urlscan.io logo urlscan.io
SecurityTrails logo

ibotta.com Open in urlscan Pro
2600:9000:200c:5e00:14:fc27:88c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ibotta.com/r/ookiftx
Effective URL: https://ibotta.com/register?friend=ookiftx
Submission: On October 31 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 15 HTTP transactions. The main IP is 2600:9000:200c:5e00:14:fc27:88c0:93a1, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is ibotta.com.
TLS certificate: Issued by Amazon on June 18th 2019. Valid for: a year.
This is the only time ibotta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2600:9000:200... 16509 (AMAZON-02)
4 52.222.168.48 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.19.43.224 20940 (AKAMAI-ASN1)
2 151.101.114.2 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 151.101.112.233 54113 (FASTLY)
1 151.101.14.110 54113 (FASTLY)
1 162.247.242.21 23467 (NEWRELIC-...)
1 18.233.176.127 14618 (AMAZON-AES)
15 10
3    2600:9000:200c:5e00:14:fc27:88c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ibotta.com
4    52.222.168.48 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-48.fra54.r.cloudfront.net
d2enyzngr1a9pt.cloudfront.net
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2.19.43.224 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-224.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
app.launchdarkly.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    151.101.112.233 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
dev.appboy.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
1    18.233.176.127 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-233-176-127.compute-1.amazonaws.com
events.launchdarkly.com
Domain Requested by
4 d2enyzngr1a9pt.cloudfront.net ibotta.com
3 ibotta.com 1 redirects ibotta.com
2 app.launchdarkly.com ibotta.com
1 events.launchdarkly.com ibotta.com
1 bam.nr-data.net ibotta.com
1 js-agent.newrelic.com ibotta.com
1 dev.appboy.com ibotta.com
1 maxcdn.bootstrapcdn.com ibotta.com
1 sb.scorecardresearch.com ibotta.com
1 www.google-analytics.com ibotta.com
15 10

This site contains no links.

Subject Issuer Validity Valid
ibotta.com
Amazon		 2019-06-18 -
2020-07-18		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
m.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-24 -
2020-07-24		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh
*.launchdarkly.com
Gandi Pro SSL CA 2		 2018-09-12 -
2020-10-30		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://ibotta.com/register?friend=ookiftx
Frame ID: 61D2D25593193BA4B21B83A87BE96224
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ibotta.com/r/ookiftx HTTP 301
    https://ibotta.com/register?friend=ookiftx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

15
Requests

100 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

10
IPs

4
Countries

725 kB
Transfer

3146 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ibotta.com/r/ookiftx HTTP 301
    https://ibotta.com/register?friend=ookiftx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register
ibotta.com/
Redirect Chain
  • https://ibotta.com/r/ookiftx
  • https://ibotta.com/register?friend=ookiftx
23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:5e00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/ Express Phusion Passenger
Resource Hash
8ae87a50ec8e08e3bd68806304a91c90bbf3df8897c800b974a44b98cd02c1fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors "none"

Request headers

:method
GET
:authority
ibotta.com
:scheme
https
:path
/register?friend=ookiftx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200 200 OK
content-type
text/html; charset=utf-8
date
Thu, 31 Oct 2019 17:52:15 GMT
vary
Accept-Encoding
x-powered-by
Express Phusion Passenger
etag
W/"5c18-dd0WTu5+NzY3HNkYdHlngKlyr8k"
content-security-policy
frame-ancestors "none"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 10e95c517e657ad53448fce5195e9cba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2
x-amz-cf-id
wa28Z9DesoC2AVsA7ku50BGHZdn95eK2N8LsHNA6scf3oo-F_PzqcQ==

Redirect headers

status
301
content-type
text/html
content-length
162
location
https://ibotta.com/register?friend=ookiftx
date
Thu, 31 Oct 2019 17:52:15 GMT
x-cache
Miss from cloudfront
via
1.1 10e95c517e657ad53448fce5195e9cba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2
x-amz-cf-id
otKnSVwkiRVFs5lwd6BHmUG0nRZWnLSdFkPmXJ2rLuojchzSem1h7w==
vendor-04048f3e210865afe18bc1bc03a8ae72.css
d2enyzngr1a9pt.cloudfront.net/assets/ 		41 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-04048f3e210865afe18bc1bc03a8ae72.css
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.48 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-48.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc8337ebe8e058353241c3f9f064a6bfc0c6a45eefd8724061107e661fe71046

