flt.cards Open in urlscan Pro
76.76.21.21  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1715063929569&url=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1715063929569&url=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2818138%26time%3D1715063929569%26url%3Dhttps%253A%252F%252Fflt.cards%252Ft%252Ffryhjowcno%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1715063929569&url=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1715063929569&url=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&cookiesTest=true&liSync=true&e_ipv6=AQK91ujTU1STLgAAAY9Rxr3guMVuifXsNcoTl01z5ngRSvRM4cgrRId2zHT6cRHZ4GIp4B4

Request Chain 91

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B841872C2A8345C291FC6313B79EF171&RedC=c.clarity.ms&MXFR=05B03DFCA15267C206082984A55269A1 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B841872C2A8345C291FC6313B79EF171&MUID=07061811788A6FF104600C6979016EEB

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request fryhjowcno Show response flt.cards/t/	8 KB 3 KB	356ms 129ms	Document text/html	76.76.21.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 462088baaf51b0a6f95ad654d8d38b0a419fce16cc1b515972de587d02d02cb6 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers access-control-allow-origin * age 34912 cache-control s-maxage=0 content-disposition inline; filename="index.html" content-encoding br content-type text/html; charset=utf-8 date Tue, 07 May 2024 06:38:47 GMT etag W/"0c86ea5cb40ff0400f469f5b37d5d42f" server Vercel strict-transport-security max-age=63072000 x-vercel-cache HIT x-vercel-id fra1::kdlxz-1715063927033-7aad580b96d1
GET H2	200	6317545.js Show response js.hs-scripts.com/	2 KB 1 KB	251ms 160ms	Script application/javascript	2606:4700::6810:8bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/6317545.js Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a3a6d6f87a4c121966c49da8532af14c7c214ab569dabcfec48ec9e040cf56e Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 298fee3e-d273-4d99-8cbb-9c0031f33202 x-envoy-upstream-service-time 10 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 298fee3e-d273-4d99-8cbb-9c0031f33202 last-modified Tue, 07 May 2024 06:09:32 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://flt.cards x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-k9jtd access-control-allow-credentials true cache-control public, max-age=90 cf-ray 87ff3588ffe537f5-FRA expires Tue, 07 May 2024 06:40:17 GMT
GET H2	200	146114.js Show response fast.appcues.com/	23 KB 6 KB	746ms 575ms	Script text/javascript	2a04:4e42:200::622 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.appcues.com/146114.js Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cowboy / Resource Hash 0e38097668d6307b4afdde218c1f7a39cf6ebde4dfdede49bf034717ce424fcc Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:47 GMT content-encoding gzip via 1.1 varnish age 0 x-cache MISS content-length 5315 x-request-id F80hjjLfCk9CXqAjDQmD x-served-by cache-cph2320059-CPH server Cowboy x-timer S1715063927.275671,VS0,VE535 vary accept-encoding, Accept-Encoding access-control-allow-methods GET,PUT,POST,DELETE,OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=120,public access-control-allow-credentials true accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With,Authorization x-cache-hits 0
GET H2	200	css2 fonts.googleapis.com/	2 KB 1 KB	212ms 48ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@500&display=swap Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 35b8fb06e3ab6616ebc42e6da67e12407b15603fdb0ee0244258a2e00be831de Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 May 2024 06:38:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 May 2024 06:13:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 May 2024 06:38:47 GMT
GET H2	200	css2 fonts.googleapis.com/	28 KB 2 KB	213ms 50ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4eb0c04228dba5578a1eea465369870866c5c604e383ae5470f8ba17d392cde2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 May 2024 06:38:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 May 2024 06:01:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 May 2024 06:38:47 GMT
GET H2	200	index-BmYKDD6G.js Show response flt.cards/assets/	7 MB 2 MB	144ms 135ms	Script application/javascript	76.76.21.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://flt.cards/assets/index-BmYKDD6G.js Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 0f384bd50519f17b32fe0c1e1d6f949d49d04a1930c9a7f8c5d8ad4a034d556f Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://flt.cards/t/fryhjowcno Origin https://flt.cards Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:47 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::kms9k-1715063927117-a6a671cd883a age 34911 etag W/"2ba20898e4f0da73ca56a1e5368717d6" x-vercel-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="index-BmYKDD6G.js"
GET H2	200	index-CdWeiTkA.css flt.cards/assets/	19 KB 5 KB	48ms 40ms	Stylesheet text/css	76.76.21.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://flt.cards/assets/index-CdWeiTkA.css Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 4fdb9eaac7e86da87c3f1a1f0b5d4b09f977bd7f356dce177b0952b244759f46 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://flt.cards/t/fryhjowcno Origin https://flt.cards Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:47 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::kdlxz-1715063927109-6c8fbd5b9c08 age 34911 etag W/"1531b5fb00cfbac2c96141d20cd21074" x-vercel-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="index-CdWeiTkA.css"
GET H2	200	gtm.js Show response www.googletagmanager.com/	337 KB 109 KB	159ms 61ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d350fd3bf0bcf65d400215cc085275680c2d505f604583b3ac07f15a598a612e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:47 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111162 x-xss-protection 0 last-modified Tue, 07 May 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 07 May 2024 06:38:47 GMT
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/	103 KB 28 KB	1009ms 904ms	Script text/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash a429540260e8572a6ea3f0846f7cff4e3f9b33c286106ed1f4521f3986e7ee51 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers x-amz-version-id gyTBlc26JJisPjTCOLnz2eAqCvzLFHma content-encoding br via 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront) date Tue, 07 May 2024 06:38:49 GMT x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 24 Apr 2024 20:05:20 GMT server AmazonS3 etag W/"013304e0acecc157efaf5a52778da683" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=120 vary Accept-Encoding x-amz-cf-id 7evz2jKIx9xO6TxZ3UzonBpJCELAmfs3yKys2XmQcjQp0xYiTR8w9A==
GET H2	200	track.js Show response assets.customer.io/assets/	7 KB 3 KB	172ms 44ms	Script application/javascript	2600:9000:21f3:800:11:9cfd:9400:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.customer.io/assets/track.js Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:800:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2fcfdae5440da627328eae9b05b0a54eb0e545892167f7e3c88636037a5c4c79 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers x-amz-version-id odzkoRMkQKzm9Qvmhal1oizSy3Yx3GJd content-encoding br via 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront) date Mon, 06 May 2024 18:47:20 GMT last-modified Mon, 15 Apr 2024 20:40:41 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 42689 x-amz-server-side-encryption AES256 etag W/"32a8226512dd2cca5956cdb283e5bdfe" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cross-origin-resource-policy cross-origin x-amz-cf-id VqXWyoYV3b81va54iXh4zQYpPkydoZYjEcohvuwJ5i84lk15iiSoRA==
