authenticate.ibotta.com Open in urlscan Pro
2606:4700::6810:5267 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ibotta.com/register?friend=bo
Effective URL:
https://authenticate.ibotta.com/u/signup?state=hKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZI...
Submission: On July 20 via api (July 20th 2023, 6:04:58 pm UTC) from FI — Scanned from FI

Summary HTTP 121 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 46 IPs in 3 countries across 32 domains to perform 121 HTTP transactions. The main IP is 2606:4700::6810:5267, located in United States and belongs to CLOUDFLARENET, US. The main domain is authenticate.ibotta.com. The Cisco Umbrella rank of the primary domain is 140507.
TLS certificate: Issued by R3 on June 27th 2023. Valid for: 3 months.

This is the only time authenticate.ibotta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2600:9000:218... 2600:9000:218e:fe00:14:fc27:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:230... 2600:9000:2304:a00:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
10	2a02:26f0:780... 2a02:26f0:780::210:a480	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:780... 2a02:26f0:780::210:a452	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:310... 2a02:26f0:3100::1735:28f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.173.154.122 18.173.154.122	16509 (AMAZON-02) (AMAZON-02)
4	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
1	2600:9000:26d... 2600:9000:26db:f600:a:de49:b100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.6.53.6 52.6.53.6	14618 (AMAZON-AES) (AMAZON-AES)
4	3.92.249.42 3.92.249.42	14618 (AMAZON-AES) (AMAZON-AES)
4	35.153.253.53 35.153.253.53	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	13.248.151.210 13.248.151.210	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6810:5267	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:26d... 2600:9000:26da:5000:17:3f5c:f800:21	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:780... 2a02:26f0:780::210:a423	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
1	13.225.34.68 13.225.34.68	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:237... 2600:9000:237d:9a00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.53.43.59 23.53.43.59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	52.22.219.195 52.22.219.195	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	18.173.184.8 18.173.184.8	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26db:6e00:3:760:2800:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26da:6c00:17:f683:1d40:21	16509 (AMAZON-02) (AMAZON-02)
1	18.173.154.84 18.173.154.84	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26db:a800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	2600:9000:217... 2600:9000:2171:f600:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:4700:10:... 2606:4700:10::6816:35fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
121	46

16 2600:9000:218e:fe00:14:fc27:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

ibotta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2304:a00:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:780::210:a480 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.rokt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:780::210:a452 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:28f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.154.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-122.muc50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:f600:a:de49:b100:93a1 (United States)

ASN16509 (AMAZON-02, US)

sync.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.53.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-53-6.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.92.249.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-249-42.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.153.253.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-253-53.compute-1.amazonaws.com

api.ibops.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5267 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

authenticate.ibotta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:5000:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:a423 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.34.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-68.cdg3.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:9a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.43.59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-59.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.219.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-219-195.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.184.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-184-8.muc50.r.cloudfront.net

dvqigh9b7wa32.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:6e00:3:760:2800:21 (United States)

ASN16509 (AMAZON-02, US)

d330aiyvva2oww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:6c00:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)

d1lu3pmaz2ilpx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-84.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:a800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2171:f600:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

home.ibotta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	ibotta.com 1 redirects ibotta.com — Cisco Umbrella Rank: 58054 authenticate.ibotta.com — Cisco Umbrella Rank: 140507 home.ibotta.com — Cisco Umbrella Rank: 383618	696 KB
10	rokt.com apps.rokt.com — Cisco Umbrella Rank: 7544	272 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 116	178 KB
7	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1167 events.launchdarkly.com — Cisco Umbrella Rank: 804 clientstream.launchdarkly.com — Cisco Umbrella Rank: 796	19 KB
7	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 6686 sync.transcend.io — Cisco Umbrella Rank: 9755	180 KB
6	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2695 heapanalytics.com — Cisco Umbrella Rank: 2242	74 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2609	2 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 556 p.typekit.net — Cisco Umbrella Rank: 690	19 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56 region1.google-analytics.com — Cisco Umbrella Rank: 1771	21 KB
4	cloudfront.net d2hrivdxn8ekm8.cloudfront.net dvqigh9b7wa32.cloudfront.net d330aiyvva2oww.cloudfront.net d1lu3pmaz2ilpx.cloudfront.net	11 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	368 KB
4	ibops.net api.ibops.net — Cisco Umbrella Rank: 27267	1 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 768	1 KB
3	google.fi www.google.fi — Cisco Umbrella Rank: 31660	578 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	13 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2636	130 B
2	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 719	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 724 script.hotjar.com — Cisco Umbrella Rank: 889	73 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 830	20 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 747	6 KB
2	gstatic.com www.gstatic.com	347 KB
1	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 1997
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6794	61 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 841	376 B
1	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 4256	131 B
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 7254	12 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 3828	13 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2603	6 KB
1	liadm.com b-code.liadm.com — Cisco Umbrella Rank: 2995 rp4.liadm.com Failed	15 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	47 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1198	49 KB
0	linkedin.com Failed px4.ads.linkedin.com Failed
121	32

	Domain	Requested by
16	ibotta.com	ibotta.com cdn.transcend.io
10	apps.rokt.com	cdn.transcend.io apps.rokt.com
6	cdn.transcend.io	ibotta.com cdn.transcend.io sync.transcend.io
4	www.googletagmanager.com	cdn.transcend.io
4	api.ibops.net	cdn.transcend.io
4	heapanalytics.com	authenticate.ibotta.com
4	app.launchdarkly.com	cdn.transcend.io
4	securepubads.g.doubleclick.net	ibotta.com cdn.transcend.io
3	ct.pinterest.com	cdn.transcend.io
3	www.google.fi
3	stats.g.doubleclick.net	cdn.transcend.io
3	region1.analytics.google.com	cdn.transcend.io
3	bat.bing.com	cdn.transcend.io
3	www.google-analytics.com	cdn.transcend.io
3	authenticate.ibotta.com	1 redirects cdn.transcend.io ibotta.com
3	use.typekit.net	client use.typekit.net
3	www.google.com	ibotta.com cdn.transcend.io
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.transcend.io
2	analytics.tiktok.com	cdn.transcend.io
2	s.pinimg.com	cdn.transcend.io
2	snap.licdn.com	cdn.transcend.io
2	events.launchdarkly.com	cdn.transcend.io
2	cdn.heapanalytics.com	cdn.transcend.io authenticate.ibotta.com
2	p.typekit.net	use.typekit.net
2	www.gstatic.com	cdn.transcend.io
1	cdn.quantummetric.com	authenticate.ibotta.com
1	home.ibotta.com	authenticate.ibotta.com
1	cdn.auth0.com	authenticate.ibotta.com
1	region1.google-analytics.com	cdn.transcend.io
1	cdn.linkedin.oribi.io	cdn.transcend.io
1	script.hotjar.com	cdn.transcend.io
1	d1lu3pmaz2ilpx.cloudfront.net	cdn.transcend.io
1	d330aiyvva2oww.cloudfront.net	cdn.transcend.io
1	dvqigh9b7wa32.cloudfront.net	cdn.transcend.io
1	data.adxcel-ec2.com
1	googleads.g.doubleclick.net	cdn.transcend.io
1	websdk.appsflyer.com	cdn.transcend.io
1	d.impactradius-event.com	cdn.transcend.io
1	cdn.pdst.fm	cdn.transcend.io
1	b-code.liadm.com	cdn.transcend.io
1	static.hotjar.com	cdn.transcend.io
1	connect.facebook.net	cdn.transcend.io
1	d2hrivdxn8ekm8.cloudfront.net	cdn.transcend.io
1	clientstream.launchdarkly.com
1	www.googleoptimize.com	cdn.transcend.io
1	sync.transcend.io	cdn.transcend.io
0	rp4.liadm.com Failed
0	px4.ads.linkedin.com Failed
121	48

This site contains links to these domains. Also see Links.

Domain
legal.ibotta.com

Subject Issuer	Validity	Valid
ibotta.com Amazon RSA 2048 M01	`2023-04-24` - `2024-05-22`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
apps.rokt.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-07` - `2023-12-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M02	`2023-06-21` - `2024-07-20`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
api.ibops.net Amazon RSA 2048 M02	`2023-02-22` - `2023-10-26`	8 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-02-10` - `2023-10-07`	8 months	crt.sh
authenticate.ibotta.com R3	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-29` - `2023-07-28`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-05-27` - `2023-08-25`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-22` - `2023-09-24`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
adxcel-ec2.com Amazon RSA 2048 M02	`2023-02-24` - `2023-11-16`	9 months	crt.sh
misc.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh
home.ibotta.com Cloudflare Inc ECC CA-3	`2023-06-15` - `2024-06-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://authenticate.ibotta.com/u/signup?state=hKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExvMWx6M2hmVkk0S0s3dlR6S084d216UjFSNG4zcDRmo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Frame ID: 7C8B132EDF4F31B11E99B6DAAA818C5B
Requests: 107 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/controller/index.html
Frame ID: F9EA7C25D648CD12E1F0A175C0BABB5B
Requests: 4 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Frame ID: E7E72AD80A5C38791120BB246708E8BF
Requests: 2 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugins/widget/index.html
Frame ID: 3EC21C6CA7887C0BD1CA396453902D25
Requests: 2 HTTP requests in this frame

Frame: https://sync.transcend.io/consent-manager/1c722bbd-c8c5-459a-a57e-311c50b52722
Frame ID: 4FA282949FB429E1180301EA16420704
Requests: 2 HTTP requests in this frame

Frame: https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&prompt=none&response_type=code&response_mode=web_message&state=SVo2dWRFMWFWODlJZ2ZzSUh%2BSVdER0s1UjRqY2RsMTBlUllXSVl3UDJScA%3D%3D&nonce=ajliV2Q0QVBpSmNMV2VhMTdYaVh%2BaW9pTXRuVkF5MXVTNGlZNHNscm5lVg%3D%3D&code_challenge=Cc1lyE3T8qQBdiBNZntLrl-Yz_ikJACZXV9fWpBhRuk&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC44In0%3D
Frame ID: 31020CA8533A2BC03C63696A55B35583
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 9D506328BC6918D1724B9C6CA23D459B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Create Ibotta Account

Page URL History Show full URLs

https://ibotta.com/register?friend=bo Page URL
https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+em... HTTP 302
https://authenticate.ibotta.com/u/signup?state=hKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlc... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

121
Requests

95 %
HTTPS

67 %
IPv6

32
Domains

48
Subdomains

46
IPs

3
Countries

2505 kB
Transfer

8655 kB
Size

47
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://legal.ibotta.com/policies?name=ibotta-terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://legal.ibotta.com/policies?name=ibotta-privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ibotta.com/register?friend=bo Page URL
https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&screen_hint=signup&friend=bo&app_version=4.160.0%3Aweb_v2%3Achrome&global_session_id=09da32bc03eb4a919ad2271e966e63ec&early_identifier=aad07eb390f246f6951e56616b404747&response_type=code&response_mode=query&state=VGw0ZDJadHBScE1DMGFROFVoUlZLUkZIR2VFaGNNRkZkaHc1V3QzZVhqVQ%3D%3D&nonce=cGJLcUpqb3lWUGFMMTN%2BaFozX1VrSTVnUFZHanowODVqZ0pNSlJZcFM3MA%3D%3D&code_challenge=wf3SlOu06FuZPKtaMVA-OGjyNu1WEfgG6kizqfGA_3g&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC44In0%3D HTTP 302
https://authenticate.ibotta.com/u/signup?state=hKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExvMWx6M2hmVkk0S0s3dlR6S084d216UjFSNG4zcDRmo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1689876293237&url=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1689876293237&url=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&e_ipv6=AQJRw-HCM7js2QAAAYl0eehX23XilQBVyK1Z48c_QtqtCiRi43k4ZZ1pPqMCYghls4PqiJb9

Request Chain 104

https://rp.liadm.com/j?dtstmp=1689876293325&aid=a-0320&se=e30&duid=4564d05c840b--01h5t7kshy9g501ye0trdkdpj6&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&wpn=lc-bundle&c=PG1ldGEgZGF0YS1uLWhlYWQ9IjEiIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJldHRlciB0aGFuIGNvdXBvbnMhIEVhcm4gcmVhbCBjYXNoIGJhY2sgb24geW91ciBldmVyeWRheSBwdXJjaGFzZXMg4oCUIGluLXN0b3JlIGFuZCBvbmxpbmUuIj48dGl0bGU-Q3JlYXRlIElib3R0YSBBY2NvdW50IHwgSWJvdHRhPC90aXRsZT48bGluayBkYXRhLW4taGVhZD0iMSIgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vaWJvdHRhLmNvbS9yZWdpc3RlciI-PG1ldGEgZGF0YS1uLWhlYWQ9IjEiIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJSZWdpc3RlciBmb3IgYW4gSWJvdHRhIGFjY291bnQgdG9kYXkhIj4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1689876293325&aid=a-0320&se=e30&duid=4564d05c840b--01h5t7kshy9g501ye0trdkdpj6&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&wpn=lc-bundle&c=PG1ldGEgZGF0YS1uLWhlYWQ9IjEiIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJldHRlciB0aGFuIGNvdXBvbnMhIEVhcm4gcmVhbCBjYXNoIGJhY2sgb24geW91ciBldmVyeWRheSBwdXJjaGFzZXMg4oCUIGluLXN0b3JlIGFuZCBvbmxpbmUuIj48dGl0bGU-Q3JlYXRlIElib3R0YSBBY2NvdW50IHwgSWJvdHRhPC90aXRsZT48bGluayBkYXRhLW4taGVhZD0iMSIgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vaWJvdHRhLmNvbS9yZWdpc3RlciI-PG1ldGEgZGF0YS1uLWhlYWQ9IjEiIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJSZWdpc3RlciBmb3IgYW4gSWJvdHRhIGFjY291bnQgdG9kYXkhIj4&i6=MmEwYzpmMDQwOjA6Mjc5MDo6M2U%3D&n3pc=true

