui&dt=Create%20Ibotta%20Account%20%7C%20Ibotta&en=user&ep.gtm_container_id=GTM-WDDWDQ&ep.gtm_container_version=276&ep.referral_page=&ep.session_id_custom_dimension=1713213400&epn.user_timezone_offset=-2&ep.user_agent_string=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&ep.language_custom_dimension=English&ep.responsive_breakpoint=desktop&ep.gtm_tag_name=GA4%20-%20Event%20-%20Fetch%20User%27s%20Data%20-%20Client%20ID&ep.ga_client_id_hit=160703212.1713213400&ep.action=get%20user%27s%20data&_et=199&up.ga_client_id_user=160703212.1713213400&tfd=2691
Domain
verifi.podscribe.com
URL
https://verifi.podscribe.com/tag?action=view&user_id=f9d1bba5-717e-46fb-b89b-b2084de17e57&advertiser=ibotta&referrer=_&device_id=pscrb_d89df1b0-eb14-4a22-d3d0-994f9b563010&ipv4=&url=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend_code%3Dfrfskzv%26shortlink%3D8cc13c64%26pid%3DMobile%2520App%26af_channel%3DMobile%2520App%26source_caller%3Dui&source=js-tag+v1.0.4
Domain
cdn.quantummetric.com
URL
https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Domain
cdn.heapanalytics.com
URL
https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| heap object| ulpFlags string| __AURYC_JSLIB_PATH__ object| aurycReadyCb object| auryc object| aurycEventPropertiesCb boolean| aurycInit number| aurycLoadedTime object| aurycJsLibConfig

32 Cookies

Domain/Path Name / Value
ibotta.com/ Name: i18n_redirected
Value: en
.ibotta.com/ Name: %40%40
Value: 1
.ibotta.com/ Name: _vwo_uuid_v2
Value: D24DBF2B7179B28CD1CBB7B46F9B87E1B|4973bca118b3001e2c3abe4520066eaf
.ibotta.com/ Name: vuex
Value: {%22user%22:null}
.ibotta.com/ Name: _hp2_props.560310507
Value: %7B%22web-v-2-down-for-maintenance%22%3Afalse%2C%22web-v-2-popular-online-cpg-retailer-list%22%3Atrue%2C%22web-v-2-popular-search-terms-data%22%3Atrue%2C%22web-v-2-popular-sort-option%22%3Afalse%2C%22web-v-2-recommended-offers-enabled%22%3Atrue%2C%22web-v-2-referral-page-copy%22%3Atrue%2C%22web-v-2-referral-page-terms%22%3A%22Savers%20will%20earn%20%2410%20when%20they%20refer%20a%20friend%20who%3A%20(i)%20is%20a%20new%20user%20to%20Ibotta%3B%20(ii)%20registers%20with%20Ibotta%20on%20a%20unique%20device%20with%20the%20Saver%E2%80%99s%20referral%20code%20(the%20%E2%80%9CReferred%20Saver%E2%80%9D)%3B%20and%20(iii)%20completes%20a%20Qualifying%20Offer%20(as%20defined%20below)%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20The%20Referred%20Saver%20will%20earn%20a%20referral%20bonus%20upon%20registration%20and%20completion%20of%20a%20Qualifying%20Offer%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20A%20Qualifying%20Offer%20includes%20an%20offer%2C%20Any%20Brand%2C%20or%20Any%20Receipt%20offer.%20Online%20shopping%20transactions%20are%20not%20considered%20a%20Qualifying%20Offer%20until%20the%20offer%20pending%20period%20is%20complete%2C%20and%20the%20offer%20is%20credited%20to%20the%20Referred%20Saver%E2%80%99s%20account.%20Ibotta%20reserves%20the%20right%20to%20adjust%20these%20terms%20or%20the%20bonus%20amounts%20at%20any%20time.%20Prices%2C%20offers%2C%20cash-back%20amounts%2C%20bonuses%2C%20and%20the%20referral%20period%20may%20vary%20and%20are%20subject%20to%20change%20without%20notice.%20All%20accounts%20are%20subject%20to%20review.