GET H2	200	banner.js Show response js.hs-banner.com/v2/6317545/	71 KB 23 KB	455ms 330ms	Script text/javascript	2606:4700:4400::ac40:991b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/6317545/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6317545.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47689b32fa7668129018183fe5f3112564bc786f2cd6c69ab926b902b5b89348 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:48 GMT x-amz-version-id Njp6XUupngnEz4h4DmAbbyFeRAimnYJM content-encoding br cf-cache-status REVALIDATED x-amz-request-id V9YZ4DEHC83BWA4M x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 35d20aee-bb47-4762-b4bd-1593fd78dd59 x-envoy-upstream-service-time 62 x-amz-id-2 UBz0vhilw2uz8+vxW8aEOULQhxHoFbIVcH6gsOabh/HtjrB1M9xv8d+8QqgBGx5qwrozsenSYYA= x-evy-trace-listener listener_https x-request-id 35d20aee-bb47-4762-b4bd-1593fd78dd59 x-evy-trace-route-configuration listener_https/all last-modified Mon, 15 Apr 2024 14:45:02 GMT server cloudflare etag W/"fa518acdeed905a8f485176f27c4b4e4" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://floatcard.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 87ff358f4ce22c23-FRA expires Tue, 07 May 2024 06:43:48 GMT
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	69 KB 25 KB	483ms 358ms	Script application/javascript	2606:4700::6810:6ffe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6317545.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://flt.cards/ Origin https://flt.cards Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.491/bundles/project.js&cfRay=87ff358f4b935d4e-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"020909a609cf986b4a8a88cfb577a8db" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset collected-forms-embed-js/static-1.491/bundles/project.js date Tue, 07 May 2024 06:38:48 GMT x-amz-version-id _rd02ux3UWoVQsATQDf.p_LxkLPJ6umh via 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id a98496d5-a5f6-4192-b477-99ed7c7328f5 x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod x-envoy-upstream-service-time 9 x-evy-trace-route-configuration listener_https/all x-request-id a98496d5-a5f6-4192-b477-99ed7c7328f5 last-modified Wed, 10 Apr 2024 18:06:23 UTC server cloudflare access-control-max-age 3000 x-hs-cache-status MISS x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-ncdrp cf-ray 87ff358f4b935d4e-FRA x-amz-cf-id cRE2D4SWC20fj8xu0UoVk6T1UvLZ4OFOdxoPbz82vBUMVSyX8fWefA==
GET H2	200	fb.js Show response js.hsadspixel.net/	6 KB 4 KB	170ms 61ms	Script application/javascript	2606:4700::6811:80ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6317545.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1da8f170c3865aeacd91c9b95531baec2b5dcd16174220092e3a3695ba6ef456 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:48 GMT x-amz-version-id .jnzEtgOd9S.y9u.IH0.Nidq3hy2M7RK via 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop IAD12-P3 age 355 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.552/bundles/pixels-release.js&cfRay=87ff2ce37a5d2bae-FRA x-cache Hit from cloudfront x-hubspot-correlation-id fd957de4-b229-4f0a-b0eb-903c2e550cbd cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 1 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id fd957de4-b229-4f0a-b0eb-903c2e550cbd last-modified Mon, 06 May 2024 13:51:07 UTC server cloudflare etag W/"eeced445dd619f5fac08890cddee2915" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-rl62l cf-ray 87ff358f39a990fa-FRA x-amz-cf-id vQHplryTIKmEpV94OVcvZtsEHD5L1GtMYI0kfuJCA29sLW2i2vBuHA== x-hs-target-asset adsscriptloaderstatic/static-1.552/bundles/pixels-release.js
GET H2	200	6317545.js Show response js.hs-analytics.net/analytics/1715063700000/	67 KB 21 KB	300ms 176ms	Script text/javascript	2606:4700::6810:a0a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1715063700000/6317545.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6317545.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ff81271127fe8927c2877790fdf835dd9f0e1f93abd36a674004b8e85388f88 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:48 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id SYH52CXJYJC2ZXQX x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 4a7b91ca-e006-4d3d-a9a7-5b2870e222df x-envoy-upstream-service-time 16 x-amz-id-2 zjOwPEFqh65/+wiRkJIBXZY49o79d4DjpBOcSEqsrmMyEbl7xJVigfwwtqVkRy7dZ3HeLJreAZ9ybWqSNq74aw== x-evy-trace-listener listener_https x-request-id 4a7b91ca-e006-4d3d-a9a7-5b2870e222df x-evy-trace-route-configuration listener_https/all last-modified Wed, 24 Apr 2024 18:23:28 GMT server cloudflare etag W/"0dfc4d5f87a70c7901e7ac07573c7336" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-mnr7x cache-control max-age=300,public access-control-allow-credentials false cf-ray 87ff358f49659158-FRA expires Tue, 07 May 2024 06:43:48 GMT
GET H2	200	appcues.main.ba683f6029b6d0f08f110cfbb658f6fc3211648e.js Show response fast.appcues.com/generic/main/6.0.3/	458 KB 130 KB	118ms 39ms	Script application/javascript	2a04:4e42:200::622 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.appcues.com/generic/main/6.0.3/appcues.main.ba683f6029b6d0f08f110cfbb658f6fc3211648e.js Requested by Host: fast.appcues.com URL: https://fast.appcues.com/146114.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash af03e14d2f7488ba62aefdea4bbf4948c633f0f41c363d8abd3decd8b7166ada Request headers Referer https://flt.cards/ Origin https://flt.cards Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:48 GMT content-encoding gzip via 1.1 varnish x-amz-request-id DNQBSR4HPP6SSWJF age 45937 x-amz-server-side-encryption AES256 x-cache HIT content-length 132008 x-amz-id-2 liuRzBlrcz1427l0ojL3XZ4s6Sm5GNGtjPzMtceRb8V7YU/pHDTKm4VnqAxVwmKRUwKqK9T/AWQ= x-served-by cache-cph2320039-CPH last-modified Mon, 06 May 2024 17:24:30 GMT server AmazonS3 x-timer S1715063928.161056,VS0,VE0 etag "8eabc7ede5ba3f498091ae66f76f29cc" vary Accept-Encoding access-control-allow-methods GET,PUT,POST,DELETE,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With,Authorization x-cache-hits 312
GET H2	200	j95a8uk0ei Show response www.clarity.ms/tag/	685 B 1 KB	295ms 151ms	Script application/x-javascript	2620:1ec:46::65 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/j95a8uk0ei Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 3102aebcdd8c94360ddeffac38ef8eff714a8c6f347c514b1c5b01504da7c5b7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers expires -1 date Tue, 07 May 2024 06:38:48 GMT x-azure-ref 20240507T063848Z-1675f555588fhtnhysechyauc800000000s000000000v6hz x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 685 request-context appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
OPTIONS H2	200	/ sessions.bugsnag.com/ Frame	0 0	415ms 319ms	Preflight	2600:1901:0:7a0b:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sessions.bugsnag.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type Access-Control-Request-Method POST Origin https://flt.cards Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At access-control-allow-methods POST access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Tue, 07 May 2024 06:38:48 GMT via 1.1 google