121 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 register Show response
ibotta.com/ 4 KB
2 KB 272ms
93ms Document
text/html 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

c95cc470322d69e6b8828f01d9ead7fef148c645d5218132f0708ff4bcc9fcdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 11768
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, s-maxage=86400
content-encoding: br
content-type: text/html
date: Thu, 20 Jul 2023 14:48:43 GMT
etag: W/"59c5eb3e3bc1d10f6a3e5155c843df21"
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
last-modified: Mon, 17 Jul 2023 14:34:13 GMT
referrer-policy: same-origin
server: none
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
x-amz-cf-id: MAaYlG51Dkvfw7hj0eUjubnvk2cZn0NNGjiDyquoXv-x30_8L3AiGQ==
x-amz-cf-pop: CDG52-P1
x-amz-id-2: 3Lb+iS5ggx+4QWkqRmbZXF3KJnMiag/4igRyYpCe+WdNVSBmWaFFe/DwfpScr6/vIZHBBJACg1Q=
x-amz-request-id: T62FYY3D3AMPDMG7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ 115 KB
42 KB 236ms
88ms Script
application/javascript 2600:9000:2304:a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e09dffcda9ed6a04665e8254067674bbe88ca8682034696d7b3366272539c281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:50 GMT
content-encoding: br
via: 1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: VIE50-P1
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: Se7NM7jeroN9HwCODNLkVwsHnQ7DvFnKmMLY_E6luVmCLsJbFHXtew==
x-xss-protection: 1; mode=block

GET
H2 200 rokt.js Show response
ibotta.com/scripts/ 665 B
1 KB 530ms
528ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/scripts/rokt.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

2d18666f0070c1d3d86b414b2f63d771c50c085457c31efc9abffb423054baf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 15:13:00 GMT
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: FY2GEGT4AGMG9E43
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 10311
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 665
x-amz-id-2: ih8xcaoaacpRS0A0zMtgIW5pkcYWK582gtoN5aB1+cmaEYD9wJDajaN2P734X/JJoqCg0Lf7lfk=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:36:25 GMT
server: none
etag: "aa16c176534bd3b1dc4e7b030cc590ba"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=0, s-maxage=86400
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
x-amz-cf-id: ErShwuovGh_6Pce98a6kz3Zg5xgHVPsYW5eu_OPUzWPcxtDK5frBfA==

GET
H2 200 heap.js Show response
ibotta.com/scripts/ 933 B
2 KB 531ms
529ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/scripts/heap.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

2b5a46b2b8cdb89baa4ae90c0b0d7aafc03370b37c05b4797a78204c4bccfdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 15:13:00 GMT
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: DVMQXEPZF3P5MNY1
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 10311
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 933
x-amz-id-2: 5r5DzW7tMBXsaSHCWEsKx3gjsWWi3rR7vAmw7P1DzXjYRv+p1w8BWHylDf5KchB1eUSExQzpUII=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:36:25 GMT
server: none
etag: "4045aa9706089c0eb4c3ee77ae743994"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=0, s-maxage=86400
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
x-amz-cf-id: PB_f1GCqPkizsvHOKIzdjUvNQwWogekNtWQZns7lgbaaFfD3XLBAfA==

GET
H2 200 google-publisher.js Show response
ibotta.com/scripts/ 93 B
902 B 95ms
93ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/scripts/google-publisher.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

3557177e20754969b0b0dd9a5200a4c654ad8380fe7afcff3f6638cda5139abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 15:13:01 GMT
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: DVMMMVY6QE7DA2YB
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 10310
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 93
x-amz-id-2: DhX5T9odvHOxb5vlrCbngiDG6itj0vPb1oSVsDCtwTvmKjy2STmrOZ+cf/Nbm6lyvXLE5rbLhQM=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:36:24 GMT
server: none
etag: "7e05c1c037892735ea4a27594640b4b2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=0, s-maxage=86400
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
x-amz-cf-id: 6tyAJyJSLwSLgKDyi9-8k7FutNE-9k5Vl-Tmwp_2NeExpRDmkFI-kQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 378ms
233ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

facbf8a14d5d0cf75f713b32d8952971758492020ea6752bd4b2ca8ac4d37e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27493
x-xss-protection: 0
server: cafe
etag: 600 / 19558 / m202307170101 / config-hash: 1219937797773884033
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 18:04:50 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 292ms
156ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f6252499ba5cacca024e61f458c4c259f3ca4daea2cc3cd32f58cb124b16fe93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 18:04:50 GMT

GET
H2 200 app.d687fc2.js Show response
ibotta.com/_nuxt/ 6 KB
4 KB 91ms
90ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/app.d687fc2.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

fd94e779bdf833becc6129871d13c28159d236ef099994be64bed60757d12c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 14:37:09 GMT
content-encoding: br
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: 9AQSYDZWFJXAVSDY
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 271662
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cOpJTgf61rGUsov7mXcY6guZM8U8MKKVJbHxBxOSuW/IYghb0ggGcmJD29IAF/yy1Gzdgxz2ht+GLhKpdhqyPCftsXEXqGslmGncDjxnssI=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:34:17 GMT
server: none
etag: W/"2cb5d4d6efdd3ff54218a0456e0906fb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: Je9HOVwcPxgsJR5LJ7iHCKCeLVTg3GIPtehpxaG4_boLtZCY3bHKDA==

GET
H2 200 chunk.95db5e3.js Show response
ibotta.com/_nuxt/ 287 KB
89 KB 463ms
462ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.95db5e3.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

e9da45dd97c2bace5125d08d81e39389d97fbd204a022ddd2490cd4b69971a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 00:31:27 GMT
content-encoding: br
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: 68ZP62T1EW4DWBYW
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 149604
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Gbd/OJatKOjzjrvnZyijnZtCDUUec594E4IVBcSnjfmV2AJPhoTgnrdPeT2IVgafcEwhEurNR30=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:35:26 GMT
server: none
etag: W/"a5ffb2465064da2ceaad106258655cfe"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: 6xB4SqUxV_EpDQ1RY-3PKXJ3F9gRYENPlT7_2E7HkHZVSirsfLNG5Q==

GET
H2 200 chunk.fd00cc1.js Show response
ibotta.com/_nuxt/ 1 MB
329 KB 106ms
105ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.fd00cc1.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

8498904faf67d44dbed3d9b2bb7d480da6904258b35e94029a0fd3256b79e4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 14:37:09 GMT
content-encoding: br
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: 9AQXBHD5EGM64A5T
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 271662
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1gzF9VzXlizGuJsJmPJk5HiFdF+op1XudtK1kxhTrP64wNFutd9fY9o4QlB/muiEoxuBfKg8PjZ/bx2Y15XPZGarQczDoWiamCLe0e8p2bQ=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:36:12 GMT
server: none
etag: W/"a5af72fa9948acefb655c1c7e35dab65"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: mcmbae5J5NHVJQSlcCkMSALcJ4lfXB1pRrKM44RZj5uzuDOuWmxJVg==

GET
H2 200 chunk.d516f43.js Show response
ibotta.com/_nuxt/ 613 KB
116 KB 331ms
331ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.d516f43.js

Requested by

Host: ibotta.com
URL: https://ibotta.com/register?friend=bo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

59b16ffc84cafd801533443b6ac0732fc9ac5e34f15ae3c3da20e0191ddb228e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 14:37:09 GMT
content-encoding: br
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: 9AQHA7YEZSQ8N8DA
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 271662
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0CmN8hRG5DGeF/23wJriNsmid7ksjBVD8LOlOeV0i6kKVaXs6f74RW8r7XRdkM8AxvsCOcj9YE4=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:35:52 GMT
server: none
etag: W/"62b87f3a99e7f09cae0247daa60da9e0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: 7b_Nae33MTglWLriz7-N9d5NPeWAm3QiOxuv6wLXTUpjF3ijiecwcA==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ 265 KB
76 KB 288ms
162ms Script
text/javascript 2600:9000:2304:a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

41dcd21e566db033d386f5c3bfa95373fcb4a990a9e7a145e3400b94ae23d7dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://ibotta.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: ZvXWY_GTO9B66hzzDyw8V11xDBGWCQ.8
content-encoding: gzip
via: 1.1 ac02b9a9a93754a9f85004c4c9792fee.cloudfront.net (CloudFront)
date: Thu, 20 Jul 2023 00:35:56 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: VIE50-P1
age: 62935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 11 Jul 2023 16:41:38 GMT
server: AmazonS3
etag: W/"ed75773b1fd231e9c7e3888162f446a3-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: jd6Fe8FW7QPNI5EBHy-aPCnlLKp-8Oa7FR6uJ4IM_JkMYcVXmMK3RA==

GET
H2 200 snippet.js Show response
apps.rokt.com/wsdk/integrations/ 73 KB
18 KB 426ms
77ms Script
application/javascript 2a02:26f0:780::210:a480
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/integrations/snippet.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1e9df7e027f614faa8be8fc94dd5523a754f7dfc034b3871cb31b90bbaccbe3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: ES38ANCMRCKRN6BD
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 17599
x-amz-id-2: 7hZOCAIMBxwVKP/JfJD9c1Eq6YjM9DEM6rgj2jtfyyP+yVHsIgA0S1Xvcrkk7rmGkAHTSCkuO/w=
last-modified: Thu, 20 Jul 2023 06:55:41 GMT
server: AmazonS3
etag: "b0a94b262b0b63d4880d16f9ad9b8a53"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 431 KB
174 KB 192ms
62ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__fi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7881f055a1e424714f4fc2089b071df59f1b3cca32f3957e35bdd79685058f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://ibotta.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 20:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177378
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 20:28:07 GMT

GET
H2 200 lys1mao.css
use.typekit.net/ 3 KB
937 B 368ms
177ms Stylesheet
text/css 2a02:26f0:780::210:a452
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lys1mao.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

75a099d5c0fa41ab884e9c6c125e9d78e3b22ebedf193194c4690e0325071aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 20 Jul 2023 18:04:51 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 714

GET
H2 200 wng3obt.css
use.typekit.net/ 6 KB
1 KB 365ms
182ms Stylesheet
text/css 2a02:26f0:780::210:a452
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wng3obt.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2501dc68e894f97954d8bd445940068804b109c43c3d1d8ab8dbc7cd09dcbc8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 20 Jul 2023 18:04:51 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 884

GET
H3 200 chunk.a45191f.js Show response
ibotta.com/_nuxt/ 6 KB
3 KB 429ms
429ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.a45191f.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

ab6ddb6ce5d9ac16ad5179abb550488730ac06303cc4fad3ac8790e558f5d678

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 00:41:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
x-amz-request-id: W3KFJYDYM1SGSNJG
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 235403
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xFJ1yFoJovYNM9kwluCXKTQy4Br8ostQXHDn0kf1jLeHDSxVM/c5rWfEuWdMgf+fX9C03HaFaNpZus/cZWKWyQ==
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:35:31 GMT
server: none
etag: W/"899ce64aa4d8ff96b200fefe4cb25576"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: uwaLxihNmaoAEWYRtXBofJLtMYIW5HmwXpzhrIOukCvYU1qfg1AGyw==

GET
H2 200 cm.css
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ 15 KB
4 KB 64ms
64ms Stylesheet
text/css 2600:9000:2304:a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

67042ecb09a9f201dd298c4bb1b29f3493f5028b181e03792bc5c18c626e6b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: GJEPXXdSet2RW6AxUl7a8hzRpQJlSVIt
content-encoding: gzip
via: 1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
date: Thu, 20 Jul 2023 07:00:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: VIE50-P1
age: 39849
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 11 Jul 2023 16:41:38 GMT
server: AmazonS3
etag: W/"f9f84c5e024c8b62d194983e6f1df398-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: 02eJTuX7zZRwTDwhHKAXL3o6GMAvWYlPut_nm1053N4b2NzdncGCqA==

GET
H2 200 en.json Show response
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/translations/ 6 KB
2 KB 66ms
65ms Fetch
application/json 2600:9000:2304:a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d336d2fc55a43e7578321850eac445db98f0e58929438c856c12e45cf3d9488f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: yXvwps9KwiUfO4EmnM8xM9jxGt6OPfIf
content-encoding: gzip
via: 1.1 ac02b9a9a93754a9f85004c4c9792fee.cloudfront.net (CloudFront)
date: Thu, 20 Jul 2023 05:35:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: VIE50-P1
age: 44991
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 11 Jul 2023 16:41:38 GMT
server: AmazonS3
etag: W/"c0149a1650fad3dde730a6b7c4c97bb0-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: 4tT7uBX6fmvh8jlSJOXn4tRNuaamKPzOOBMwZuE88q7Jw0TtuHERTw==