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ibotta.com/register?friend=ookiftx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 07:08:58 GMT
content-encoding
gzip
age
66917
x-cache
Hit from cloudfront
status
200
content-length
4633
last-modified
Wed, 25 Sep 2019 16:50:52 GMT
server
AmazonS3
etag
"84da58a19e0aab35be5577a1dfe7d747"
x-amz-version-id
izKQaBumzdJnYFhECisj.o9zV8Nz1ELa
via
1.1 efed2d5ffeb697060f4a3aa73bdf068f.cloudfront.net (CloudFront)
cache-control
max-age=63072000, public
x-amz-cf-pop
FRA54
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-amz-cf-id
_6Qc4Mjz4b7Tqxf7-kOMl1bebCFN9nOs6eSgJCtINtM372rG65u6tA==
expires
Tue, 01 Jan 2030 00:00:00 GMT
ibotta-web-d5f99834eda55bf55133d21b4d8da247.css
d2enyzngr1a9pt.cloudfront.net/assets/ 		300 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2enyzngr1a9pt.cloudfront.net/assets/ibotta-web-d5f99834eda55bf55133d21b4d8da247.css
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.48 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-48.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2df83c599bc44b4eca2aa8d31ab6691e9412957946831972df527d34d238a96

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ibotta.com/register?friend=ookiftx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 15 Oct 2019 20:09:14 GMT
content-encoding
gzip
age
332160
x-cache
Hit from cloudfront
status
200
content-length
48193
last-modified
Tue, 15 Oct 2019 20:03:53 GMT
server
AmazonS3
etag
"6ad3a8a54277fa3e9895242a4fc17789"
x-amz-version-id
aRyewZPcjrJd9jq6jnlwpqKS4XkASzYi
via
1.1 efed2d5ffeb697060f4a3aa73bdf068f.cloudfront.net (CloudFront)
cache-control
max-age=63072000, public
x-amz-cf-pop
FRA54
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-amz-cf-id
LenqOrBiLaICAWupanEY47G7v5B-OMLI-L1_VBqpTEdspMaeHkibFQ==
expires
Tue, 01 Jan 2030 00:00:00 GMT
vendor-46b23e024a4c476ce2251889e1fe899c.js
d2enyzngr1a9pt.cloudfront.net/assets/ 		2 MB
484 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.48 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-48.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c29796c18e6bb46aa42ed9649683364ec90d8535ed8045e1bcc033c8e2eb1b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ibotta.com/register?friend=ookiftx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 15:32:03 GMT
content-encoding
gzip
age
51723
x-cache
Hit from cloudfront
status
200
content-length
494898
last-modified
Mon, 23 Sep 2019 14:16:32 GMT
server
AmazonS3
etag
"92a8054d366dce3b04299fccce6f1559"
x-amz-version-id
ycjdY6z4MysQ_YnGjg_LYIpU3C._nGu.
via
1.1 efed2d5ffeb697060f4a3aa73bdf068f.cloudfront.net (CloudFront)
cache-control
max-age=63072000, public
x-amz-cf-pop
FRA54
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Y6sOQ8mRXLWRRNxs9OkWRUuMGwspZ-V1zQnv1yHTuu_rXnn5mXPOew==
expires
Tue, 01 Jan 2030 00:00:00 GMT
ibotta-web-55209ee35b7c76566864d711cfc3af4c.js
d2enyzngr1a9pt.cloudfront.net/assets/ 		733 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2enyzngr1a9pt.cloudfront.net/assets/ibotta-web-55209ee35b7c76566864d711cfc3af4c.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.48 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-48.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc38b28b3533107ddf5479772646f0da188772a3ee9cdcbfc6829c15df066d6a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ibotta.com/register?friend=ookiftx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 23 Oct 2019 22:39:11 GMT
content-encoding
gzip
age
76267
x-cache
Hit from cloudfront
status
200
content-length
139093
last-modified
Wed, 23 Oct 2019 22:23:16 GMT
server
AmazonS3
etag
"e62002304dab57fe5955886a1ad53ee6"
x-amz-version-id
tEaKaVeIar_XyNRiSxstYmlL3JPuJPn4
via
1.1 efed2d5ffeb697060f4a3aa73bdf068f.cloudfront.net (CloudFront)
cache-control
max-age=63072000, public
x-amz-cf-pop
FRA54
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Akzf9SwR0HwKVLrj028pWe1avjW7H_3_v6xw4jo_xjFxGiBD_PopeA==
expires
Tue, 01 Jan 2030 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ibotta.com/register?friend=ookiftx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1118
date
Thu, 31 Oct 2019 17:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 31 Oct 2019 19:33:37 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ibotta.com/register?friend=ookiftx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Thu, 31 Oct 2019 17:52:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Fri, 01 Nov 2019 17:52:16 GMT
5c6b28dadb8ac42df4f22587
app.launchdarkly.com/sdk/goals/ 		2 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5c6b28dadb8ac42df4f22587
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Sec-Fetch-Mode
cors
Referer
https://ibotta.com/register?friend=ookiftx
X-LaunchDarkly-User-Agent
JSClient/2.13.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 17:52:16 GMT
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
status
200
access-control-max-age
300
content-length
26
x-served-by
cache-hhn4070-HHN
access-control-allow-origin
https://ibotta.com
x-timer
S1572544337.677704,VS0,VE0
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,LD-API-Version
x-cache-hits
1
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ibotta.com/register?friend=ookiftx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 17:52:16 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
5442
/
dev.appboy.com/api/v3/data/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.appboy.com/api/v3/data/
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.233 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
8593b146f52f3f24ca531f91be67ce8c442df5dd7b393547bb80d6d007b8e654
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://ibotta.com/register?friend=ookiftx
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/json