POST H2	202	/ Show response sessions.bugsnag.com/	21 B 141 B	185ms 183ms	XHR application/json	2600:1901:0:7a0b:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sessions.bugsnag.com/ Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers Bugsnag-Payload-Version 1 Referer https://flt.cards/ Bugsnag-Sent-At 2024-05-07T06:38:48.648Z Accept-Language de-DE,de;q=0.9;q=0.9 Bugsnag-Api-Key d7ef588a4b5694af3e9cee215e30288c User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Tue, 07 May 2024 06:38:49 GMT via 1.1 google bugsnag-session-uuid 175739f8-237f-4108-af67-707626c4fade alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21 content-type application/json
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	10 KB 5 KB	458ms 58ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=4531d80c-e24d-4f5b-9fde-1f17d41cc542 Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT x-amz-version-id sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id CYEYQJYMT4QZ3T8W age 31 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 w9Ykh+WtFixOrLFiNzGhpYHZOwk6DKoyxfhtDfVQkoErmToTSi1OHWtlNSPdHtDc+O/3ZoaZyAk= last-modified Mon, 15 Jan 2024 02:56:11 GMT server cloudflare etag W/"c0053b411b753138af468db1bd3b19f3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Cy%2BaI4dgkbxX6VizaQr2CKD%2FGFG%2B0aNIpKt7g29pk%2BtqYn4LIjwBkkrjDGgxUQuIu5QnHgVKQWLmaStoc0BNG%2BvdUoWnm%2Bj85NU5n6nwDqJYD4n2s73qA4Rq%2B51%2FEFyaPLnWL8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=3600, s-maxage=60 access-control-max-age 0 cf-ray 87ff35956a4db742-AMS access-control-allow-headers *
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	339ms 39ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://flt.cards Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 00:50:53 GMT x-content-type-options nosniff age 20876 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 07 May 2025 00:50:53 GMT
GET BLOB	200 OK	e5b27c2f-983a-4a86-a1dc-3865f61a2be9 https://flt.cards/	2 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://flt.cards/e5b27c2f-983a-4a86-a1dc-3865f61a2be9 Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 58763412c3a28933886d961ee282e33be311ebb239509e94b7de687316937d5d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers Content-Length 2235 Content-Type application/javascript
GET H2	404	fryhjowcno Show response api.tryjournal.com/api/v1/transactions/spender-categorization/	152 B 466 B	687ms 160ms	Fetch application/json	3.22.103.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.tryjournal.com/api/v1/transactions/spender-categorization/fryhjowcno Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.22.103.46 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-22-103-46.us-east-2.compute.amazonaws.com Software nginx / Resource Hash b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff referrer-policy same-origin server nginx cross-origin-opener-policy same-origin x-frame-options DENY allow GET, PUT, PATCH, HEAD, OPTIONS content-language en access-control-allow-origin * content-type application/json vary Accept-Language, Origin
GET H2	200	js Show response www.googletagmanager.com/gtag/	296 KB 100 KB	264ms 263ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-1GFXRP385B&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 82985162e4fb67a20d65dea23d93a0ddd28fb426f9c493bfed616dba16eb951d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 101775 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 07 May 2024 06:38:49 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	365ms 40ms	Script text/javascript	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 07 May 2024 06:07:49 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1860 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 07 May 2024 08:07:49 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	47 KB 17 KB	424ms 66ms	Script application/javascript	2a02:26f0:780::210:a45b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a45b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 06 May 2024 17:20:18 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=38502 accept-ranges bytes content-length 16683
GET H2	200	destination Show response www.googletagmanager.com/gtag/	218 KB 79 KB	261ms 261ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-410007659&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 58c624b3523ecba2cc4c9d921c201a159805610dc919a1f9055c902c721896af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80557 x-xss-protection 0 last-modified Tue, 07 May 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 07 May 2024 06:38:49 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	387ms 73ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 07 May 2024 06:38:48 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 2077D9AEC4B643489EB0AC23B3CC1BE9 Ref B: FRA31EDGE0207 Ref C: 2024-05-07T06:38:49Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	38 KB 12 KB	388ms 40ms	Script application/javascript	2a04:4e42::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 57bd3463acfad02c222f7beac208f69df5507f7de42fa38b18a1e1e48df2a44a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Wed, 24 Apr 2024 17:35:49 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "c4d61fbb6e730a840c7f140cbb9bcd06" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 11214
GET H2	200	6317545.js Show response js.hs-scripts.com/	2 KB 0	0ms 0ms	Script application/javascript	2606:4700::6810:8bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/6317545.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a3a6d6f87a4c121966c49da8532af14c7c214ab569dabcfec48ec9e040cf56e Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 298fee3e-d273-4d99-8cbb-9c0031f33202 x-envoy-upstream-service-time 10 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 298fee3e-d273-4d99-8cbb-9c0031f33202 last-modified Tue, 07 May 2024 06:09:32 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://flt.cards x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-k9jtd access-control-allow-credentials true cache-control public, max-age=90 cf-ray 87ff3588ffe537f5-FRA expires Tue, 07 May 2024 06:40:17 GMT
GET H3	200	v2.js Show response js.hsforms.net/forms/	482 KB 154 KB	304ms 65ms	Script application/javascript	104.18.142.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/v2.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers content-encoding br age 419 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=87ff2b5a8d389125-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"b0047a8901d8ed9f81db3dcb5982114e" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.5064/bundles/project-v2.js date Tue, 07 May 2024 06:38:49 GMT x-amz-version-id 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR via 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 5d4fc256-fd53-4fcf-990f-9ff25862b213 x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 2 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 5d4fc256-fd53-4fcf-990f-9ff25862b213 last-modified Wed, 03 Apr 2024 11:15:05 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCieeEC99gLadsSO46HuqlHbTDGFKQEeTrnPPuSUKEZffDPMIh3rEl9sgg0DPV19z4pNUpW6QsnYWR1l54ppPZyYj1C6h3njuUxFlF%2BOWDkWA6gxo32kBHK0ktZBEOXm"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-zjnrr cf-ray 87ff3594ea0530ee-FRA x-amz-cf-id gZEgQjrfpTtzFk7TG9gjGZvjhNNeReqkOmNOeeD9uWPPA8PHtyrYGg==