%20Additional%20terms%20and%20conditions%20may%20apply.%22%2C%22web-v-2-sold-out-offers-list%22%3Atrue%2C%22web-v-2-registration-page-copy%22%3Atrue%2C%22web-v-2-cashout-on-web-payments-env%22%3A%22production%22%2C%22web-v-2-customer-metadata-override%22%3Afalse%2C%22web-v-2-browser-profiling-is-enabled%22%3Afalse%2C%22web-v-2-browser-profiling-home-is-enabled%22%3Afalse%2C%22web-v-2-browser-profiling-cashout-is-enabled%22%3Atrue%2C%22web-v-2-bex-required-retailer-update-enabled%22%3Atrue%2C%22web-v2-direct-integration-retailer-list%22%3Atrue%2C%22web-v-2-feedback-survey%22%3Atrue%2C%22web-disco-cashout-age-threshold%22%3A7%2C%22web-v-2-special-deals-enabled%22%3Atrue%2C%22web-v-2-retailer-thumbnail-updates-enabled%22%3Atrue%2C%22web-v-2-logged-out-item-offers%22%3Atrue%2C%22web-v-2-home-page-recommendation%22%3A%22AffiliateRecommenderV2%22%2C%22web-v-2-waved-image-offer-tags-enabled%22%3Atrue%2C%22web-v-2-retailer-descriptions-enabled%22%3Atrue%2C%22web-v-2-phone-refresh-enabled%22%3Afalse%2C%22web-v-2-retailer-group-thumbnails-enabled%22%3Afalse%2C%22web-v-2-updated-category-cards-enabled%22%3Atrue%2C%22web-v-2-content-modules-enabled%22%3Afalse%2C%22web-v-2-home-referral-section-copy%22%3Atrue%2C%22web-v-2-in-store-retailers-enabled%22%3Atrue%2C%22web-v-2-retailer-groups-enabled%22%3Atrue%2C%22unified-account-linking-retailer-list%22%3Atrue%7D
ibotta.com/ Name: gsi
Value: fcce846edb394e22b45410d89dd6132d
ibotta.com/ Name: early_identifier
Value: 2b2353a53567490ba9faa3c766b1a812
ibotta.com/ Name: RoktRecogniser
Value: 1812df75-ab46-4e6d-ac8b-47f400857c34
apps.rokt.com/ Name: akaalb_Instance-1
Value: ~op=Prod_Widget_API_Experiences:Prod-API-EU-West-1|Prod_WSDK_S3:Prod-SDK-S3|~rv=100~m=Prod-API-EU-West-1:0|Prod-SDK-S3:0|~os=141f223fa3e939d66e4926adb7c49b34~id=5c524f1f4fdd20450811adf18238aad5
ibotta.com/ Name: _dd_s
Value: rum=0&expire=1713214298631
.ibotta.com/ Name: _gcl_au
Value: 1.1.941714387.1713213400
.ibotta.com/ Name: _ga
Value: GA1.1.160703212.1713213400
ibotta.com/ Name: tatari-cookie-test
Value: 87829369
.ibotta.com/ Name: t-ip
Value: 1
.ibotta.com/ Name: tatari-session-cookie
Value: dd20b892-ba34-5f3d-c44a-1fbc9e220aba
ibotta.com/ Name: __pdst
Value: fc57430f520b49bf9415cd5c72d0f0ea
authenticate.ibotta.com/ Name: did
Value: s%3Av0%3Adcab6f50-fb67-11ee-8f69-c94b0d143c36.iy3g%2BlRkjYNYSu3vGVuyVCk900yAvVChxMsdYCIwEZ8
authenticate.ibotta.com/ Name: did_compat
Value: s%3Av0%3Adcab6f50-fb67-11ee-8f69-c94b0d143c36.iy3g%2BlRkjYNYSu3vGVuyVCk900yAvVChxMsdYCIwEZ8
ibotta.com/ Name: ibotta-ts
Value: {%22exp%22:1713215199871%2C%22id%22:%221fe72c13-72fc-4618-92e8-4cb4cb37591f%22%2C%22timestamp%22:1713213399871}
.tiktok.com/ Name: _ttp
Value: 2f9VhTsb2VYMbb2CAXPJ2vCLUU6
.ibotta.com/ Name: _ga_JP10KW76MD
Value: GS1.1.1713213400.1.0.1713213400.0.0.0
.ibotta.com/ Name: _ga_GT6GKTE2DV
Value: GS1.1.1713213399.1.0.1713213400.0.0.0
.ibotta.com/ Name: _hp2_ses_props.560310507
Value: %7B%22ts%22%3A1713213399061%2C%22d%22%3A%22ibotta.com%22%2C%22h%22%3A%22%2Fregister%22%7D
.ibotta.com/ Name: _tt_enable_cookie
Value: 1
.ibotta.com/ Name: _ttp
Value: 9Eq71FuCts7wJTd_BNTV4SeGepc