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding
gzip
ETag
W/"8593b146f52f3f24ca531f91be67ce8c"
Access-Control-Allow-Origin
*
X-Cache
MISS
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
1318
X-Request-Id
40a80af3-4b28-47f2-b4a9-e77e88f11c57
X-Served-By
cache-hhn4030-HHN
X-Runtime
0.158584
Server
nginx
X-Timer
S1572544337.706233,VS0,VE249
Date
Thu, 31 Oct 2019 17:52:16 GMT
Vary
Origin,Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/json
Via
1.1 varnish
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
Accept-Ranges
bytes
X-Cache-Hits
0
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjJkMmU5OTMwLWZjMDctMTFlOS05YzZjLWZkMDAyZjcwYTY5MCJ9
app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5c6b28dadb8ac42df4f22587/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjJkMmU5OTMwLWZjMDctMTFlOS05YzZjLWZkMDAyZjcwYTY5MCJ9
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
68ce6c849854dd5b647212b13c14b2b9e6b7ba2c7cf13cb7f469a0f84b27ddaa

Request headers

Sec-Fetch-Mode
cors
Referer
https://ibotta.com/register?friend=ookiftx
X-LaunchDarkly-User-Agent
JSClient/2.13.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 17:52:16 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
access-control-max-age
300
content-length
1605
x-served-by
cache-hhn4070-HHN
access-control-allow-origin
https://ibotta.com
x-timer
S1572544337.719254,VS0,VE98
etag
"1160e"
vary
Authorization, Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,LD-API-Version
x-cache-hits
0
globals.json
ibotta.com/web_v1/ 		62 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibotta.com/web_v1/globals.json
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:5e00:14:fc27:88c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx + Phusion Passenger / Phusion Passenger Enterprise
Resource Hash
20dfbe3b93dbb75c39176836343d4b10d26fd55bba3b62cfc6ef3d1a6966a2b6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ibotta.com/register?friend=ookiftx
X-App-Version
5.0.0:webapp
X-Requested-With
XMLHttpRequest
X-App-Token
lyWreHoghkuWyed6:1572544335:2f368ebedbe02c0e40ac6def2a4b384f5d3e869c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 31 Oct 2019 17:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA6-C1, FRA2
x-powered-by
Phusion Passenger Enterprise
x-cache
Error from cloudfront
status
403, 403 Forbidden
vary
Accept-Encoding
content-length
80
x-xss-protection
1; mode=block
x-request-id
6a724e73-b96b-45e2-a16b-51d475456e8f
server
nginx + Phusion Passenger
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/json; charset=utf-8
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront), 1.1 10e95c517e657ad53448fce5195e9cba.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
CBOtpTb4Im5X0EkMdw_TabCNt7EhkK-0EB92TILrPvFGxVevmDc1Zw==
nr-spa-1071.min.js
js-agent.newrelic.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1071.min.js
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0f3a0b6bb569a4c29d1bf5e034f9ec975d04b45edfd66ebff73ed5cf4a22447

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ibotta.com/register?friend=ookiftx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 17:52:16 GMT