GET H2	200	marketing.js Show response js.chilipiper.com/	73 KB 25 KB	359ms 27ms	Script application/javascript	34.111.73.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://js.chilipiper.com/marketing.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.73.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.73.111.34.bc.googleusercontent.com Software / Resource Hash a872bd399e25068e20cfedcf431503be8a0d09772ba2b4894d9b2839223477ad Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: wss://*.chilipiper.com wss://*.chilipiper.io wss://*.chilipiper.cool wss://*.chilipiper.team https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://www.google-analytics.com https://www.googletagmanager.com https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://*.rollout.io https://*.facebook.com https://*.marketo.com https://*.mixpanel.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://*.clearbit.com https://www.youtube.com https://s3.amazonaws.com https://sentry.io https://cdn.ravenjs.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://twemoji.maxcdn.com https://*.cloudfront.net https://intercom-sheets.com https://static.intercomassets.com https://js.intercomcdn.com https://cdn.segment.com https://api.segment.io https://maxcdn.bootstrapcdn.com https://*.intercom.io https://*.mutinycdn.com https://*.mutinyhq.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.bugsnag.com https://zoom.us https://*.gotomeeting.com https://*.rollout.io https://*.codox.io https://cdn.tiny.cloud https://js.stripe.com https://*.zdassets.com https://*.zendesk.com https://*.zopim.com wss://chilipiper.zendesk.com wss://*.zopim.com https://*.googleusercontent.com https://*.facebook.net https://*.doubleclick.net https://*.licdn.com https://*.googleadservices.com https://*.digitaloceanspaces.com https://*.ingest.sentry.io https://*.ingest.us.sentry.io https://canny.io/sdk.js https://changelog-widget.canny.io https://edge.fullstory.com https://rs.fullstory.com https://*.lr-in-prod.com https://polyfill.io https://*.planhat.com https://*.sprig.com https://com-chilipiper-prod1.mini.snplow.net https://com-chilipiper-prod1.collector.snplow.net https://fast.chameleon.io https://js.chargify.com https://selfservice.maxio.com https://hooks.slack.com https://*.logr-ingest.com https://*.posthog.com 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://fonts.googleapis.com https://js.intercomcdn.com; img-src * data: blob: 'unsafe-inline'; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Security-Policy default-src 'self' blob: data: wss://*.chilipiper.com wss://*.chilipiper.io wss://*.chilipiper.cool wss://*.chilipiper.team https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://www.google-analytics.com https://www.googletagmanager.com https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://*.rollout.io https://*.facebook.com https://*.marketo.com https://*.mixpanel.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://*.clearbit.com https://www.youtube.com https://s3.amazonaws.com https://sentry.io https://cdn.ravenjs.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://twemoji.maxcdn.com https://*.cloudfront.net https://intercom-sheets.com https://static.intercomassets.com https://js.intercomcdn.com https://cdn.segment.com https://api.segment.io https://maxcdn.bootstrapcdn.com https://*.intercom.io https://*.mutinycdn.com https://*.mutinyhq.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.bugsnag.com https://zoom.us https://*.gotomeeting.com https://*.rollout.io https://*.codox.io https://cdn.tiny.cloud https://js.stripe.com https://*.zdassets.com https://*.zendesk.com https://*.zopim.com wss://chilipiper.zendesk.com wss://*.zopim.com https://*.googleusercontent.com https://*.facebook.net https://*.doubleclick.net https://*.licdn.com https://*.googleadservices.com https://*.digitaloceanspaces.com https://*.ingest.sentry.io https://*.ingest.us.sentry.io https://canny.io/sdk.js https://changelog-widget.canny.io https://edge.fullstory.com https://rs.fullstory.com https://*.lr-in-prod.com https://polyfill.io https://*.planhat.com https://*.sprig.com https://com-chilipiper-prod1.mini.snplow.net https://com-chilipiper-prod1.collector.snplow.net https://fast.chameleon.io https://js.chargify.com https://selfservice.maxio.com https://hooks.slack.com https://*.logr-ingest.com https://*.posthog.com 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://fonts.googleapis.com https://js.intercomcdn.com; img-src * data: blob: 'unsafe-inline'; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:32 GMT content-encoding gzip via 1.1 google x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload age 17 content-security-policy default-src 'self' blob: data: wss://*.chilipiper.com wss://*.chilipiper.io wss://*.chilipiper.cool wss://*.chilipiper.team https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://www.google-analytics.com https://www.googletagmanager.com https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://*.rollout.io https://*.facebook.com https://*.marketo.com https://*.mixpanel.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://*.clearbit.com https://www.youtube.com https://s3.amazonaws.com https://sentry.io https://cdn.ravenjs.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://twemoji.maxcdn.com https://*.cloudfront.net https://intercom-sheets.com https://static.intercomassets.com https://js.intercomcdn.com https://cdn.segment.com https://api.segment.io https://maxcdn.bootstrapcdn.com https://*.intercom.io https://*.mutinycdn.com https://*.mutinyhq.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.bugsnag.com https://zoom.us https://*.gotomeeting.com https://*.rollout.io https://*.codox.io https://cdn.tiny.cloud https://js.stripe.com https://*.zdassets.com https://*.zendesk.com https://*.zopim.com wss://chilipiper.zendesk.com wss://*.zopim.com https://*.googleusercontent.com https://*.facebook.net https://*.doubleclick.net https://*.licdn.com https://*.googleadservices.com https://*.digitaloceanspaces.com https://*.ingest.sentry.io https://*.ingest.us.sentry.io https://canny.io/sdk.js https://changelog-widget.canny.io https://edge.fullstory.com https://rs.fullstory.com https://*.lr-in-prod.com https://polyfill.io https://*.planhat.com https://*.sprig.com https://com-chilipiper-prod1.mini.snplow.net https://com-chilipiper-prod1.collector.snplow.net https://fast.chameleon.io https://js.chargify.com https://selfservice.maxio.com https://hooks.slack.com https://*.logr-ingest.com https://*.posthog.com 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://fonts.googleapis.com https://js.intercomcdn.com; img-src * data: blob: 'unsafe-inline'; alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22399 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Tue, 30 Apr 2024 06:45:26 GMT etag W/"66309386-122e4" vary Accept-Encoding content-type application/javascript cache-control public, max-age=0, s-maxage=60, must-revalidate x-cache-hit hit x-content-security-policy default-src 'self' blob: data: wss://*.chilipiper.com wss://*.chilipiper.io wss://*.chilipiper.cool wss://*.chilipiper.team https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://www.google-analytics.com https://www.googletagmanager.com https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://*.rollout.io https://*.facebook.com https://*.marketo.com https://*.mixpanel.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://*.clearbit.com https://www.youtube.com https://s3.amazonaws.com https://sentry.io https://cdn.ravenjs.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://twemoji.maxcdn.com https://*.cloudfront.net https://intercom-sheets.com https://static.intercomassets.com https://js.intercomcdn.com https://cdn.segment.com https://api.segment.io https://maxcdn.bootstrapcdn.com https://*.intercom.io https://*.mutinycdn.com https://*.mutinyhq.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.bugsnag.com https://zoom.us https://*.gotomeeting.com https://*.rollout.io https://*.codox.io https://cdn.tiny.cloud https://js.stripe.com https://*.zdassets.com https://*.zendesk.com https://*.zopim.com wss://chilipiper.zendesk.com wss://*.zopim.com https://*.googleusercontent.com https://*.facebook.net https://*.doubleclick.net https://*.licdn.com https://*.googleadservices.com https://*.digitaloceanspaces.com https://*.ingest.sentry.io https://*.ingest.us.sentry.io https://canny.io/sdk.js https://changelog-widget.canny.io https://edge.fullstory.com https://rs.fullstory.com https://*.lr-in-prod.com https://polyfill.io https://*.planhat.com https://*.sprig.com https://com-chilipiper-prod1.mini.snplow.net https://com-chilipiper-prod1.collector.snplow.net https://fast.chameleon.io https://js.chargify.com https://selfservice.maxio.com https://hooks.slack.com https://*.logr-ingest.com https://*.posthog.com 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://fonts.googleapis.com https://js.intercomcdn.com; img-src * data: blob: 'unsafe-inline';