GET
H2 200 index.html Show response
apps.rokt.com/wsdk/controller/ Frame F9EA 1 KB
967 B 61ms
61ms Document
text/html 2a02:26f0:780::210:a480
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/controller/index.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3d6aca52e9e0bf8f718edd59d590ee317c9137774ae1a77543e395eb7e41c546

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1200, public
content-encoding: br
content-length: 513
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 18:04:51 GMT
etag: "e8482fde24642a9e1e7faca82e948711"
last-modified: Thu, 20 Jul 2023 06:55:38 GMT
server: AmazonS3
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-id-2: iLrkhUEUHoxLxUw3pb6Tcu9DinaRQDxo4D/i6XdrvFvtRPjgJX0Tm7gCl5jvOYvlfWJWiS5ra+M=
x-amz-request-id: ES340M4PYYXS8PVB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff

GET
H2 200 index.html Show response
apps.rokt.com/wsdk/plugin-runtime/ Frame E7E7 708 B
742 B 61ms
61ms Document
text/html 2a02:26f0:780::210:a480
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugin-runtime/index.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c5b1c0cd4f8bb74006d6097819b6b395c2c5fda775b2feb9b8436ef40d689978

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1200, public
content-encoding: br
content-length: 290
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 18:04:51 GMT
etag: "6928860c07e912cfb9b2da4846e2ea39"
last-modified: Thu, 20 Jul 2023 06:55:47 GMT
server: AmazonS3
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-id-2: MJFzHQW9cKC4olMY6wfNh06S4dahuvtB2Bdp8coA/FHvX6fMAxZQ8lJ5MpbYfvnybFAHrGzPDPk=
x-amz-request-id: PK2CEWE8MB5F2R8S
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff

GET
H2 200 index.html Show response
apps.rokt.com/wsdk/plugins/widget/ Frame 3EC2 730 B
769 B 63ms
62ms Document
text/html 2a02:26f0:780::210:a480
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugins/widget/index.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

16d4b17ee393c221e2a061d32bfd7a73482d36a54bb94b4c15b8a0d11f5a8c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1200, public
content-encoding: br
content-length: 315
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 18:04:51 GMT
etag: "3cb31babaae2043d1f2ad2ccc88aa271"
last-modified: Thu, 20 Jul 2023 02:52:25 GMT
server: AmazonS3
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-id-2: MKkNEGwxSyzoI71tlmmngmDHvaOHTRFsuNUQMZv7VazUKJyd1e5WlQLtTJmYmFvwvx6kUWPYDY4=
x-amz-request-id: PNGHDG7389H8EW1D
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 270ms
62ms Stylesheet
text/css 2a02:26f0:3100::1735:28f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=lys1mao&ht=tk&f=2005.2007.2009.2011&a=86732618&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lys1mao.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:51 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 275ms
67ms Stylesheet
text/css 2a02:26f0:3100::1735:28f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=wng3obt&ht=tk&f=2005.2006.2007.2008.2009.2010.2011.2012&a=101957218&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wng3obt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:51 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/ 385 KB
122 KB 383ms
382ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1779a49bc11620c55dd5424776fa1e5c44b5cdb705163555ef05afc54e9cde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 15:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10227
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125056
x-xss-protection: 0
server: cafe
etag: 10096237036492005269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 19 Jul 2024 15:14:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 40 B
62 B 218ms
94ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibotta.com

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e71316ea5922cae2f67667c41963d32d7566c363507de29355ec452be0529e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38
x-xss-protection: 0
expires: Thu, 20 Jul 2023 18:04:51 GMT

GET
H2 200 global-reporter.js Show response
apps.rokt.com/wsdk/reporter/ Frame F9EA 7 KB
3 KB 60ms
59ms Script
application/javascript 2a02:26f0:780::210:a480
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/reporter/global-reporter.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d00d1b84250a4886d05eb8146180447a656d25ac69cf41eda4ee0b4993a1d34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.rokt.com/wsdk/controller/index.html
Origin: https://apps.rokt.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: PK20CFJBJ2SP982R
content-length: 2840
x-amz-id-2: cZi1RWfi4GEwwOfUjhZhSpBVtwlOymoMOtaG+J4rv1MNUhyUXe3DcQnm5DoLrpBmwD4HzEPNP3c=
last-modified: Sun, 08 Aug 2021 23:10:23 GMT
server: AmazonS3
etag: "1d663c18a8f56b3de25954a30bd3e8c0"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=1200, must-revalidate, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 index.82b64eb97f3bc6804a31.js Show response
apps.rokt.com/wsdk/controller/ Frame F9EA 68 KB
17 KB 63ms
62ms Script
application/javascript 2a02:26f0:780::210:a480
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/controller/index.82b64eb97f3bc6804a31.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6195fc820041e71d86d2e17dd413780c21bfc2e62d79b8fa30b43f571ef93f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.rokt.com/wsdk/controller/index.html
Origin: https://apps.rokt.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: 53TSSCY5MR25NBT2
x-amz-server-side-encryption: AES256
content-length: 16440
x-amz-id-2: HgT8UpTheAzlBKybbSX3OGKupx3iDYLdMuM9n6S7kJmw/ynWgHyi8h5tROxYWIbloT85voMcEhs=
last-modified: Thu, 20 Jul 2023 06:55:36 GMT
server: AmazonS3
etag: "6d13d659323c8fbf7b1318536654ac02"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 index.c9fe566ba00f37a6904c.js Show response
apps.rokt.com/wsdk/plugin-runtime/ Frame E7E7 70 KB
18 KB 62ms
61ms Script
application/javascript 2a02:26f0:780::210:a480
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugin-runtime/index.c9fe566ba00f37a6904c.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugin-runtime/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fbda361d336b9aa94940948dd5639fc9ee1a9274979dbc05dbc18ed837c14c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Origin: https://apps.rokt.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: ES32JQVVXR5KCGGX
x-amz-server-side-encryption: AES256
content-length: 18443
x-amz-id-2: MFOfZuBqngYZSiRmTwZ7rYIjqoUDR8UjcCGS03a00aXpDeXFoxNDvnHpbeTn5pS+U7OG30Ha6zc=
last-modified: Thu, 20 Jul 2023 06:55:45 GMT
server: AmazonS3
etag: "806f26c7abee31daa892846638d264de"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 index.057420b2f7cf6a91bd01.js Show response
apps.rokt.com/wsdk/plugins/widget/modern/ Frame 3EC2 980 KB
196 KB 66ms
66ms Script
application/javascript 2a02:26f0:780::210:a480
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/plugins/widget/modern/index.057420b2f7cf6a91bd01.js

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugins/widget/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0ae5b3c11100303bf32eb75a7d3aba000da452770437f616a6fb3987cf60f365

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apps.rokt.com/wsdk/plugins/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: PNGY7WK16H5T74N3
x-amz-server-side-encryption: AES256
content-length: 200433
x-amz-id-2: fdYGC6kybA5AJeg0ex/sW8qpzvH0TzgffAusueNwCC1fIAOZTvU6BR5Z/a2z7UgNUWUBevSHC/Y=
last-modified: Thu, 20 Jul 2023 02:52:22 GMT
server: AmazonS3
etag: "81e2a1d120a9b61b6a86b2d7a7282657"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H3 200 session Show response
apps.rokt.com/v1/ Frame F9EA 0
26 B 91ms
91ms Fetch 2a02:26f0:780::210:a480
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/v1/session

Requested by

Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.82b64eb97f3bc6804a31.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apps.rokt.com/wsdk/controller/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 18:04:51 GMT
content-security-policy: upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
date: Thu, 20 Jul 2023 18:04:51 GMT
x-content-type-options: nosniff
x-rate-limit-limit: 1m
x-rate-limit-remaining: 49
strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy-report-only: upgrade-insecure-requests; default-src https:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: istio-envoy
etag: 57b1cb5e-e18e-4176-aa60-a75f589f6b5b
access-control-expose-headers: ETag
x-rate-limit-reset: 2023-07-20T18:05:51.2315965Z
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, nofollow, noimageindex
quic-version: 0x00000001

GET
H3 200 chunk.0da364c.js Show response
ibotta.com/_nuxt/ 154 KB
40 KB 169ms
169ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.0da364c.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

06443c49eb5b145f024f7e328fcb757d2e1b27a3d2f779f21b9cc15024274a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 00:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
x-amz-request-id: BK5081S1FEZCDM80
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 62414
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: F+K9CfyTMKfr3DAt07pLTTBceg6oaTmpkJRwUeHut+g1uSH4y74ugUWGgflumVspMFo5mwA3QLg=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:34:22 GMT
server: none
etag: W/"f2d94872e3ef0964874ed0067eaa605c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: ejDW2Q6KUTc_djvF2j4P4OTpw5WQ9pj0TVYxCuHVsNdQmXhxbG4qig==

GET
H3 200 chunk.48e9aad.js Show response
ibotta.com/_nuxt/ 2 KB
2 KB 96ms
96ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.48e9aad.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

32dd1b047777b55568dc0931dccbcd1831e96d42d7d39e97564d5f6d19ad51cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 00:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
x-amz-request-id: QBAKHH0BAQBR87PQ
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 407472
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1rMkBev+LXKItDyrEKXNLM2lVkFOFE1JtHGsmxd/6olYdEnoYe+DQRDvXqwUhHajY/wlLxSPxBYubUVrO5O2uQu8+FyRdipRylKOQhTR2Dk=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 13 Jul 2023 15:19:47 GMT
server: none
etag: W/"0ccd984bf8078ef2939b68e7aa04b69f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: 7VxaM7G5j1YNO60RUYIV12J3JeJMeFIC8wBlhGqzeOxeRiWOfLkF8w==

GET
H2 200 heap-560310507.js Show response
cdn.heapanalytics.com/js/ 112 KB
36 KB 343ms
173ms Script
application/javascript 18.173.154.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-560310507.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-122.muc50.r.cloudfront.net

Software

nginx / Express

Resource Hash

b90ede130663a88df36f578b1b69ba97423c89cc55da4f9626ba509e3540518a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:03:38 GMT
content-encoding: br
via: 1.1 918459d66ab0cca4258acacb6d3f6edc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: MUC50-P3
age: 73
x-powered-by: Express
etag: W/"1c02f-bjOb0Cgg9ANobPRukoNrALwzy4s"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MYaYIC2jLSSrgErjUDkISFoPGdMqSS1NVOr23tXC4tE5p0p_YbGdpg==

GET
H3 200 chunk.59f5879.js Show response
ibotta.com/_nuxt/ 44 KB
15 KB 99ms
98ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.59f5879.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

2b0f1a82076c5fc9479ac13d70373f737e3c72fd9bdd4ba7e6481bb28a558618

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 00:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
x-amz-request-id: 7JF5Q495MQHW76AN
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 407387
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: d7F9JgYrQituhNFBShyKlafCugUl+3RHn78pQ/rVuRpLKu0PpjfbhPw4mNw91kJ5sbbJPKlTdOk=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 13 Jul 2023 15:19:57 GMT
server: none
etag: W/"2f6d7e2462dec185431c4161f60de758"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: 8vPucLrBWbIcY_bwBCGbCMViTb1tmPSTRwhMZqZVfzEa-E0s1PaY5g==

GET
H3 200 chunk.d7546ce.js Show response
ibotta.com/_nuxt/ 5 KB
2 KB 95ms
95ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/_nuxt/chunk.d7546ce.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

756421612d8af9f20a9b1497f4a182ef962b1f1eff7890b91661c6b6f6266c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 14:37:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
x-amz-request-id: QJ57Y0GEVY8MBNQB
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 271661
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cHKvpEijgRkOqe0SVidFiSm3aHTQd9NeHaiLxQ3aodBswIB0xCs2zl8xptmuZqFyMmHjpM7nFsA=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:35:53 GMT
server: none
etag: W/"af14887ffb886d64f2ff0d926091e3f4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
x-amz-cf-id: 9HABbbDPvRM1FBrBnks_CbF02Zo2gRjboLaJraAR_kNI_2UIfOZxMQ==

OPTIONS
H2 200 5c6b28dadb8ac42df4f22587
app.launchdarkly.com/sdk/goals/ Frame 0
0 206ms
69ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5c6b28dadb8ac42df4f22587

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 20 Jul 2023 18:04:51 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230048-FRA
x-timer: S1689876292.838209,VS0,VE1

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4xNjAuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJlYzRjZmJhMC0yNzI3LTExZWUtYmU4ZS04ZmM3YmE2ZDAyYmIifQ
app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/ Frame 0
0 203ms
69ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4xNjAuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJlYzRjZmJhMC0yNzI3LTExZWUtYmU4ZS04ZmM3YmE2ZDAyYmIifQ?withReasons=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 20 Jul 2023 18:04:51 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230048-FRA
x-timer: S1689876292.836897,VS0,VE2

GET
H2 200 5c6b28dadb8ac42df4f22587 Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 58ms
57ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5c6b28dadb8ac42df4f22587

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Jul 2023 18:04:51 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-eddf8230048-FRA
x-timer: S1689876292.903339,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4xNjAuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJlYzRjZmJhMC0yNzI3LTExZWUtYmU4ZS04ZmM3YmE2ZDAyYmIifQ Show response
app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/ 111 KB
18 KB 166ms
166ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