authenticate.ibotta.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQEkXv4QA5L3dqa8PFRlqHoPM6isjntnIDTPLeMEIdz1jVmo86gNQSDEzKibT2HInCp-ayZxFNOjX8bVAdmr-Ca2mY29va2llg6dleHBpcmVz1_8jhj0AZiGEWK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.ug9Uij4BQOQbVXBtCgqlrrl67PtbU0TsulkBoK1xF0E
authenticate.ibotta.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQEkXv4QA5L3dqa8PFRlqHoPM6isjntnIDTPLeMEIdz1jVmo86gNQSDEzKibT2HInCp-ayZxFNOjX8bVAdmr-Ca2mY29va2llg6dleHBpcmVz1_8jhj0AZiGEWK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.ug9Uij4BQOQbVXBtCgqlrrl67PtbU0TsulkBoK1xF0E
.ibotta.com/ Name: __podscribe_ibotta_referrer
Value: _
.ibotta.com/ Name: __podscribe_ibotta_landing_url
Value: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
.ibotta.com/ Name: __podscribe_did
Value: pscrb_d89df1b0-eb14-4a22-d3d0-994f9b563010
.home.ibotta.com/ Name: __cf_bm
Value: 5kbIJokRBxwmTRk49OMQHVyZp4SpFOBJKpjX.1gR.z8-1713213400-1.0.1.1-Z4soZKPrstvQM3W8e7AtDaOky.rTH6lAPFIlmjO0mWsZ5bUKCos.nPx489Fr_s45OdIdvRwn7U8P6J0kNI.rcg
.ibotta.com/ Name: _hp2_id.560310507
Value: %7B%22userId%22%3A%223191771468702998%22%2C%22pageviewId%22%3A%222452197618727745%22%2C%22sessionId%22%3A%225663828684389237%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D

19 Console Messages

Source Level URL
Text
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ibotta.com/register?friend_code=frfskzv&shortlink=8cc13c64&pid=Mobile%20App&af_channel=Mobile%20App&source_caller=ui
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SBfT3BYLVo0YlAzQXZFQ0lEc0Fxc1owSi1qSDM2b0RDSaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExHVmxmWEd5NkRpRnJBQzZTTUxZT2lQS1NkOS1jalYxo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.ibops.net
app.launchdarkly.com
apps.rokt.com
authenticate.ibotta.com
cdn.auth0.com
cdn.heapanalytics.com
cdn.pdst.fm
cdn.quantummetric.com
cdn.transcend.io
client-api.auryc.com
clientstream.launchdarkly.com
connect.facebook.net
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
d34r8q7sht0t9k.cloudfront.net
data.adxcel-ec2.com
dev.visualwebsiteoptimizer.com
dvqigh9b7wa32.cloudfront.net
heapanalytics.com
home.ibotta.com
ibotta.com
ibotta.onelink.me
ipv4.podscribe.com
p.typekit.net
region1.google-analytics.com
securepubads.g.doubleclick.net
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
verifi.podscribe.com
websdk.appsflyer.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
analytics.tiktok.com
cdn.heapanalytics.com
cdn.quantummetric.com
connect.facebook.net
heapanalytics.com
ipv4.podscribe.com
region1.google-analytics.com
verifi.podscribe.com
104.19.167.24
13.248.151.210
13.33.187.125
141.193.213.20
142.250.185.228
142.250.185.98
142.250.186.40
151.101.130.217
18.173.154.122
2001:4860:4802:34::36
2001:4860:4802:36::36
23.36.162.216
23.50.131.28
23.50.131.88
2600:9000:211e:2e00:2:8531:afc0:93a1
2600:9000:225b:1200:1b:e40d:4a00:21
2600:9000:235a:f800:14:fc27:88c0:93a1
2600:9000:26da:d000:17:f683:1d40:21
2600:9000:26db:9a00:10:474e:104a:2961
2600:9000:26e8:7400:17:3f5c:f800:21
2600:9000:2724:da00:3:760:2800:21
2606:4700::6813:a718
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:830::2003
2a02:26f0:3500:11::215:14d1
2a02:26f0:3500:11::215:14d5
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:1499
2a03:2880:f084:d:face:b00c:0:3