content-encoding
gzip
x-amz-request-id
C0A5C3AD5F17E3EB
x-cache
HIT
status
200
content-length
12624
x-amz-id-2
BOP2VEVF4K07voslDhBpn73YtF/5ui3NcD7imwPlQG4vX8L/i/Sy38N1/7bfU4SNaw9Ku7rM/JY=
x-served-by
cache-fra19175-FRA
last-modified
Wed, 28 Feb 2018 23:35:17 GMT
server
AmazonS3
x-timer
S1572544337.683904,VS0,VE0
etag
"c4be07d99198e723860aeee65fd397cf"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
670
0f814cfb45
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/0f814cfb45?a=20646412&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=1589&ref=https://ibotta.com/register&be=691&fe=1474&dc=1252&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1572544335188,%22n%22:0,%22r%22:0,%22re%22:317,%22f%22:317,%22dn%22:317,%22dne%22:317,%22c%22:317,%22ce%22:317,%22rq%22:317,%22rp%22:678,%22rpe%22:679,%22dl%22:682,%22di%22:1251,%22ds%22:1251,%22de%22:1252,%22dc%22:1473,%22l%22:1473,%22le%22:1474%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&jsonp=NREUM.setToken
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ibotta.com/register?friend=ookiftx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
5c6b28dadb8ac42df4f22587
events.launchdarkly.com/events/bulk/ 		0
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5c6b28dadb8ac42df4f22587
Requested by
Host: ibotta.com
URL: https://ibotta.com/register?friend=ookiftx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.176.127 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-233-176-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://ibotta.com/register?friend=ookiftx
X-LaunchDarkly-Event-Schema
3
X-LaunchDarkly-User-Agent
JSClient/2.13.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 31 Oct 2019 17:52:19 GMT
Access-Control-Max-Age
300
Access-Control-Allow-Methods
POST,OPTIONS,POST,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent
Content-Length
0

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GoogleAnalyticsObject function| ga object| NREUM object| newrelic function| __nr_require object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| loader function| define function| requireModule function| require function| requirejs boolean| runningTests function| J object| N function| O number| ca function| ba function| Q function| da function| ea function| fa object| R object| S number| T string| U string| V function| X function| Y function| Z function| get function| getOwner object| routeProps string| mergedActionPropertyName function| lookupFastBoot function| createDeprecatedModule object| CryptoJS undefined| __ember_auto_import__ object| EmberENV function| moment object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| mainContext object| Ember object| Em object| queryString function| Cookies function| numeral function| linkify object| Modernizr object| appboy function| ouibounce function| ClipboardJS function| dependencyLib function| Inputmask function| Hammer object| webpackJsonp_ember_auto_import_ function| _eai_r function| _eai_d function| emberAutoImportDynamic boolean| NO_EMBER_DEBUG object| IbottaWeb boolean| prerenderReady function| udm_ object| _comscore object| COMSCORE