488abb76d9cca832c28030511778643398e301be93d90e830ae47f47a5a6e87e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Jul 2023 18:04:52 GMT
age: 0
x-cache: MISS
content-length: 18397
x-served-by: cache-fra-eddf8230048-FRA
x-timer: S1689876292.903408,VS0,VE111
etag: "11506db"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding, Authorization
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 0

GET
H2 200 1c722bbd-c8c5-459a-a57e-311c50b52722 Show response
sync.transcend.io/consent-manager/ Frame 4FA2 301 B
759 B 228ms
65ms Document
application/xhtml+xml 2600:9000:26db:f600:a:de49:b100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.transcend.io/consent-manager/1c722bbd-c8c5-459a-a57e-311c50b52722
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:f600:a:de49:b100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c2ebbc1e7fb6f03810e31e38e4dbddcbeee707f7ade4d6de96216951e938509

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 84868
content-disposition: inline
content-length: 301
content-type: application/xhtml+xml
date: Wed, 19 Jul 2023 18:30:25 GMT
etag: "b8113635e1b1070db327525a6d5fe91b-1"
last-modified: Tue, 11 Jul 2023 16:41:37 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 3721bbb571fa1179150d81f8194461ae.cloudfront.net (CloudFront)
x-amz-cf-id: JnL_RJwINe1vTvoBheDFeMTpAA4DGf61Ji4Skrx2JuWdUoIF_29V1w==
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: zPvxqR7AX_MAhKnTxc77HbZArsO5qY3L
x-cache: Hit from cloudfront

OPTIONS
H2 204 5c6b28dadb8ac42df4f22587
events.launchdarkly.com/events/diagnostic/ Frame 0
0 423ms
136ms Preflight 52.6.53.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5c6b28dadb8ac42df4f22587

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.6.53.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-53-6.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 20 Jul 2023 18:04:52 GMT
strict-transport-security: max-age=31536000

POST
H2 202 5c6b28dadb8ac42df4f22587 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 137ms
137ms XHR
application/json 52.6.53.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5c6b28dadb8ac42df4f22587

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.6.53.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-53-6.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 411ms
133ms Image
image/gif 3.92.249.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=560310507&u=6225564718721617&v=4536338963329028&s=3207893819261867&b=web&tv=4.0&z=0&h=%2Fregister&q=%3Ffriend%3Dbo&d=ibotta.com&t=Ibotta&ts=1689876291867&st=1689876291876

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.92.249.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-249-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

OPTIONS
H2 204 graphql
api.ibops.net/browser-extension/ Frame 0
0 421ms
137ms Preflight 35.153.253.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ibops.net/browser-extension/graphql?name=track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.253.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-253-53.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-app-session,x-app-version
Access-Control-Request-Method: POST
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-app-session,x-app-version
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTION
access-control-allow-origin: https://ibotta.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Thu, 20 Jul 2023 18:04:52 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

OPTIONS
H2 204 graphql
api.ibops.net/browser-extension/ Frame 0
0 419ms
137ms Preflight 35.153.253.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ibops.net/browser-extension/graphql?name=track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.253.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-253-53.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-app-session,x-app-version
Access-Control-Request-Method: POST
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-app-session,x-app-version
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTION
access-control-allow-origin: https://ibotta.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Thu, 20 Jul 2023 18:04:52 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
260 B 185ms
134ms Image
image/gif 3.92.249.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=560310507&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1689876292066&hv=4.19.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.92.249.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-249-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 gtm.js
www.googletagmanager.com/ 437 KB
119 KB 328ms
196ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDDWDQ

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 121690
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jul 2023 18:04:52 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 127 KB
49 KB 206ms
75ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-WDJL74V

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

422b38ea03fe0d34332e3e6c5357837008e97d19ee130aa19a55b3073c9875bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jul 2023 18:04:52 GMT

POST
H2 200 graphql
api.ibops.net/browser-extension/ 33 B
653 B 144ms
143ms XHR
application/json 35.153.253.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ibops.net/browser-extension/graphql?name=track

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.253.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-253-53.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Type: application/json
Accept: application/json
Referer
X-App-Version: 4.160.0:web_v2:chrome
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
X-App-Session: 73efb31e-b9a7-4ee6-b889-8dd2c77899fc

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 33
x-xss-protection: 0
x-request-id: f68535208c71699d22513c7ba5beaa26
referrer-policy: no-referrer
etag: W/"21-ZB8zl8RfgSFnHZaKd4YLO6ORhz8"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen

POST
H2 200 graphql
api.ibops.net/browser-extension/ 33 B
653 B 139ms
139ms XHR
application/json 35.153.253.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ibops.net/browser-extension/graphql?name=track

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.253.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-253-53.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Type: application/json
Accept: application/json
Referer
X-App-Version: 4.160.0:web_v2:chrome
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
X-App-Session: 73efb31e-b9a7-4ee6-b889-8dd2c77899fc

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 33
x-xss-protection: 0
x-request-id: e82ed87c44e7fad01b3463674ddfc774
referrer-policy: no-referrer
etag: W/"21-ZB8zl8RfgSFnHZaKd4YLO6ORhz8"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4xNjAuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJlYzRjZmJhMC0yNzI3LTExZWUtYmU4ZS04ZmM3YmE2ZDAyYmIifQ
clientstream.launchdarkly.com/eval/5c6b28dadb8ac42df4f22587/ 111 KB
0 265ms
96ms EventSource
text/event-stream 13.248.151.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5c6b28dadb8ac42df4f22587/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBWZXJzaW9uIjoiNC4xNjAuMCIsInN5c3RlbSI6IndlYl92MiJ9LCJrZXkiOiJlYzRjZmJhMC0yNzI3LTExZWUtYmU4ZS04ZmM3YmE2ZDAyYmIifQ?withReasons=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.151.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ Frame 4FA2 25 KB
12 KB 71ms
71ms Script
text/javascript 2600:9000:2304:a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/xdi.js

Requested by

Host: sync.transcend.io
URL: https://sync.transcend.io/consent-manager/1c722bbd-c8c5-459a-a57e-311c50b52722

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

910fb2399f04bfec194721854be3127ef67970f8b1b676f14460e393318963cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sync.transcend.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: P6SmZO8LvjVaPHMJKxCBlJS58BFXIzxY
content-encoding: gzip
via: 1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
date: Thu, 20 Jul 2023 06:37:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: VIE50-P1
age: 41244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 11 Jul 2023 16:41:38 GMT
server: AmazonS3
etag: W/"d2eb8435a303586728bd8e04f43b853c-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: c132OrhmOtHqs2dmAjp55eEfToJFjWSQa7g71YrgJkY0zmZ3U3m_tQ==

GET
H2 200 authorize
authenticate.ibotta.com/ Frame 3102 1 KB
1 KB 435ms
339ms Document
text/html 2606:4700::6810:5267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%2Fibotta.com%2Fhome&prompt=none&response_type=code&response_mode=web_message&state=SVo2dWRFMWFWODlJZ2ZzSUh%2BSVdER0s1UjRqY2RsMTBlUllXSVl3UDJScA%3D%3D&nonce=ajliV2Q0QVBpSmNMV2VhMTdYaVh%2BaW9pTXRuVkF5MXVTNGlZNHNscm5lVg%3D%3D&code_challenge=Cc1lyE3T8qQBdiBNZntLrl-Yz_ikJACZXV9fWpBhRuk&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMC44In0%3D

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5267 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7e9d210b2e784c84-HEL
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 20 Jul 2023 18:04:52 GMT
ot-baggage-auth0-request-id: 7e9d210b2e784c84
ot-tracer-sampled: true
ot-tracer-spanid: 53fe443137c6c28f
ot-tracer-traceid: 67e8cacd23f44094
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-000000000000000067e8cacd23f44094-53fe443137c6c28f-01
tracestate: auth0-request-id=7e9d210b2e784c84,auth0=true
vary: Accept-Encoding
x-auth0-requestid: 0535f8797446d2298b9b
x-content-type-options: nosniff
x-ratelimit-limit: 500
x-ratelimit-remaining: 499
x-ratelimit-reset: 1689876293

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
260 B 135ms
135ms Image
image/gif 3.92.249.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=560310507&te=type&te=data&te=cm&te=Cookie%20too%20large%20to%20store%20full%20landing%20page%20params&te=val&te=1&st=1689876292290&hv=4.19.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.92.249.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-249-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3

200

Primary Request signup Show response
authenticate.ibotta.com/u/
Redirect Chain

https://authenticate.ibotta.com/authorize?client_id=W4HHfNPAzohygVTKfwDp81634ImWIfoO&scope=openid+profile+email&audience=https%3A%2F%2Fibotta-prod.ibotta.com%2Fapi%2Fv1%2F&redirect_uri=https%3A%2F%...
https://authenticate.ibotta.com/u/signup?state=hKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExvMWx6M2hmVkk0S0s3dlR6S084d216UjFSNG4zcDRmo2NpZNkgVzRISGZOUEF6b2h5Z1...

76 KB
77 KB

600ms
599ms

Document
text/html

2606:4700::6810:5267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authenticate.ibotta.com/u/signup?state=hKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExvMWx6M2hmVkk0S0s3dlR6S084d216UjFSNG4zcDRmo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08

Requested by

Host: ibotta.com
URL: https://ibotta.com/_nuxt/chunk.fd00cc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5267 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe79d7a5685176a5df8bc426fd10a936007bbbb9c1925e7a4c7cf0da4f1acd2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7e9d2111af29d977-HEL
content-language: en
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 18:04:53 GMT
etag: W/"13180-KHt/lDhh42WAu4mNTyv4zDHC5GM"
expires: Thu, 20 Jul 2023 18:04:53 GMT
ot-baggage-auth0-request-id: 7e9d2111af29d977
ot-tracer-sampled: true
ot-tracer-spanid: 775f88c835e134ed
ot-tracer-traceid: 2065c0b334ac20be
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-00000000000000002065c0b334ac20be-775f88c835e134ed-01
tracestate: auth0-request-id=7e9d2111af29d977,auth0=true
vary: Accept-Encoding
x-auth0-requestid: b696957d93d61a2b9c6f
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 20
x-ratelimit-remaining: 19
x-ratelimit-reset: 1689876300
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7e9d210dec464c84-HEL
content-length: 426
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 18:04:53 GMT
location: /u/signup?state=hKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExvMWx6M2hmVkk0S0s3dlR6S084d216UjFSNG4zcDRmo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
ot-baggage-auth0-request-id: 7e9d210dec464c84
ot-tracer-sampled: true
ot-tracer-spanid: 67cf2bda18484eed
ot-tracer-traceid: 7d3ada1f0961e13a
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-00000000000000007d3ada1f0961e13a-67cf2bda18484eed-01
tracestate: auth0-request-id=7e9d210dec464c84,auth0=true
vary: Accept, Accept-Encoding
x-auth0-requestid: bf696995b5b13e42c149
x-content-type-options: nosniff
x-ratelimit-limit: 500
x-ratelimit-remaining: 499
x-ratelimit-reset: 1689876294

GET
H2 200 airgap.js
cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/ 115 KB
42 KB 71ms
68ms Script
application/javascript 2600:9000:2304:a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
content-encoding: br
via: 1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: VIE50-P1
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: 3_3BpU4P6gM0aubFvzr_AtTCXz2crM9EQzKXanCqWzwVHevutB6UrQ==
x-xss-protection: 1; mode=block

GET
H3 200 rokt.js
ibotta.com/scripts/ 665 B
1 KB 94ms
91ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/scripts/rokt.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Thu, 20 Jul 2023 15:13:00 GMT
via: 1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: FY2GEGT4AGMG9E43
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 10313
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 665
x-amz-id-2: ih8xcaoaacpRS0A0zMtgIW5pkcYWK582gtoN5aB1+cmaEYD9wJDajaN2P734X/JJoqCg0Lf7lfk=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:36:25 GMT
server: none
etag: "aa16c176534bd3b1dc4e7b030cc590ba"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=0, s-maxage=86400
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
x-amz-cf-id: PXOumLxqbnZRG_7SGS4JWktuycPxHDr17rSi9Y5ftjFsVijHUYlNlQ==

GET
H3 200 heap.js
ibotta.com/scripts/ 933 B
2 KB 99ms
95ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/scripts/heap.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Thu, 20 Jul 2023 15:13:00 GMT
via: 1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: DVMQXEPZF3P5MNY1
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 10313
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 933
x-amz-id-2: 5r5DzW7tMBXsaSHCWEsKx3gjsWWi3rR7vAmw7P1DzXjYRv+p1w8BWHylDf5KchB1eUSExQzpUII=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:36:25 GMT
server: none
etag: "4045aa9706089c0eb4c3ee77ae743994"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=0, s-maxage=86400
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
x-amz-cf-id: 6-hsyl4byeXB5pvBXc0lMLDgLFZ2NkF6028Krr6F_8ZfTXLD08kq9g==