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	344ms 40ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 07 May 2024 06:38:49 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57845 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug QTDl0gmpal4hq3NEC2re6cl+7b36dhhm7iQC5Q6dzadeiDrbo0xaflnKcnJp8sHYbsMq8KMI0hHtL1fGjRby4A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	pixel.js Show response grow.clearbitjs.com/api/	100 B 350 B	645ms 305ms	Script text/javascript	216.24.57.4 RENDER
General Check archive.org Show headers Download Go to Full URL https://grow.clearbitjs.com/api/pixel.js?v=1715063928851 Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.24.57.4 , United States, ASN397273 (RENDER, US), Reverse DNS Software cloudflare / Resource Hash 6c4bdad53042e2bd6e5a231bfcd66d19dc33f507edc2b847ff3c58aca74ff138 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br server cloudflare rndr-id 6254da83-e546-4542 x-render-origin-server Render vary Accept-Encoding content-type text/javascript cf-ray 87ff3595896f58e4-TXL alt-svc h3=":443"; ma=86400
GET H2	200	sl.js Show response scout-cdn.salesloft.com/	6 KB 3 KB	193ms 57ms	Script application/javascript	2606:4700::6810:4869 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scout-cdn.salesloft.com/sl.js Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4869 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT x-amz-version-id 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains x-amz-request-id EZPGEPEQRJ835T56 age 6643 alt-svc h3=":443"; ma=86400 x-amz-id-2 vj/H9CfyiKNwtvLJrelCw6CtXo93qB0KDTwbomYs8Kf/kZA94jYHXVgMqek/RNtsa+9eO7BrPxA= last-modified Mon, 13 Dec 2021 16:28:37 GMT server cloudflare etag W/"d74cc4825c8e333b2116da3fcc649db1" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 87ff3595ab723631-FRA expires Tue, 07 May 2024 10:38:49 GMT
GET H3	200	63694f26cd89674cdfa4ca86 Show response ws.zoominfo.com/pixel/	3 KB 2 KB	504ms 415ms	Script text/javascript	104.16.117.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/63694f26cd89674cdfa4ca86 Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 729806d205db8c896703256d2a3ee06229b92ba2a81fe84c6fa8bd468de11d4a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/t/fryhjowcno User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-allow-credentials true x-robots-tag noindex, nofollow access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url alt-svc h3=":443"; ma=86400 cf-ray 87ff35965b37b742-AMS
GET H2	200	j9khmvbu01 Show response www.clarity.ms/tag/	718 B 973 B	1180ms 1180ms	Script application/x-javascript	2620:1ec:46::65 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/j9khmvbu01 Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c7b32ae35e4dbe98e5d818fe05226dc6f081fd2743b9a14ac51e6cc62947c3a2 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers expires -1 date Tue, 07 May 2024 06:38:49 GMT x-azure-ref 20240507T063849Z-1675f555588fhtnhysechyauc800000000s000000000v6n1 x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 718 request-context appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
GET H2	200	lftracker_v1_kn9Eq4RgoXlaRlvP.js Show response sc.lfeeder.com/	31 KB 11 KB	348ms 168ms	Script application/javascript	2600:9000:2250:dc00:4:d7e1:700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc.lfeeder.com/lftracker_v1_kn9Eq4RgoXlaRlvP.js Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:dc00:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2d3103a2b81819719c55a4f6a9786ce4236dab9a12cf357ef37516184f4ead08 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers x-amz-version-id XbqVyTt6wlNlZAgx5pIlIlFsPBojhbLy content-encoding br via 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront) date Tue, 07 May 2024 06:38:50 GMT last-modified Thu, 08 Feb 2024 07:26:57 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 x-amz-server-side-encryption AES256 etag W/"019713953efaacac390fe9b681ffee70" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id xJquE_LudMzhgyk3Xe2hwSY-gy--LcsrQdXF1LUX_IgzJuOp0NC6Ng==
GET H2	200	dyh8ken8pc.js Show response asset.dyh8ken8pc.com/	34 KB 10 KB	149ms 40ms	Script text/javascript	199.36.158.100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://asset.dyh8ken8pc.com/dyh8ken8pc.js Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.36.158.100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 789ad6b54d10a01a13238849bba8335168416a9145593404a68019b2b3b2c1f8 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers x-served-by cache-fra-etou8220101-FRA strict-transport-security max-age=31556926 content-encoding br date Tue, 07 May 2024 06:38:49 GMT last-modified Mon, 06 May 2024 11:45:29 GMT x-timer S1715063929.369851,VS0,VE0 etag "1d20933d00688ef430a623e04e5c77cb7b5c9fcede6d37f7ce400e673706d546-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 9436 x-cache-hits 3
GET H2	200	web_surveys.js Show response survey.survicate.com/workspaces/04187b2c058b9223a12a814f043f5dd4/	3 KB 3 KB	372ms 71ms	Script application/javascript	2400:52e0:1e00::1079:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://survey.survicate.com/workspaces/04187b2c058b9223a12a814f043f5dd4/web_surveys.js Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1079 / Resource Hash d4a504e9347b96470fc38184b5dc1729ec6f35f50d902456aa473e4965ddbe36 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com; connect-src https://respondent.survicate.com 'self'; img-src https://*; font-src https://surveys-static.survicate.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT x-amz-version-id fJ7DYZ6w9pj_d24uxO82OiHNHpFuIyM3 x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cdn-edgestorageid 1082 content-security-policy default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com; connect-src https://respondent.survicate.com 'self'; img-src https://*; font-src https://surveys-static.survicate.