3.210.91.20
34.66.73.214
34.96.102.137
35.244.142.80
44.205.117.71
50.19.252.206
65.9.7.174
047a68719f5d0b97eb39b00b99d484f6e0b188ee0ca656cc905e561ecb515977
0eb1d1903c6765eb52f6fba4dd782620116b398b8f11de986533eafcd838b616
16070eb3c98c0e3c3df709cbb09bd0eb647919d6bbea8277c3cca3d0f3816f4e
16d438844902a7f496dd3828753e25a8086f221827f6337ee9bf13b10088ec89
17bbebca6d86b4d34000e6f0f2f6f378ec613d96fc6a47f868910763fd53aaba
1bf6398e1f54db56285a98b0a985c11013396a5bff6b015fd63032e2cb2a9c77
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c7e01659ef5bf29c9042e346c03bebdf3c91a022675eb0e97239069d19468dd
1cabd3598814c6d98529011aa30101be2f5c4fcb744db9c3e9f8255a2735ff91
1f7326b12f64688c1806c98284b52ce52df24c73ae9b847b784cd243e4855a84
21f8935959d304109119f009f05f8c700e07537fc9106063cadd5e71effd5849
23066efd6ca168e650f9d4eeb195ce3c641446a359b39c9f4782c1653ce5a042
238119034de650d1b8893d2182af5806016668a5312f8a8738feb06e2d0d3569
2b5a46b2b8cdb89baa4ae90c0b0d7aafc03370b37c05b4797a78204c4bccfdc8
2d18666f0070c1d3d86b414b2f63d771c50c085457c31efc9abffb423054baf1
2f9e0ea3305bb07956b74086cc8dd607b7b8f2e3769b1dd2786ec4ae74005454
33b040a0b27baaac5b43c79a67343571ffb4600b9081a23d28b2d6abd114be70
3557177e20754969b0b0dd9a5200a4c654ad8380fe7afcff3f6638cda5139abe
36409c5f54cbce46693116b77d3d28cd5ebd6f42569c434efea8e57651e7d67c
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
40509b0dde867ef35b2ea1d935c4293e4dd27408934ea8284eb626d0560ff142
4e89bd3648e1d990e80aff52c53e34c5131ca424bbac1894d2bc65e918896d05
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5b5ae92ae6d4675f25dd4bc86b909b1ec2b0eaa627f4c996ad85a5b3b218ee0d
5fde5faba7952ba4afc1eb2a531bd4bba9a3d456dbfccf409c808ee38f3ebdae
626d55ff82f02db64ab3aa9d77866b015c2186bcefbc6d947eeab19312837472
6f0735ea215653dd058efac62e72bf850bd81b2964fd4fc32672023bbb474836
787dfe1c4e75e08e581b448d8b4f50ba27751bad16235391fc3bf8f3b9d4cb3d
7b90cacb5c24685efcde289bdf3728199cb25258c743765fde1241a00942c319
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8ecfcd61758ef53608c6ae2c4895fecff19ccdb00bf92e5088cdf967a27c451b
97f4d2d4d817492fbc77b060edb4bbe7131de020da5b7e2e8ac38cb1c764a059
a0a936f99e40a70b0aa3c1d7498bb3c85a33b92ca64ae38f0460d2509ef38206
a4668a8815c89b30cf7e1eaad54e0cb3b80af1f643477ce429cbf340e9574929
a739a5266926fcd40a18abed5380b3852029614bdbca326c3684827a3e98fd2c
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
aca0e28aa55849ee4eb13733950c025c8944325eb0bb737dd666294a833790ed
af7500941df1ac9f2cf1e783b25f5e6785fdd058d98a35af99849532bcbed813
b7e69735f5f0350bf7466650e0e79cabb81ab1f935b845aa108e63b2520b2adf
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cfaa6d6e3556f36e1aee5fce1c0a853c8d39280e31dd28bb92d2b66ecb2a555b
d22eba4a7c395f07fa42bacc198aebf1a51aadc8ffbb7d70ab4150f3936e6bbe
ddb69b95a6bdcf5d227ce30d7184839da682c7794fbb93e603b9e39c53a87440
e19e7784107545456f7c9ee40b1f59159b60fa4f7afb406445e3a629f068f212
e25c2d7db36b5369b06e4eabdfdc581e82866e22af4b78865ea2431882b22d04
e6066c4de3dc65aabbcddba7ab83bc2396fa8327501c57e5902c8ba5057c88c6
e83cc9993b1537104a9ddff90c3ceca6030adcf6f899e572a4df54746ac6e063
f0780accd25b571e92a47282eb3d17550305ce142ec0bf6f86d581e740b5ac03
fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165