GET
H3 200 google-publisher.js
ibotta.com/scripts/ 93 B
748 B 97ms
93ms Script
text/javascript 2600:9000:218e:fe00:14:fc27:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ibotta.com/scripts/google-publisher.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:218e:fe00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ibotta.com/register?friend=bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Thu, 20 Jul 2023 15:13:01 GMT
via: 1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: DVMMMVY6QE7DA2YB
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 10312
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 93
x-amz-id-2: DhX5T9odvHOxb5vlrCbngiDG6itj0vPb1oSVsDCtwTvmKjy2STmrOZ+cf/Nbm6lyvXLE5rbLhQM=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 17 Jul 2023 14:36:24 GMT
server: none
etag: "7e05c1c037892735ea4a27594640b4b2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=0, s-maxage=86400
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
x-amz-cf-id: MIeURjqUEgkWgt4cR110GyyQldy3VPhDKUiWppHlKUpzkkZSEJLOnQ==

GET
H3 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 174ms
170ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27566
x-xss-protection: 0
server: cafe
etag: 634 / 19558 / 31076217 / config-hash: 1219937797773884033
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 18:04:52 GMT

GET
H2 200 api.js
www.google.com/recaptcha/ 850 B
644 B 74ms
69ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 18:04:52 GMT

GET
H2 200 tracker-latest.min.js
d2hrivdxn8ekm8.cloudfront.net/ 9 KB
9 KB 245ms
69ms Script
application/javascript 2600:9000:26da:5000:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:5000:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: FtDzqVxCNLcLRbf2i_demDjaD8dXoTf8
date: Thu, 20 Jul 2023 03:55:53 GMT
via: 1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 23:38:02 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 50999
x-amz-server-side-encryption: AES256
etag: "85ac140eb3a9fcf2b232e66ca1c134c3"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
content-length: 9238
x-amz-cf-id: qfusvR6ERzIDCxXT5ZiO3h1kw9DxjIo9O1wstGG_9eSZ3usqla6nFg==

GET
H2 200 insight.min.js
snap.licdn.com/li.lms-analytics/ 1 KB
702 B 235ms
61ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jul 2023 14:41:28 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=57165
accept-ranges: bytes
content-length: 491

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 171 KB
47 KB 201ms
67ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Jul 2023 18:04:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46993
x-xss-protection: 0
pragma: public
x-fb-debug: CLpDqaEDgR8QF/91HTDU7QlOCVm7bcUATODjwMMJ/VbxVqElSps0VmAIVYQfBibANibsjhlLJlbq3MmRefHHfQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 203ms
62ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jul 2023 16:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5374
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 20 Jul 2023 18:35:19 GMT

GET
H2 200 core.js
s.pinimg.com/ct/ 3 KB
2 KB 186ms
61ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
content-encoding: br
x-cdn: fastly
etag: "b890a703adcb559f5e5d300aa7e4294f"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1466

GET
H2 200 hotjar-2893975.js
static.hotjar.com/c/ 9 KB
4 KB 279ms
81ms Script
application/javascript 13.225.34.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2893975.js?sv=7

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-68.cdg3.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Jul 2023 18:04:53 GMT
via: 1.1 a0315f0b67e5f02ccce009ce0a219e88.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 14
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/7a8dbd848b6e11ebb2bf42a86c8fe28c
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: zvEY_cjDp2IXbjOkX8sJ_R8AuEP_kQAt_iw1EluVJ15gEGh19OpKIw==

GET
H2 200 bat.js
bat.bing.com/ 42 KB
13 KB 244ms
92ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 20 Jul 2023 18:04:52 GMT
last-modified: Mon, 17 Jul 2023 22:20:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4D0E30D814D946E1A22E4BD048710648 Ref B: FRAEDGE1217 Ref C: 2023-07-20T18:04:53Z
etag: "060e2effcb8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12438

GET
H2 200 a-0320.min.js
b-code.liadm.com/ 42 KB
15 KB 238ms
75ms Script
application/javascript 2600:9000:237d:9a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-0320.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:9a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:09:57 GMT
content-encoding: gzip
via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 42896
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: cJJD9gYmynP95LFUblRGFWbkHWh4EFLpRHfL9lb3YZ0gz6bOAG-2hQ==

GET
H2 200 ping.min.js
cdn.pdst.fm/ 26 KB
6 KB 121ms
41ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:16:36 GMT
content-encoding: gzip
age: 2896
x-guploader-uploadid: ADPycdtrhR05ekogDQqZK_NEZkjAKQ4yW3PmCip7dx_WuuY_JU3BMuzwnj2KjOgnjZpWoinnB0GaC-v8wmj2WcNx8sTYJA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Thu, 20 Jul 2023 18:16:36 GMT

GET
H2 200 A1304920-7676-40c5-9812-43f71a4d287e1.js
d.impactradius-event.com/ 41 KB
13 KB 263ms
153ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A1304920-7676-40c5-9812-43f71a4d287e1.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:53 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdul5VOTMEivftYF0-JbNKLCNp25yNbjjIEPBNBj3k1PElTcUX3No1K6hSYOJftKy_oKn7u3mwurnIIZ3fvUiai3oA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13115
last-modified: Mon, 25 Oct 2021 14:14:02 GMT
server: UploadServer
etag: "2c6efde33ef386577e927634502efe1a"
vary: Accept-Encoding
x-goog-generation: 1635171242474403
x-goog-hash: crc32c=v/i33w==, md5=LG794z7zhld+knY0UC7+Gg==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13115
accept-ranges: bytes
expires: Thu, 20 Jul 2023 18:09:53 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 267 KB
88 KB 93ms
92ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GT6GKTE2DV&l=dataLayer&cx=c

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jul 2023 18:04:52 GMT

GET
H/1.1 200
OK /
websdk.appsflyer.com/ 38 KB
12 KB 248ms
64ms Script
application/javascript 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 18:04:53 GMT
Content-Encoding: gzip
x-amz-request-id: 2YBD1Y83SA1VBPZN
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: Vo5gJfn4DHGgFFcnzwzpG4njjvgMt8LlOnQtX6RdM+uNb3LkYv06L++KpTpVEqpBqbyFMWzosrU=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2554
Accept-Ranges: bytes
X-DataStream-Cache-Status: 2
Expires: Thu, 20 Jul 2023 18:47:27 GMT

GET
H2 200 events.js
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 337ms
155ms Script
application/javascript 23.53.43.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CB6TC3JC77UFIN9HHQVG&lib=ttq
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-akamai-request-id: 2c6c96d8.21be87
date: Thu, 20 Jul 2023 18:04:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-55.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
x-parent-response-time: 93,23.53.43.55
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=5, inner; dur=2
content-length: 1630
pragma: no-cache
server: nginx
x-tt-logid: 20230720180453C3BC703DDD7B512A02AA
x-cache-remote: TCP_MISS from a23-48-249-176.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.48.249.176
x-tt-trace-host: 01108054b7c3966835599ff044da3548d654ae2c1d4973d4e0c328088fa6859c5e0aa6dfae481abf8f7b0e64a2a0c2e3bd95e8430a53b64ab71f5e416d37f244df4e8b3d35e262bfca72fca1219458f5a10413cf26e3758076b0540440b2e2323740edde1c88245f266ed87ba0c0adcc91
expires: Thu, 20 Jul 2023 18:04:53 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/926984635/ 43 B
571 B 233ms
102ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/926984635/?random=1689876292857&cv=11&fst=1689876292857&bg=ffffff&guid=ON&async=1&gtm=45He37h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&label=2-KHCMGBzGYQu9OCugM&hn=www.googleadservices.com&frm=0&tiba=Create%20Ibotta%20Account%20%7C%20Ibotta&rdp=1&auid=1272836384.1689876293&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 575ms
136ms Image
image/gif 52.22.219.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=misc&pixid=380ca1d0-4cad-4a81-93f9-09ffcb719de9&gtmcb=1560677426
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.219.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-219-195.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 recaptcha__fi.js
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 431 KB
173 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__fi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://ibotta.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 20:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177378
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 20:28:07 GMT

GET
H3 200 snippet.js
apps.rokt.com/wsdk/integrations/ 73 KB
17 KB 67ms
65ms Script
application/javascript 2a02:26f0:780::210:a480
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/integrations/snippet.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: ES38ANCMRCKRN6BD
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 17599
x-amz-id-2: 7hZOCAIMBxwVKP/JfJD9c1Eq6YjM9DEM6rgj2jtfyyP+yVHsIgA0S1Xvcrkk7rmGkAHTSCkuO/w=
last-modified: Thu, 20 Jul 2023 06:55:41 GMT
server: AmazonS3
etag: "b0a94b262b0b63d4880d16f9ad9b8a53"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
quic-version: 0x00000001

POST
H2 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
130 B 190ms
189ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 18:04:53 GMT
server: Google Frontend
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 073ab86eeff35ebb05106ef28277bce2
function-execution-id: lynletci8oyz
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 274ms
166ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ibotta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 18:04:53 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: iagcoslaklkm
server: Google Frontend
x-cloud-trace-context: 627bbd1609624d2355691a6f0e60ce55
x-powered-by: Express

GET
H3 200 destination
www.googletagmanager.com/gtag/ 230 KB
79 KB 86ms
86ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-JP10KW76MD&l=dataLayer&cx=c

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jul 2023 18:04:53 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
241 B 132ms
45ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=45je37j0h2&_p=1276080663&_gaz=1&cid=1946802926.1689876293&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689876293&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&dt=Create%20Ibotta%20Account%20%7C%20Ibotta&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_id=GTM-WDDWDQ&ep.gtm_container_version=251&ep.referral_page=&ep.user_timezone_timestamp=Thu%20Jul%2020%202023%2018%3A04%3A52%20GMT%2B0000%20(GMT)&ep.session_id_custom_dimension=1689876292821.okddnzoc&epn.user_timezone_offset=0&ep.user_agent_string=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.98%20Safari%2F537.36&ep.language_custom_dimension=English&ep.responsive_breakpoint=desktop&ep.gtm_tag_name=GA4%20Configuration
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 210ms
70ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GT6GKTE2DV&cid=1946802926.1689876293&gtm=45je37j0h2&aip=1
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 233ms
96ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GT6GKTE2DV&cid=1946802926.1689876293&gtm=45je37j0h2&aip=1&z=205838184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.bd3e0b05.js
s.pinimg.com/ct/lib/ 63 KB
18 KB 64ms
63ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:53 GMT
content-encoding: br
x-cdn: fastly
etag: "6dcfe4ec85689b22c849d9ef7f4b6487"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18133

GET
H2 200 insight.old.min.js
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 64ms
64ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 13:00:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=54288
accept-ranges: bytes
content-length: 4807

POST
H2 200 collect
www.google-analytics.com/j/ 16 B
218 B 68ms
67ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1276080663&t=pageview&_s=1&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&dr=&dp=%2Fregister%3Ffriend%3Dbo&ul=en-us&de=UTF-8&dt=Create%20Ibotta%20Account%20%7C%20Ibotta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAFK~&jid=1552854574&gjid=619487275&cid=1946802926.1689876293&tid=UA-29017381-1&_gid=1872132806.1689876293&_r=1&_slc=1&gtm=45He37h0n71WDDWDQ&cd8=GTM-WDDWDQ&cd9=251&cd10=&cd12=Thu%20Jul%2020%202023%2018%3A04%3A52%20GMT%2B0000%20(GMT)&cd13=1689876292833.be2i8j3&cd14=0&cd15=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.98%20Safari%2F537.36&cd16=English&cd17=desktop&cd18=GA%20Page%20View%20-%20Core%20Page%20View&cd20=1946802926.1689876293&cd21=1946802926.1689876293&z=1302127344

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5a28e627
dvqigh9b7wa32.cloudfront.net/ 43 B
493 B 300ms
96ms XHR
image/gif 18.173.184.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YWI0MGI5ODktMjEzMi00NmY5LWI4YjUtOTc0NGZkOWZlNDgxJnNlc3Npb25JZD05OTg0NWRhYS0wOTE0LThkNjUtY2JkMC03ODBjYjMwMDk2NDg%3D&date=1689876293126
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.184.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-184-8.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 00:54:12 GMT
via: 1.1 03f0b5e1388e49b279dc44f8ff1caa78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 61842
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: o1XVFYyNR4Hquan-nb59L2Hd_2xOX86VvolFGt9GKpab30_csOMYvw==

GET
H2 200 5a28e627
d330aiyvva2oww.cloudfront.net/ 43 B
494 B 240ms
81ms XHR
image/gif 2600:9000:26db:6e00:3:760:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE3JnRva2VuPWFiNDBiOTg5LTIxMzItNDZmOS1iOGI1LTk3NDRmZDlmZTQ4MSZzZXNzaW9uSWQ9OTk4NDVkYWEtMDkxNC04ZDY1LWNiZDAtNzgwY2IzMDA5NjQ4&date=1689876293126
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:6e00:3:760:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 07:15:18 GMT
via: 1.1 3721bbb571fa1179150d81f8194461ae.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 38976
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: drXkS-PAt67ntd6FWMkISLJhy0xjPNm8flVTbqzdz_dJ-usB41flIw==