4 Cookies

Domain/Path Name / Value
.ibotta.com/ Name: ab.storage.deviceId.cb535ba1-2856-474b-9f5d-1416c922440d
Value: %7B%22g%22%3A%227e4ef27b-d5f6-0c31-6a5e-138343c689f8%22%2C%22c%22%3A1572544336464%2C%22l%22%3A1572544336464%7D
.ibotta.com/ Name: ab.storage.sessionId.cb535ba1-2856-474b-9f5d-1416c922440d
Value: %7B%22g%22%3A%22b83aca92-51a5-0d7d-f093-9a32b328f424%22%2C%22e%22%3A1572546136462%2C%22c%22%3A1572544336462%2C%22l%22%3A1572544336462%7D
.ibotta.com/ Name: _gid
Value: GA1.2.1880608660.1572544336
.ibotta.com/ Name: _ga
Value: GA1.2.1728662674.1572544336

2 Console Messages

Source Level URL
Text
console-api error URL: https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js(Line 3754)
Message:
Error while processing route: register.index Ember Data Request GET /web_v1/globals.json returned a 403 Payload (Empty Content-Type) [object Object] Error: Ember Data Request GET /web_v1/globals.json returned a 403 Payload (Empty Content-Type) [object Object] at n (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:1725:13) at n.A (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:11294:36) at new n (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:11295:54) at n.handleResponse (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:11817:17) at n.handleResponse (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:6373:36) at n [as handleResponse] (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:4008:9) at n.handleResponse (https://d2enyzngr1a9pt.cloudfront.net/assets/ibotta-web-55209ee35b7c76566864d711cfc3af4c.js:6:19) at n [as handleResponse] (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:4008:9) at a (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:11837:14) at n.l.error (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:11823:57)
console-api warning URL: https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js(Line 6309)
Message:
Ember encountered an error. Error: Ember Data Request GET /web_v1/globals.json returned a 403 Payload (Empty Content-Type) [object Object] at n (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:1725:13) at n.A (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:11294:36) at new n (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:11295:54) at n.handleResponse (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:11817:17) at n.handleResponse (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:6373:36) at n [as handleResponse] (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:4008:9) at n.handleResponse (https://d2enyzngr1a9pt.cloudfront.net/assets/ibotta-web-55209ee35b7c76566864d711cfc3af4c.js:6:19) at n [as handleResponse] (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:4008:9) at a (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:11837:14) at n.l.error (https://d2enyzngr1a9pt.cloudfront.net/assets/vendor-46b23e024a4c476ce2251889e1fe899c.js:11823:57)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors "none"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
bam.nr-data.net
d2enyzngr1a9pt.cloudfront.net
dev.appboy.com
events.launchdarkly.com
ibotta.com
js-agent.newrelic.com
maxcdn.bootstrapcdn.com
sb.scorecardresearch.com
www.google-analytics.com
151.101.112.233
151.101.114.2
151.101.14.110
162.247.242.21
18.233.176.127
2.19.43.224
2001:4de0:ac19::1:b:3a
2600:9000:200c:5e00:14:fc27:88c0:93a1
2a00:1450:4001:808::200e
52.222.168.48
00c29796c18e6bb46aa42ed9649683364ec90d8535ed8045e1bcc033c8e2eb1b
20dfbe3b93dbb75c39176836343d4b10d26fd55bba3b62cfc6ef3d1a6966a2b6
33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
68ce6c849854dd5b647212b13c14b2b9e6b7ba2c7cf13cb7f469a0f84b27ddaa
8593b146f52f3f24ca531f91be67ce8c442df5dd7b393547bb80d6d007b8e654
8ae87a50ec8e08e3bd68806304a91c90bbf3df8897c800b974a44b98cd02c1fb
bc8337ebe8e058353241c3f9f064a6bfc0c6a45eefd8724061107e661fe71046
cc38b28b3533107ddf5479772646f0da188772a3ee9cdcbfc6829c15df066d6a
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e0f3a0b6bb569a4c29d1bf5e034f9ec975d04b45edfd66ebff73ed5cf4a22447
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2df83c599bc44b4eca2aa8d31ab6691e9412957946831972df527d34d238a96