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey; x-amz-request-id 0GVVACYKCTRP2CKE cdn-cachedat 05/06/2024 20:15:31 cdn-pullzone 1158558 x-amz-id-2 UXagk5pTmCgay1IHql4FxocKf+umZUmLURw3J63/nkt/6qsCZrkGAsTDRDbzvCXH06YCeP/ALPs= x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 06 May 2024 19:29:49 GMT server BunnyCDN-DE1-1079 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"0126dccd53cb71e6eb8c363d1e890c44" vary Accept-Encoding, Accept-Encoding report-to { "group": "csp-endpoint-survey", "max_age": 10886400, "endpoints": [{ "url": "https://panel-api.survicate.com/_/report_csp/survey" }] } content-type application/javascript access-control-allow-origin * cdn-cache REVALIDATED cdn-uid 039640c0-4b09-428d-a0ae-513ccdd44502 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=300 cdn-requestid 66d4571b94df67113c22bf4f48d6c294 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	254 B 1 KB	438ms 168ms	XHR application/json	2606:4700::6812:f46c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=6317545 Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f46c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de67122ae2ee28ab2395435671d027147af7400801eb83c057040c01682fc5ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id a222562c-4655-436e-8525-e3f9c4519530 content-encoding br x-envoy-upstream-service-time 5 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id a222562c-4655-436e-8525-e3f9c4519530 server cloudflare vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://flt.cards x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-zztqn access-control-max-age 180 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T9oNYazoO3E4AXj0dqFgdis4dGL8On%2FGxMti92FAoDyGWESy%2BACxOHMrszibVj2z8JWJ0%2BDA4KSEURewroSIRq5g6N6tekUVEPS%2BNBZUNeXcCKhGMolDRR1uh2bUBnCZKjYOLGGq6VF8znmW"}],"group":"cf-nel","max_age":604800} cf-ray 87ff359559bf92ad-FRA access-control-allow-headers *
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.32/	61 KB 26 KB	1083ms 1083ms	Script application/javascript	2620:1ec:46::65 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.32/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/j95a8uk0ei Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding br last-modified Wed, 01 May 2024 11:24:58 GMT etag W/"0x8DC69D155BAD85E" vary Accept-Encoding x-azure-ref 20240507T063849Z-1675f555588fhtnhysechyauc800000000s000000000v6n2 content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id c4a74137-101e-0065-0972-9e809f000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
GET H2	200	container.ba683f6029b6d0f08f110cfbb658f6fc3211648e.css fast.appcues.com/generic/main/6.0.3/	16 KB 2 KB	79ms 78ms	Stylesheet text/css	2a04:4e42:200::622 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.appcues.com/generic/main/6.0.3/container.ba683f6029b6d0f08f110cfbb658f6fc3211648e.css Requested by Host: fast.appcues.com URL: https://fast.appcues.com/generic/main/6.0.3/appcues.main.ba683f6029b6d0f08f110cfbb658f6fc3211648e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb Request headers Referer https://flt.cards/ Origin https://flt.cards Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding gzip via 1.1 varnish x-amz-request-id KJRRGMEQ1N0NEZQ4 age 46419 x-amz-server-side-encryption AES256 x-cache HIT content-length 1992 x-amz-id-2 OtQ8XN6Frx1cW2E7PhEPPBZ3hmHZPLqu62DhFYpDr/cY9btiBkGYUOtfRkGjsoMy6o8UBZ5hg1vHV17o2d81tQ== x-served-by cache-cph2320039-CPH last-modified Mon, 06 May 2024 17:24:29 GMT server AmazonS3 x-timer S1715063929.060634,VS0,VE0 etag "5be05ce494e7cac41d062a0b12a1657c" vary Accept-Encoding access-control-allow-methods GET,PUT,POST,DELETE,OPTIONS content-type text/css; charset=utf-8; access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With,Authorization x-cache-hits 584
GET H2	200	json Show response forms.hscollectedforms.net/collected-forms/v1/config/	115 B 430 B	164ms 163ms	XHR application/json	2606:4700::6810:6ffe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=6317545&utk= Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c354bab070dc9b56e5564b532a8612d7c0e7e5de67b8228f0489dc8ce7becb8a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, text/plain, */* Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 27b138df-3bc0-4d39-af6e-4f0ecff2b6d1 x-envoy-upstream-service-time 12 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 27b138df-3bc0-4d39-af6e-4f0ecff2b6d1 server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://flt.cards x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-rl62l access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 87ff3594b8705d4e-FRA
GET H2	200	settings Show response cdn.segment.com/v1/projects/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/	2 KB 1 KB	152ms 41ms	Fetch application/json	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/settings Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash fc3c49070c4cce65e8160aeb4e12701d54c635c5d5a09fff41bd00548f216d60 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers x-amz-version-id nUnU15Le3mLwHQXFwgnaJiQkjK9gN7pa content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) date Tue, 07 May 2024 05:18:48 GMT x-amz-cf-pop FRA6-C1 age 4802 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Thu, 02 May 2024 19:37:39 GMT server AmazonS3 etag W/"50164b00523a7c2c6ecebdd7b5ba68a5" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 vary Accept-Encoding x-amz-cf-id enEIBBxRCCoPGA057uoOqgYxmCdgpQ42z_Syt7IXsVR718qYDCOybg==
POST H2	204	collect region1.analytics.google.com/g/	0 250 B	168ms 43ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-1GFXRP385B&gtm=45je4510v871302425z8850174047za200&_p=1715063927113&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=628400078.1715063929&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1715063929&sct=1&seg=0&dl=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&dt=Float&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2594 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1GFXRP385B&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 07 May 2024 06:38:49 GMT server Golfe2 content-type text/plain access-control-allow-origin https://flt.cards cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 250 B	180ms 56ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1GFXRP385B&cid=628400078.1715063929&gtm=45je4510v871302425z8850174047za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1GFXRP385B&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 07 May 2024 06:38:49 GMT server Golfe2 content-type text/plain access-control-allow-origin https://flt.cards cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	122ms 54ms	Image image/gif	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1GFXRP385B&cid=628400078.1715063929&gtm=45je4510v871302425z8850174047za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1858056747 Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 07 May 2024 06:38:49 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	218 KB 79 KB	57ms 57ms	Script application/javascript	172.217.18.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-410007659 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f8.1e100.net Software Google Tag Manager / Resource Hash 57c4d29c852d423fded22c2e02d48cf668616f4ca9640e1b5a96278436fb7fe3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80525 x-xss-protection 0 last-modified Tue, 07 May 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 07 May 2024 06:38:49 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	218 KB 79 KB	63ms 59ms	Script application/javascript	172.217.18.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-410007659&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f8.1e100.net Software Google Tag Manager / Resource Hash f4362d6cc4cd03cbca8b97930718ca8cb5e2a8fcc864c4cec660bc8634658d87 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80483 x-xss-protection 0 last-modified Tue, 07 May 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 07 May 2024 06:38:49 GMT