GET
H2 200 5a28e627
d1lu3pmaz2ilpx.cloudfront.net/ 43 B
453 B 211ms
66ms XHR
image/gif 2600:9000:26da:6c00:17:f683:1d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YWI0MGI5ODktMjEzMi00NmY5LWI4YjUtOTc0NGZkOWZlNDgxJnNlc3Npb25JZD05OTg0NWRhYS0wOTE0LThkNjUtY2JkMC03ODBjYjMwMDk2NDgmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRmlib3R0YS5jb20lMkZyZWdpc3RlciUzRmZyaWVuZCUzRGJv&date=1689876293129
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:6c00:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 05:35:33 GMT
via: 1.1 0dfb58f1fc97e590bcf6bcf75288d878.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 44961
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: R8qowMKdnvSwXuXSkO9rzAKUVeY7BgGjtgK7oWd4hEd6RvNzMoTncQ==

GET
H2 204 11041900.js
bat.bing.com/p/action/ 0
117 B 182ms
182ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/11041900.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 20 Jul 2023 18:04:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E482D1640FDC4E009955BB7EAC238D13 Ref B: FRAEDGE1217 Ref C: 2023-07-20T18:04:53Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 89ms
89ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=11041900&Ver=2&mid=d2584a2c-0866-4100-9474-3981f2436b65&sid=ed346390272711eea28517f4404dd66b&vid=ed34a2a0272711eeb4d239aea6ff263f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Create%20Ibotta%20Account%20%7C%20Ibotta&p=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&r=&lt=2089&evt=pageLoad&sv=1&rn=941435

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jul 2023 18:04:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA535AC6D85A44A4BC2FEFE3ED330F37 Ref B: FRAEDGE1217 Ref C: 2023-07-20T18:04:53Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
345 B 103ms
70ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-29017381-1&cid=1946802926.1689876293&jid=1552854574&gjid=619487275&_gid=1872132806.1689876293&_u=YADAAUAAAAAAACAFK~&z=800859055

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Jul 2023 18:04:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 237 KB
81 KB 81ms
81ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FN7XKBTY37&cx=c&_slc=1

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82920
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jul 2023 18:04:53 GMT

GET
H2 200 modules.b98ab8b853885c6999d0.js
script.hotjar.com/ 281 KB
68 KB 259ms
92ms Script
application/javascript 18.173.154.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b98ab8b853885c6999d0.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-84.muc50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 12406
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69501
last-modified: Thu, 20 Jul 2023 14:37:49 GMT
etag: "5184609a4d7874bcd97fa4c2df564a1a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: NTNiOhQRKdl5j3OCm-VKitCEvinwz_Ji8uZprhth2cLMredsqN28Vg==

GET 1919782858327617
connect.facebook.net/signals/config/ 0
0

GET
H2 200 token
cdn.linkedin.oribi.io/partner/88183/domain/ibotta.com/ 36 B
376 B 251ms
81ms XHR
application/json 2600:9000:26db:a800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/88183/domain/ibotta.com/token
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:a800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: *
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:11:08 GMT
content-encoding: gzip
via: 1.1 d45f06116647d4cd21c9ad69cb1b14fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 3225
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 1hyG85uCBKYRBCz9P1vw0evk0rHV37znmyUX3OFq9Pav0mm9iOvPoQ==

GET

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1689876293237&url=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1689876293237&url=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&e_ipv6=AQJRw-HCM7js2QAAAYl0eehX23XilQBVyK1Z48c_QtqtCiRi43k4ZZ1pPqM...

0
0

GET
H2 200 /
ct.pinterest.com/user/ 567 B
616 B 244ms
114ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615531578369&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1689876293243&dep=2%2CPAGE_LOAD
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pin-unauth: dWlkPVpqVTVOemd6TVRJdE56TXlNUzAwWkRFeUxXSTFZakF0TXpsaE9EZzJObVF6WTJSag
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Thu, 20 Jul 2023 18:04:53 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibotta.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1818976293486516
content-length: 389
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 238ms
113ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615531578369&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22bd3e0b05%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1689876293248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1318038934418215
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ 17 KB
17 KB 235ms
62ms Font
application/font-woff2 2a02:26f0:780::210:a452
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lys1mao.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://use.typekit.net/lys1mao.css
Origin: https://ibotta.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:53 GMT
server: nginx
etag: "b5e7c2e377d10b344b022d96a04daef295e61ac1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17052

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 37ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JP10KW76MD&gtm=45je37h0&_p=1276080663&cid=1946802926.1689876293&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&ngs=1&_s=1&sid=1689876293&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&dt=Create%20Ibotta%20Account%20%7C%20Ibotta&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 89ms
88ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-29017381-1&cid=1946802926.1689876293&jid=1552854574&_u=YADAAUAAAAAAACAFK~&z=1986111481

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 87ms
86ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-29017381-1&cid=1946802926.1689876293&jid=1552854574&_u=YADAAUAAAAAAACAFK~&z=1986111481

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1689876293325&aid=a-0320&se=e30&duid=4564d05c840b--01h5t7kshy9g501ye0trdkdpj6&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&wpn=lc-bundle&c=PG1ldGEgZ...
https://rp4.liadm.com/j?dtstmp=1689876293325&aid=a-0320&se=e30&duid=4564d05c840b--01h5t7kshy9g501ye0trdkdpj6&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&wpn=lc-bundle&c=PG1ldGEg...

0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 36ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=45je37j0h2&_p=1276080663&cid=1946802926.1689876293&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1689876293&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&dt=Create%20Ibotta%20Account%20%7C%20Ibotta&en=scroll&ep.gtm_container_id=GTM-WDDWDQ&ep.gtm_container_version=251&ep.referral_page=&ep.user_timezone_timestamp=Thu%20Jul%2020%202023%2018%3A04%3A52%20GMT%2B0000%20(GMT)&ep.session_id_custom_dimension=1689876292821.okddnzoc&epn.user_timezone_offset=0&ep.user_agent_string=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.98%20Safari%2F537.36&ep.language_custom_dimension=English&ep.responsive_breakpoint=desktop&ep.gtm_tag_name=GA4%20Configuration&epn.percent_scrolled=90&_et=10
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 65ms
63ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1276080663&t=event&ni=1&_s=1&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&dr=&dp=%2Fregister%3Ffriend%3Dbo&ul=en-us&de=UTF-8&dt=Create%20Ibotta%20Account%20%7C%20Ibotta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user&ea=client%20id&el=1946802926.1689876293&_u=aADAAUABAAAAACAFK~&jid=&gjid=&cid=1946802926.1689876293&tid=UA-29017381-1&_gid=1872132806.1689876293&gtm=45He37h0n71WDDWDQ&cd1=logged_out&cd8=GTM-WDDWDQ&cd9=251&cd10=&cd12=Thu%20Jul%2020%202023%2018%3A04%3A53%20GMT%2B0000%20(GMT)&cd13=1689876293339.lt2bfwx&cd14=0&cd15=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.98%20Safari%2F537.36&cd16=English&cd17=desktop&cd19=4.160.0&cd20=1946802926.1689876293&cd21=1946802926.1689876293&z=758630969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 08:09:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35729
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 43ms
42ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FN7XKBTY37&gtm=45je37h0&_p=1276080663&_gaz=1&ul=en-us&sr=1600x1200&cid=1946802926.1689876293&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&dp=%2Fregister%3Ffriend%3Dbo&dt=Create%20Ibotta%20Account%20%7C%20Ibotta&sid=1689876293&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_8=GTM-WDDWDQ&ep.ua_dimension_9=251&ep.ua_dimension_12=Thu%20Jul%2020%202023%2018%3A04%3A52%20GMT%2B0000%20(GMT)&ep.ua_dimension_13=1689876292833.be2i8j3&ep.ua_dimension_14=0&ep.ua_dimension_15=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.98%20Safari%2F537.36&ep.ua_dimension_16=English&ep.ua_dimension_17=desktop&ep.ua_dimension_18=GA%20Page%20View%20-%20Core%20Page%20View&ep.ua_dimension_20=1946802926.1689876293&ep.ua_dimension_21=1946802926.1689876293
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 95ms
68ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FN7XKBTY37&cid=1946802926.1689876293&gtm=45je37h0&aip=1
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ibotta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.fi/ads/ 42 B
63 B 86ms
85ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FN7XKBTY37&cid=1946802926.1689876293&gtm=45je37h0&aip=1&z=404684061

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct.html
ct.pinterest.com/ Frame 9D50 565 B
400 B 94ms
94ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 18:04:53 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1038412161680766

GET
H2 200 main.MWUwMGY1OGEyMQ.js
analytics.tiktok.com/i18n/pixel/static/ 56 KB
0 357ms
357ms Script
application/javascript 23.53.43.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMGY1OGEyMQ.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/1c722bbd-c8c5-459a-a57e-311c50b52722/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-akamai-request-id: 21c072
date: Thu, 20 Jul 2023 18:04:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202307201130516FD09A9DBC6F5204476D
vary: Accept-Encoding
x-cache: TCP_HIT from a23-53-43-55.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01208c7904e9917f0756c35de0f2216204f48f0d01eee056e80d569ce3f3d81c8a8837fd654ac863722e890c27818bfee22000b9da9c59ecd358278097f95ab13a03055aceeb22468b01adce8696e7ccfd3227c3f99dbad689aeb71c2e40db68ca
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 97695

POST collect
region1.analytics.google.com/g/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

GET
H2 200 main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.76.1/css/ 248 KB
61 KB 261ms
78ms Stylesheet
text/css 2600:9000:2171:f600:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/ulp/react-components/1.76.1/css/main.cdn.min.css

Requested by

Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExvMWx6M2hmVkk0S0s3dlR6S084d216UjFSNG4zcDRmo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2171:f600:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

093568eb247dcc6f462e1a077ae1a5ad22e0047fc31c6c449d22f604f00515bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: SgqONZQpyhk5yTYFVDvYFxa45oBZEGOW
content-encoding: gzip
via: 1.1 3808ed40220bada3ae901e3a58b94244.cloudfront.net (CloudFront)
date: Thu, 20 Jul 2023 08:40:10 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: CDG53-C1
age: 33885
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Thu, 29 Jun 2023 18:56:57 GMT
server: AmazonS3
etag: W/"af66a04cbe55c6bbfef3082656b7b222"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000,public
x-amz-cf-id: ImaQLcq9Fq76umdOmjJH8ro1RzEkdc5iKug1pKQtAS6nH3A0yN730w==

GET
H2 200 IbottaLogo_Primary_Pink.png
home.ibotta.com/wp-content/uploads/2019/06/ 8 KB
8 KB 165ms
49ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.ibotta.com/wp-content/uploads/2019/06/IbottaLogo_Primary_Pink.png
Requested by: Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExvMWx6M2hmVkk0S0s3dlR6S084d216UjFSNG4zcDRmo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23066efd6ca168e650f9d4eeb195ce3c641446a359b39c9f4782c1653ce5a042

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:04:54 GMT
cf-cache-status: HIT
age: 39799
cf-polished: origFmt=png, origSize=17157
content-disposition: inline; filename="IbottaLogo_Primary_Pink.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8102
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2023 23:19:54 GMT
server: cloudflare
etag: "63d9a21a-4305"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e9d211649a10d32-ARN

GET
H2 200 heap-560310507.js Show response
cdn.heapanalytics.com/js/ 112 KB
36 KB 76ms
74ms Script
application/javascript 18.173.154.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-560310507.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-122.muc50.r.cloudfront.net

Software

nginx / Express

Resource Hash

b90ede130663a88df36f578b1b69ba97423c89cc55da4f9626ba509e3540518a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:03:38 GMT
content-encoding: br
via: 1.1 918459d66ab0cca4258acacb6d3f6edc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: MUC50-P3
age: 76
x-powered-by: Express
etag: W/"1c02f-bjOb0Cgg9ANobPRukoNrALwzy4s"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Oxvvs0wzzoNSV-c-nXSox2lbxkeOnyXYjd3SwLz-VlcsE_ArFZ0H3g==

GET
H2 404 quantum-ibotta.js
cdn.quantummetric.com/qscripts/ 0
0 275ms
184ms Script
text/html 2606:4700:10::6816:35fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.quantummetric.com/qscripts/quantum-ibotta.js
Requested by: Host: authenticate.ibotta.com
URL: https://authenticate.ibotta.com/u/signup?state=hKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExvMWx6M2hmVkk0S0s3dlR6S084d216UjFSNG4zcDRmo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin: https://authenticate.ibotta.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40509b0dde867ef35b2ea1d935c4293e4dd27408934ea8284eb626d0560ff142

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 688 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 435 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6066c4de3dc65aabbcddba7ab83bc2396fa8327501c57e5902c8ba5057c88c6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 135ms
135ms Image
image/gif 3.92.249.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=560310507&u=6225564718721617&v=8604092203045762&s=3207893819261867&b=web&tv=4.0&z=2&h=%2Fu%2Fsignup&q=%3Fstate%3DhKFo2SA1Z0ktaDRhZ3RGQ29nREtqcE5DblFycXJPSHoyU210R6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExvMWx6M2hmVkk0S0s3dlR6S084d216UjFSNG4zcDRmo2NpZNkgVzRISGZOUEF6b2h5Z1ZUS2Z3RHA4MTYzNEltV0lmb08&d=authenticate.ibotta.com&t=Create%20Ibotta%20Account&k=web-v-2-down-for-maintenance&k=false&k=web-v-2-popular-online-cpg-retailer-list&k=true&k=web-v-2-popular-search-terms-data&k=true&k=web-v-2-popular-sort-option&k=false&k=web-v-2-recommended-offers-enabled&k=false&k=web-v-2-referral-page-copy&k=true&k=web-v-2-referral-page-terms&k=Savers%20will%20earn%20%2410%20when%20they%20refer%20a%20friend%20who%3A%20(i)%20is%20a%20new%20user%20to%20Ibotta%3B%20(ii)%20registers%20with%20Ibotta%20on%20a%20unique%20device%20with%20the%20Saver%E2%80%99s%20referral%20code%20(the%20%E2%80%9CReferred%20Saver%E2%80%9D)%3B%20and%20(iii)%20completes%20a%20Qualifying%20Offer%20(as%20defined%20below)%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20The%20Referred%20Saver%20will%20earn%20a%20referral%20bonus%20upon%20registration%20and%20completion%20of%20a%20Qualifying%20Offer%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20A%20Qualifying%20Offer%20includes%20an%20offer%2C%20Any%20Brand%2C%20or%20Any%20Receipt%20offer.%20Online%20shopping%20transactions%20are%20not%20considered%20a%20Qualifying%20Offer%20until%20the%20offer%20pending%20period%20is%20complete%2C%20and%20the%20offer%20is%20credited%20to%20the%20Referred%20Saver%E2%80%99s%20account.%20Ibotta%20reserves%20the%20right%20to%20adjust%20these%20terms%20or%20the%20bonus%20amounts%20at%20any%20time.%20Prices%2C%20offers%2C%20cash-back%20amounts%2C%20bonuses%2C%20and%20the%20referral%20period%20may%20vary%20and%20are%20subject%20to%20change%20without%20notice.%20All%20accounts%20are%20subject%20to%20review.%20Additional%20terms%20and%20conditions%20may%20apply.&k=web-v-2-sold-out-offers-list&k=true&k=web-v-2-registration-page-copy&k=true&k=web-v-2-cashout-on-web-payments-env&k=production&k=web-v-2-customer-metadata-override&k=false&k=web-v-2-browser-profiling-is-enabled&k=false&k=web-v-2-browser-profiling-home-is-enabled&k=false&k=web-v-2-browser-profiling-cashout-is-enabled&k=true&k=web-v-2-bex-required-retailer-update-enabled&k=true&k=web-v2-direct-integration-retailer-list&k=true&k=web-v-2-feedback-survey&k=true&k=web-disco-cashout-age-threshold&k=7&k=web-v-2-special-deals-enabled&k=true&k=web-v-2-retailer-thumbnail-updates-enabled&k=true&k=web-v-2-logged-out-item-offers&k=true&k=web-v-2-home-page-recommendation&k=SplitHomeRecommended&k=web-messaging-auth-enabled&k=false&k=web-v-2-waved-image-offer-tags-enabled&k=true&k=web-v-2-retailer-descriptions-enabled&k=false&k=web-v-2-in-store-retailers-enabled&k=true&k=web-v-2-retailer-groups-enabled&k=true&k=unified-account-linking-retailer-list&k=true&ts=1689876294440&sp=ts&sp=1689876291867&sp=d&sp=ibotta.com&sp=h&sp=%2Fregister&st=1689876294440

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.92.249.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-249-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 18:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1919782858327617?v=2.9.115&r=stable

Domain: px4.ads.linkedin.com
URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=88183&time=1689876293237&url=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&e_ipv6=AQJRw-HCM7js2QAAAYl0eehX23XilQBVyK1Z48c_QtqtCiRi43k4ZZ1pPqMCYghls4PqiJb9

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?dtstmp=1689876293325&aid=a-0320&se=e30&duid=4564d05c840b--01h5t7kshy9g501ye0trdkdpj6&tna=v2.7.2&pu=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&wpn=lc-bundle&c=PG1ldGEgZGF0YS1uLWhlYWQ9IjEiIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJldHRlciB0aGFuIGNvdXBvbnMhIEVhcm4gcmVhbCBjYXNoIGJhY2sgb24geW91ciBldmVyeWRheSBwdXJjaGFzZXMg4oCUIGluLXN0b3JlIGFuZCBvbmxpbmUuIj48dGl0bGU-Q3JlYXRlIElib3R0YSBBY2NvdW50IHwgSWJvdHRhPC90aXRsZT48bGluayBkYXRhLW4taGVhZD0iMSIgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vaWJvdHRhLmNvbS9yZWdpc3RlciI-PG1ldGEgZGF0YS1uLWhlYWQ9IjEiIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJSZWdpc3RlciBmb3IgYW4gSWJvdHRhIGFjY291bnQgdG9kYXkhIj4&i6=MmEwYzpmMDQwOjA6Mjc5MDo6M2U%3D&n3pc=true

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GT6GKTE2DV&gtm=45je37j0h2&_p=1276080663&cid=1946802926.1689876293&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1689876293&sct=1&seg=0&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&dt=Create%20Ibotta%20Account%20%7C%20Ibotta&en=user&ep.gtm_container_id=GTM-WDDWDQ&ep.gtm_container_version=251&ep.referral_page=&ep.user_timezone_timestamp=Thu%20Jul%2020%202023%2018%3A04%3A52%20GMT%2B0000%20(GMT)&ep.session_id_custom_dimension=1689876293&epn.user_timezone_offset=0&ep.user_agent_string=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.98%20Safari%2F537.36&ep.language_custom_dimension=English&ep.responsive_breakpoint=desktop&ep.gtm_tag_name=GA4%20-%20Event%20-%20Fetch%20User%27s%20Data%20-%20Client%20ID&ep.ga_client_id_hit=1946802926.1689876293&ep.action=get%20user%27s%20data&_et=270&up.ga_client_id_user=1946802926.1689876293

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=11041900&Ver=2&mid=d2584a2c-0866-4100-9474-3981f2436b65&sid=ed346390272711eea28517f4404dd66b&vid=ed34a2a0272711eeb4d239aea6ff263f&vids=1&msclkid=N&evt=pageHide

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FN7XKBTY37&gtm=45je37h0&_p=1276080663&ul=en-us&sr=1600x1200&cid=1946802926.1689876293&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=2&dl=https%3A%2F%2Fibotta.com%2Fregister%3Ffriend%3Dbo&dp=%2Fregister%3Ffriend%3Dbo&dt=Create%20Ibotta%20Account%20%7C%20Ibotta&sid=1689876293&sct=1&seg=0&en=client%20id&_ee=1&ep.ua_dimension_1=logged_out&ep.ua_dimension_8=GTM-WDDWDQ&ep.ua_dimension_9=251&ep.ua_dimension_12=Thu%20Jul%2020%202023%2018%3A04%3A53%20GMT%2B0000%20(GMT)&ep.ua_dimension_13=1689876293339.lt2bfwx&ep.ua_dimension_14=0&ep.ua_dimension_15=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.98%20Safari%2F537.36&ep.ua_dimension_16=English&ep.ua_dimension_17=desktop&ep.ua_dimension_19=4.160.0&ep.ua_dimension_20=1946802926.1689876293&ep.ua_dimension_21=1946802926.1689876293&ep.event_category=user&ep.event_label=1946802926.1689876293&_et=28