POST H2	200	pube9a70ecba28e048e3a2d538f705e6cbc rum-http-intake.logs.datadoghq.com/v1/input/	0 0	563ms 272ms	Ping application/json	2600:1f18:24e6:b901:4264:c4b2:2d38:2fd6 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rum-http-intake.logs.datadoghq.com/v1/input/pube9a70ecba28e048e3a2d538f705e6cbc?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aproduction%2Cservice%3Afrontend&batch_time=1715063929387 Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b901:4264:c4b2:2d38:2fd6 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 205 B	50ms 45ms	XHR text/plain	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1001959684&t=pageview&_s=1&dl=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&ul=de-de&de=UTF-8&dt=Float&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1434701701&gjid=1402334587&cid=628400078.1715063929&tid=UA-163128166-1&_gid=745718969.1715063929&_r=1&_slc=1&gtm=45He4510n81KXNDS38v850174047za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1147044464 Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 07 May 2024 06:38:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://flt.cards cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	4531d80c-e24d-4f5b-9fde-1f17d41cc542 Show response ekr.zdassets.com/compose/	1 KB 1 KB	793ms 645ms	Fetch application/json	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/4531d80c-e24d-4f5b-9fde-1f17d41cc542 Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea9fb816f884a1d83e7e722201520c90089775b199973976c39eb3277f7a0d82 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br cdn-cache-control max-age=60 x-xss-protection 1; mode=block x-request-id 87c069675ca939ed-SEA, 87c069675ca939ed-SEA x-runtime 0.007321 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"ea9fb816f884a1d83e7e722201520c90" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkMouKBnvWn14jgFpLZn9ThQ5ch6yB0B9sK2%2Ba8Z5lLQbh8qk8%2FQg8QO%2FH%2BX%2F92oQQ3s7Y8tHw%2Fho%2FkrdHUyG2g3QAK0jfL%2BM3H6aMsSdu9BIapAAOFvfBGTgAZi4e80SKE%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers vary Accept, Origin, Accept-Encoding cache-control max-age=300, public, stale-while-revalidate=300, stale-if-error=21600 content-type application/json; charset=utf-8 x-zendesk-zorg yes cf-ray 87ff3597fad5b7ac-AMS
GET H2	200	ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response cdn.segment.com/analytics-next/bundles/	9 KB 3 KB	94ms 28ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Mon, 15 Apr 2024 15:05:40 GMT x-amz-version-id 1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa content-encoding br via 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 1870390 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 12 Apr 2024 21:39:45 GMT server AmazonS3 etag W/"00e9c65cbba11c07c4bf4a6e2727b8ea" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id R7WTw8O26JWJ0q3nxcVd0VKGXYuZwD4nH7LqbvGFWJBoWJ0BJUyBRg==
GET H2	200	t2_gw5muiekh_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 701 B	144ms 49ms	XHR application/json	2a04:4e42::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_gw5muiekh_telemetry Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT content-encoding gzip via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} server snooserv vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/json access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 98
GET H2	200	rp.gif alb.reddit.com/	42 B 638 B	185ms 40ms	Image image/gif	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1715063929482&id=t2_gw5muiekh&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=a33e25b3-dfd5-4166-b722-851ccccf1f2d&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_3ba1cddf&dpm=&dpcc=&dprc= Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	276117734283491 Show response connect.facebook.net/signals/config/	53 KB 12 KB	120ms 103ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/276117734283491?v=2.9.155&r=stable&domain=flt.cards&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d8bba87e07cd41c0b23a0a96a90b1b4cbd0f12ca20f004d0ea336f851381a557 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 07 May 2024 06:38:49 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=40, rtx=0, c=64, mss=1294, tbw=63340, tp=-1, tpl=-1, uplat=66, ullat=0 pragma public x-fb-debug uwvTUsrvvpk2FtgiPiBRnQtqRfZhqmy0MV3rfa8xI+JW2vZ4ujSZzTtl7jntDiZFGEc5vXddaATn6nelsBGD7Q== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	r Show response scout.salesloft.com/	41 B 354 B	402ms 122ms	XHR application/json	54.161.62.92 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDg0NDJ9.nQTOGTLW9HORzH2IX4mmRsb6ut11vNa5nzak6vq7a6s Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.161.62.92 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-161-62-92.compute-1.amazonaws.com Software / Resource Hash b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://flt.cards access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true content-length 41 x-request-id a736b47d2d8bd963324d0fe7136d8d68
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1715063929569&url=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1715063929569&url=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2818138%26time%3D1715063929569%26url%3Dhttps%253A%252F%252Fflt.cards%252Ft%252Ffr... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1715063929569&url=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1715063929569&url=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&cookiesTest=true&liSync=true&e_ipv6=AQK91ujTU1STLgAAAY9Rxr3guMVuifXsNcoTl...	0 266 B	298ms 188ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1715063929569&url=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&cookiesTest=true&liSync=true&e_ipv6=AQK91ujTU1STLgAAAY9Rxr3guMVuifXsNcoTl01z5ngRSvRM4cgrRId2zHT6cRHZ4GIp4B4 Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 8DCC8B66665E4B58B419F88F1E60F604 Ref B: FRAEDGE1822 Ref C: 2024-05-07T06:38:50Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYX13BaQwb05aiGer3/HA== Redirect headers date Tue, 07 May 2024 06:38:49 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: A9C8BD00809D4A18A25DB69D265952C7 Ref B: FRAEDGE1416 Ref C: 2024-05-07T06:38:50Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1715063929569&url=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&cookiesTest=true&liSync=true&e_ipv6=AQK91ujTU1STLgAAAY9Rxr3guMVuifXsNcoTl01z5ngRSvRM4cgrRId2zHT6cRHZ4GIp4B4 x-li-proto http/2 content-length 0 x-li-uuid AAYX13BVmBoqgnxFttt8Gg==
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 615 B	327ms 186ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 07 May 2024 06:38:48 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 14D6F25DA6104141B3DC7F2C65EB923D Ref B: FRAEDGE1416 Ref C: 2024-05-07T06:38:49Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 access-control-allow-origin https://flt.cards x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYX13BNqxGjdSK17QGo6g==