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| heap

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ibotta.com/	1970-01-20 13:24:37	Name: _dd_s Value: rum=0&expire=1689877190824
ibotta.com/	1970-01-20 22:10:12	Name: RoktRecogniser Value: ad6ba74a-7297-4b68-b810-d506a8d14dc8
apps.rokt.com/	1969-12-31 23:59:59	Name: akaalb_Instance-1 Value: ~op=Prod_Widget_API_Experiences:Prod-API-EU-West-1\|Prod_WSDK_S3:Prod-SDK-S3\|~rv=11~m=Prod-API-EU-West-1:0\|Prod-SDK-S3:0\|~os=141f223fa3e939d66e4926adb7c49b34~id=81de2ac3fd6126992e40b708b91a2bb4
ibotta.com/	1970-01-20 22:10:12	Name: i18n_redirected Value: en
.ibotta.com/	1970-01-20 15:34:12	Name: %40%40 Value: 1
.ibotta.com/	1970-01-20 15:34:12	Name: vuex Value: {%22user%22:null}
.ibotta.com/	1970-01-20 22:52:33	Name: _hp2_props.560310507 Value: %7B%22web-v-2-down-for-maintenance%22%3Afalse%2C%22web-v-2-popular-online-cpg-retailer-list%22%3Atrue%2C%22web-v-2-popular-search-terms-data%22%3Atrue%2C%22web-v-2-popular-sort-option%22%3Afalse%2C%22web-v-2-recommended-offers-enabled%22%3Afalse%2C%22web-v-2-referral-page-copy%22%3Atrue%2C%22web-v-2-referral-page-terms%22%3A%22Savers%20will%20earn%20%2410%20when%20they%20refer%20a%20friend%20who%3A%20(i)%20is%20a%20new%20user%20to%20Ibotta%3B%20(ii)%20registers%20with%20Ibotta%20on%20a%20unique%20device%20with%20the%20Saver%E2%80%99s%20referral%20code%20(the%20%E2%80%9CReferred%20Saver%E2%80%9D)%3B%20and%20(iii)%20completes%20a%20Qualifying%20Offer%20(as%20defined%20below)%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20The%20Referred%20Saver%20will%20earn%20a%20referral%20bonus%20upon%20registration%20and%20completion%20of%20a%20Qualifying%20Offer%20within%20seven%20(7)%20days%20of%20registration%2C%20during%20the%20referral%20period.%20A%20Qualifying%20Offer%20includes%20an%20offer%2C%20Any%20Brand%2C%20or%20Any%20Receipt%20offer.%20Online%20shopping%20transactions%20are%20not%20considered%20a%20Qualifying%20Offer%20until%20the%20offer%20pending%20period%20is%20complete%2C%20and%20the%20offer%20is%20credited%20to%20the%20Referred%20Saver%E2%80%99s%20account.%20Ibotta%20reserves%20the%20right%20to%20adjust%20these%20terms%20or%20the%20bonus%20amounts%20at%20any%20time.%20Prices%2C%20offers%2C%20cash-back%20amounts%2C%20bonuses%2C%20and%20the%20referral%20period%20may%20vary%20and%20are%20subject%20to%20change%20without%20notice.%20All%20accounts%20are%20subject%20to%20review.%20Additional%20terms%20and%20conditions%20may%20apply.%22%2C%22web-v-2-sold-out-offers-list%22%3Atrue%2C%22web-v-2-registration-page-copy%22%3Atrue%2C%22web-v-2-cashout-on-web-payments-env%22%3A%22production%22%2C%22web-v-2-customer-metadata-override%22%3Afalse%2C%22web-v-2-browser-profiling-is-enabled%22%3Afalse%2C%22web-v-2-browser-profiling-home-is-enabled%22%3Afalse%2C%22web-v-2-browser-profiling-cashout-is-enabled%22%3Atrue%2C%22web-v-2-bex-required-retailer-update-enabled%22%3Atrue%2C%22web-v2-direct-integration-retailer-list%22%3Atrue%2C%22web-v-2-feedback-survey%22%3Atrue%2C%22web-disco-cashout-age-threshold%22%3A7%2C%22web-v-2-special-deals-enabled%22%3Atrue%2C%22web-v-2-retailer-thumbnail-updates-enabled%22%3Atrue%2C%22web-v-2-logged-out-item-offers%22%3Atrue%2C%22web-v-2-home-page-recommendation%22%3A%22SplitHomeRecommended%22%2C%22web-messaging-auth-enabled%22%3Afalse%2C%22web-v-2-waved-image-offer-tags-enabled%22%3Atrue%2C%22web-v-2-retailer-descriptions-enabled%22%3Afalse%2C%22web-v-2-in-store-retailers-enabled%22%3Atrue%2C%22web-v-2-retailer-groups-enabled%22%3Atrue%2C%22unified-account-linking-retailer-list%22%3Atrue%7D
ibotta.com/	1969-12-31 23:59:59	Name: gsi Value: 09da32bc03eb4a919ad2271e966e63ec
ibotta.com/	1970-01-20 22:10:12	Name: early_identifier Value: aad07eb390f246f6951e56616b404747
ibotta.com/	1969-12-31 23:59:59	Name: ibotta-ts Value: {%22exp%22:1689878092147%2C%22id%22:%2273efb31e-b9a7-4ee6-b889-8dd2c77899fc%22%2C%22timestamp%22:1689876292147}
.ibotta.com/	1970-01-20 13:24:38	Name: _hp2_ses_props.560310507 Value: %7B%22ts%22%3A1689876291867%2C%22d%22%3A%22ibotta.com%22%2C%22h%22%3A%22%2Fregister%22%7D
authenticate.ibotta.com/	1970-01-20 22:10:33	Name: did Value: s%3Av0%3Aecd2a660-2727-11ee-b5a3-277736005c26.CrcJBDuvN0Q3oufI5bmHgxhWM7BnA%2FwACr9Saa6PpVM
authenticate.ibotta.com/	1970-01-20 22:10:33	Name: did_compat Value: s%3Av0%3Aecd2a660-2727-11ee-b5a3-277736005c26.CrcJBDuvN0Q3oufI5bmHgxhWM7BnA%2FwACr9Saa6PpVM
.ibotta.com/	1970-01-20 15:34:12	Name: _gcl_au Value: 1.1.1272836384.1689876293
ibotta.com/	1970-01-20 22:10:12	Name: __pdst Value: 185d9479cab54e56b5632c15702df2ab
.ibotta.com/	1970-01-20 13:26:02	Name: _gid Value: GA1.2.1872132806.1689876293
.ibotta.com/	1970-01-20 13:24:36	Name: _gat_UA-29017381-1 Value: 1
ibotta.com/	1970-01-20 23:00:36	Name: tatari-cookie-test Value: 494071
.ibotta.com/	1970-01-20 13:24:36	Name: t-ip Value: 1
.ibotta.com/	1970-01-20 23:00:36	Name: tatari-session-cookie Value: 99845daa-0914-8d65-cbd0-780cb3009648
.ibotta.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .ibotta.com
.ibotta.com/	1970-01-20 23:00:36	Name: _lc2_fpi Value: 4564d05c840b--01h5t7kshy9g501ye0trdkdpj6
.ibotta.com/	1970-01-20 13:26:02	Name: _uetsid Value: ed346390272711eea28517f4404dd66b
.ibotta.com/	1970-01-20 22:46:12	Name: _uetvid Value: ed34a2a0272711eeb4d239aea6ff263f
.ibotta.com/	1969-12-31 23:59:59	Name: IR_gbd Value: ibotta.com
.ibotta.com/	1969-12-31 23:59:59	Name: IR_8841 Value: 1689876293203%7C0%7C1689876293203%7C%7C
.bing.com/	1970-01-20 22:46:12	Name: MUID Value: 35C4B93D1A866CA402B6AA691B546D27
.doubleclick.net/	1970-01-20 13:24:37	Name: test_cookie Value: CheckForPermission
.ibotta.com/	1970-01-20 23:00:36	Name: _ga_JP10KW76MD Value: GS1.1.1689876293.1.0.1689876293.0.0.0
.ibotta.com/	1970-01-20 23:00:36	Name: _ga Value: GA1.2.1946802926.1689876293
.ibotta.com/	1970-01-20 23:00:36	Name: _ga_GT6GKTE2DV Value: GS1.1.1689876293.1.0.1689876293.60.0.0
.tiktok.com/	1970-01-20 22:46:12	Name: _ttp Value: 2SqZuS7Fz8t5kQNYsFy1TB7KAH9
authenticate.ibotta.com/	1970-01-20 13:28:55	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQLdlAzajTM_oeK14WZFewZu6G4pNxaUmjzY1C-BqL3N_UF0_85jZXLHWF_hd0p7nEv5aYnBoGljFqbXz8CI9JYumY29va2llg6dleHBpcmVz1_9HSYMAZL1rxa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Q6PBFB2iiG%2FyEe2NAyWo4PzNk5otpc%2FhxbG9Sm3BXtQ
authenticate.ibotta.com/	1970-01-20 13:28:55	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQLdlAzajTM_oeK14WZFewZu6G4pNxaUmjzY1C-BqL3N_UF0_85jZXLHWF_hd0p7nEv5aYnBoGljFqbXz8CI9JYumY29va2llg6dleHBpcmVz1_9HSYMAZL1rxa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Q6PBFB2iiG%2FyEe2NAyWo4PzNk5otpc%2FhxbG9Sm3BXtQ
.ibotta.com/	1970-01-20 23:00:36	Name: _ga_FN7XKBTY37 Value: GS1.2.1689876293.1.0.1689876293.60.0.0
ibotta.com/	1970-01-20 13:26:02	Name: ln_or Value: eyI4ODE4MyI6ImQifQ%3D%3D
.ibotta.com/	1970-01-20 22:10:12	Name: _pin_unauth Value: dWlkPVpqVTVOemd6TVRJdE56TXlNUzAwWkRFeUxXSTFZakF0TXpsaE9EZzJObVF6WTJSag
.ibotta.com/	1970-01-20 22:10:12	Name: _hjSessionUser_2893975 Value: eyJpZCI6ImI0YjhmYTQwLWQ0MzMtNTdmMC05NzFkLTU5NjJiOGIzZWI2ZCIsImNyZWF0ZWQiOjE2ODk4NzYyOTM2MjUsImV4aXN0aW5nIjpmYWxzZX0=
.ibotta.com/	1970-01-20 13:24:38	Name: _hjFirstSeen Value: 1
.ibotta.com/	1970-01-20 13:24:36	Name: _hjIncludedInSessionSample_2893975 Value: 0
.ibotta.com/	1970-01-20 13:24:38	Name: _hjSession_2893975 Value: eyJpZCI6IjcwMzY0ODBiLTU5NmEtNGZjMC04ZTA5LTFlMGJhZTk5Y2NiNCIsImNyZWF0ZWQiOjE2ODk4NzYyOTM2MzgsImluU2FtcGxlIjpmYWxzZX0=
.ibotta.com/	1970-01-20 13:24:38	Name: _hjAbsoluteSessionInProgress Value: 0
.liadm.com/	1970-01-20 23:00:36	Name: lidid Value: 0b121bec-797e-4da1-8405-f173b6577b46
.linkedin.com/	1970-01-20 22:10:12	Name: bcookie Value: "v=2&095f4b4f-2f81-4db3-837a-726d1481eac6"
.linkedin.com/	1970-01-20 17:43:48	Name: li_gc Value: MTswOzE2ODk4NzYyOTM7MjswMjGWg8QI06Zieji/ZxOFP/4yVN7mqqNSKeWwASFkmxm4cg==
.linkedin.com/	1970-01-20 13:26:02	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2971:u=1:x=1:i=1689876293:t=1689962693:v=2:sig=AQFZgk7TTLBuOh_cV3Nw7KnEt3Ja4Lbv"
.ibotta.com/	1970-01-20 22:52:33	Name: _hp2_id.560310507 Value: %7B%22userId%22%3A%226225564718721617%22%2C%22pageviewId%22%3A%228604092203045762%22%2C%22sessionId%22%3A%223207893819261867%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.quantummetric.com/qscripts/quantum-ibotta.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.ibops.net
app.launchdarkly.com
apps.rokt.com
authenticate.ibotta.com
b-code.liadm.com
bat.bing.com
cdn.auth0.com
cdn.heapanalytics.com
cdn.linkedin.oribi.io
cdn.pdst.fm
cdn.quantummetric.com
cdn.transcend.io
clientstream.launchdarkly.com
connect.facebook.net
ct.pinterest.com
d.impactradius-event.com
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
data.adxcel-ec2.com
dvqigh9b7wa32.cloudfront.net
events.launchdarkly.com
googleads.g.doubleclick.net
heapanalytics.com
home.ibotta.com
ibotta.com
p.typekit.net
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
rp4.liadm.com
s.pinimg.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
sync.transcend.io
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
websdk.appsflyer.com
www.google-analytics.com
www.google.com
www.google.fi
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
bat.bing.com
connect.facebook.net
px4.ads.linkedin.com
region1.analytics.google.com
rp4.liadm.com
13.225.34.68
13.248.151.210
141.193.213.20
151.101.64.84
151.101.66.217
18.173.154.122
18.173.154.84
18.173.184.8
2001:4860:4802:34::36
2001:4860:4802:36::36
23.53.43.59
2600:9000:2171:f600:10:474e:104a:2961
2600:9000:218e:fe00:14:fc27:88c0:93a1
2600:9000:2304:a00:2:8531:afc0:93a1
2600:9000:237d:9a00:8:8845:1500:93a1
2600:9000:26da:5000:17:3f5c:f800:21
2600:9000:26da:6c00:17:f683:1d40:21
2600:9000:26db:6e00:3:760:2800:21
2600:9000:26db:a800:2:53b2:240:93a1
2600:9000:26db:f600:a:de49:b100:93a1
2606:4700:10::6816:35fc
2606:4700::6810:5267
2620:1ec:c11::200
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9c
2a02:26f0:3100::1735:28f0
2a02:26f0:480:f::213:7ed3
2a02:26f0:780::210:a423
2a02:26f0:780::210:a452
2a02:26f0:780::210:a480
2a03:2880:f084:105:face:b00c:0:3
2a04:4e42:8e::84
3.92.249.42
35.153.253.53
35.186.249.72
35.244.142.80
52.22.219.195
52.6.53.6
06443c49eb5b145f024f7e328fcb757d2e1b27a3d2f779f21b9cc15024274a3a
093568eb247dcc6f462e1a077ae1a5ad22e0047fc31c6c449d22f604f00515bb
0ae5b3c11100303bf32eb75a7d3aba000da452770437f616a6fb3987cf60f365
16d4b17ee393c221e2a061d32bfd7a73482d36a54bb94b4c15b8a0d11f5a8c61
1779a49bc11620c55dd5424776fa1e5c44b5cdb705163555ef05afc54e9cde89
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e9df7e027f614faa8be8fc94dd5523a754f7dfc034b3871cb31b90bbaccbe3d
23066efd6ca168e650f9d4eeb195ce3c641446a359b39c9f4782c1653ce5a042
2501dc68e894f97954d8bd445940068804b109c43c3d1d8ab8dbc7cd09dcbc8f
2b0f1a82076c5fc9479ac13d70373f737e3c72fd9bdd4ba7e6481bb28a558618
2b5a46b2b8cdb89baa4ae90c0b0d7aafc03370b37c05b4797a78204c4bccfdc8
2d18666f0070c1d3d86b414b2f63d771c50c085457c31efc9abffb423054baf1
32dd1b047777b55568dc0931dccbcd1831e96d42d7d39e97564d5f6d19ad51cb
3557177e20754969b0b0dd9a5200a4c654ad8380fe7afcff3f6638cda5139abe
3c2ebbc1e7fb6f03810e31e38e4dbddcbeee707f7ade4d6de96216951e938509
3d6aca52e9e0bf8f718edd59d590ee317c9137774ae1a77543e395eb7e41c546
40509b0dde867ef35b2ea1d935c4293e4dd27408934ea8284eb626d0560ff142
41dcd21e566db033d386f5c3bfa95373fcb4a990a9e7a145e3400b94ae23d7dd
422b38ea03fe0d34332e3e6c5357837008e97d19ee130aa19a55b3073c9875bc
488abb76d9cca832c28030511778643398e301be93d90e830ae47f47a5a6e87e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
59b16ffc84cafd801533443b6ac0732fc9ac5e34f15ae3c3da20e0191ddb228e
6195fc820041e71d86d2e17dd413780c21bfc2e62d79b8fa30b43f571ef93f1b
67042ecb09a9f201dd298c4bb1b29f3493f5028b181e03792bc5c18c626e6b3a
756421612d8af9f20a9b1497f4a182ef962b1f1eff7890b91661c6b6f6266c11
75a099d5c0fa41ab884e9c6c125e9d78e3b22ebedf193194c4690e0325071aed
7881f055a1e424714f4fc2089b071df59f1b3cca32f3957e35bdd79685058f2b
8498904faf67d44dbed3d9b2bb7d480da6904258b35e94029a0fd3256b79e4d5
910fb2399f04bfec194721854be3127ef67970f8b1b676f14460e393318963cd
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
ab6ddb6ce5d9ac16ad5179abb550488730ac06303cc4fad3ac8790e558f5d678
b90ede130663a88df36f578b1b69ba97423c89cc55da4f9626ba509e3540518a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c5b1c0cd4f8bb74006d6097819b6b395c2c5fda775b2feb9b8436ef40d689978
c95cc470322d69e6b8828f01d9ead7fef148c645d5218132f0708ff4bcc9fcdd
cfe79d7a5685176a5df8bc426fd10a936007bbbb9c1925e7a4c7cf0da4f1acd2
d00d1b84250a4886d05eb8146180447a656d25ac69cf41eda4ee0b4993a1d34c
d336d2fc55a43e7578321850eac445db98f0e58929438c856c12e45cf3d9488f
e09dffcda9ed6a04665e8254067674bbe88ca8682034696d7b3366272539c281
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6066c4de3dc65aabbcddba7ab83bc2396fa8327501c57e5902c8ba5057c88c6
e71316ea5922cae2f67667c41963d32d7566c363507de29355ec452be0529e37
e9da45dd97c2bace5125d08d81e39389d97fbd204a022ddd2490cd4b69971a0a
f6252499ba5cacca024e61f458c4c259f3ca4daea2cc3cd32f58cb124b16fe93
facbf8a14d5d0cf75f713b32d8952971758492020ea6752bd4b2ca8ac4d37e39
fbda361d336b9aa94940948dd5639fc9ee1a9274979dbc05dbc18ed837c14c79
fd0c91dae3964654557348546b167581cdac13a2e00555b3c5b73e0981d4b165
fd94e779bdf833becc6129871d13c28159d236ef099994be64bed60757d12c08

authenticate.ibotta.com Open in urlscan Pro 2606:4700::6810:5267 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

95 %HTTPS

67 %IPv6

32 Domains

48 Subdomains

46 IPs

3 Countries

2505 kBTransfer

8655 kBSize

47 Cookies

2 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

authenticate.ibotta.com Open in urlscan Pro
2606:4700::6810:5267 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

95 %
HTTPS

67 %
IPv6

32
Domains

48
Subdomains

46
IPs

3
Countries

2505 kB
Transfer

8655 kB
Size

47
Cookies

121 HTTP transactions
4 data transactions