GET H2	204	27026028.js Show response bat.bing.com/p/action/	0 119 B	65ms 65ms	Script text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/27026028.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Tue, 07 May 2024 06:38:49 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8B5BC246D42E488C8AF5A77BA1FFDE9F Ref B: FRA31EDGE0207 Ref C: 2024-05-07T06:38:49Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 288 B	132ms 132ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=27026028&tm=gtm002&Ver=2&mid=491c2250-bca4-4a4f-9a92-364f379b9a7b&sid=766a9c500c3c11ef8bee59bf41020fe6&vid=766b0e400c3c11efa5efbbf9ccfbcf54&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Float&p=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&r=&lt=1963&evt=pageLoad&sv=1&rn=532095 Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 07 May 2024 06:38:49 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: FA2E94E9B6974F96AD6CC37D1ACA9198 Ref B: FRA31EDGE0207 Ref C: 2024-05-07T06:38:49Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 149 B	64ms 61ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-163128166-1&cid=628400078.1715063929&jid=1434701701&gjid=1402334587&_gid=745718969.1715063929&npa=1&_u=YADAAEAAAAAAACAAI~&z=1924595944 Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 07 May 2024 06:38:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://flt.cards cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	get_info api.dyh8ken8pc.com/sdk/ Frame	0 0	306ms 192ms	Preflight	34.120.213.93 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.dyh8ken8pc.com/sdk/get_info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.213.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 93.213.120.34.bc.googleusercontent.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://flt.cards Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,Authorization access-control-allow-methods GET,POST,PUT,HEAD,DELETE access-control-allow-origin * access-control-max-age 43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Tue, 07 May 2024 06:38:49 GMT via 1.1 google, 1.1 google
POST H2	200	get_info Show response api.dyh8ken8pc.com/sdk/	311 B 492 B	196ms 194ms	Fetch application/json	34.120.213.93 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.dyh8ken8pc.com/sdk/get_info Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.213.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 93.213.120.34.bc.googleusercontent.com Software / Resource Hash 9b4c5d915f0bd416bf5345ec2669cb31a984bb6d5ecadb01fc65772edc8693ac Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 Authorization w4vclt1mhqnhl0zin4h4rxdcbx93s01v User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=31536000;includeSubDomains date Tue, 07 May 2024 06:38:50 GMT x-content-type-options nosniff via 1.1 google, 1.1 google x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * x-req-id cossount5mc6sru0qfeg alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 311
GET H2	200	/ tr.lfeeder.com/	43 B 295 B	197ms 89ms	Image image/gif	18.66.112.89 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr.lfeeder.com/?sid=kn9Eq4RgoXlaRlvP&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTE2MzEyODE2Ni0xIl0sImdhTWVhc3VyZW1lbnRJZHMiOlsiQVctNDEwMDA3NjU5IiwiRy0xR0ZYUlAzODVCIl0sImdhQ2xpZW50SWRzIjpbIjYyODQwMDA3OC4xNzE1MDYzOTI5Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjIuMyJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9mbHQuY2FyZHMvdC9mcnloam93Y25vIiwicGFnZVRpdGxlIjoiRmxvYXQiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6ImVmYWE2MDExZDA4NjY3OTYiLCJzY3JpcHRJZCI6ImtuOUVxNFJnb1hsYVJsdlAiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjYxNDU0OWZhMmEwNzRkMTguMTcxNTA2MzkyOTc0OSIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e30sImF1dG9UcmFja2luZ0VuYWJsZWQiOnRydWUsImF1dG9UcmFja2luZ01vZGUiOiJzcGEifQ== Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-89.fra56.r.cloudfront.net Software CloudFront / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT via 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-P5 x-cache LambdaGeneratedResponse from cloudfront content-type image/gif content-length 43 x-amz-cf-id gdMVz4OQCnJLLihwLDr4Zv2suFWVmddiqOv7BFldUhMMUxUUuLlrSg==
GET H2	200	fonts.css surveys-static.survicate.com/fonts/	8 KB 2 KB	183ms 51ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://surveys-static.survicate.com/fonts/fonts.css Requested by Host: survey.survicate.com URL: https://survey.survicate.com/workspaces/04187b2c058b9223a12a814f043f5dd4/web_surveys.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 789e8685a564e07274fec164118e89fa040ff2779c6efe3d781b94aeea6f06eb Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:49 GMT x-amz-version-id 0MpdULBlih82WDf4ohSkRSpw5864DG4c x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cdn-edgestorageid 1080 content-security-policy default-src 'self' x-amz-request-id 18K1ZC248HBNW78Z cdn-cachedat 03/13/2024 08:57:12 cdn-pullzone 1133799 x-amz-id-2 0SJmP6msgDJlSL1hgch6/B+Ck3fWfxkzyqtSinW8hJuy/J9WHVFkWzaTucQktfkiM+sWodj43hA= x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 11 Mar 2024 12:12:11 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"c010d2df3fedabc7f87b52ab6c64fb45" vary Accept-Encoding, Accept-Encoding x-frame-options DENY content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 039640c0-4b09-428d-a0ae-513ccdd44502 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=604800 cdn-requestid 3fac447cebfcaca30d0d1cbd4519b19c cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	42ms 39ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 13 Feb 2024 21:44:05 GMT x-amz-version-id GdbKd8UgUP5EXZpDaTRDFeJkJbyj8x6E content-encoding br via 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 7203285 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 13 Feb 2024 18:05:05 GMT server AmazonS3 etag W/"3867b2388b619ff7fddc29ef359fc9aa" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id pnUy_9BAB3bB2wHNTTPk7oa1adNj2NEyjgI-KN1EDOdE-d3RntSWuw==
POST H2	200	pube9a70ecba28e048e3a2d538f705e6cbc rum-http-intake.logs.datadoghq.com/v1/input/	0 0	174ms 173ms	Ping application/json	2600:1f18:24e6:b901:4264:c4b2:2d38:2fd6 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rum-http-intake.logs.datadoghq.com/v1/input/pube9a70ecba28e048e3a2d538f705e6cbc?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aproduction%2Cservice%3Afrontend&batch_time=1715063929775 Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b901:4264:c4b2:2d38:2fd6 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	/ www.facebook.com/tr/	0 275 B	175ms 42ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=276117734283491&ev=PageView&dl=https%3A%2F%2Fflt.cards&rl=&if=false&ts=1715063929826&sw=1600&sh=1200&v=2.9.155&r=stable&ec=0&o=4124&fbp=fb.1.1715063929821.1853320973&pm=1&hrl=415282&ler=empty&cdl=API_unavailable&it=1715063929549&coo=false&cs_cc=1&cas=4856347901159417%2C4986333924788399%2C5392406534121330%2C5592993027393962&rqm=GET Requested by Host: flt.cards URL: https://flt.cards/t/fryhjowcno Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1294, tbw=2770, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 07 May 2024 06:38:49 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	485382d83567a3510605.js Show response cdn.segment.com/next-integrations/actions/fullstory/	185 KB 57 KB	45ms 45ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/actions/fullstory/485382d83567a3510605.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 20b81e6bd714e4df2fad6f314cc0641dca3de47ca830e3f3e57f8ba037a743fa Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers x-amz-version-id _aazK6kdoJ79RAOEEQ4gDLpjlcFHlGkI content-encoding gzip via 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront) date Tue, 07 May 2024 01:50:17 GMT x-amz-cf-pop FRA6-C1 age 72124 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 22 Apr 2024 15:19:02 GMT server AmazonS3 etag W/"bca16773332b65416137e945ff6a380a" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * vary Accept-Encoding x-amz-cf-id 5BKZvUQBG-5xou2mlbQ24JtnYotoKuqskwS0Ph2OED5BZp-TLyfW-Q==
GET H2	200	6f86f4850472bffb83f9.js Show response cdn.segment.com/next-integrations/actions/845/	26 KB 8 KB	49ms 39ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/actions/845/6f86f4850472bffb83f9.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/actions/fullstory/485382d83567a3510605.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 5befd677c9404f1dcefa31692c9acd1d9160348aa985ccecc9a6b724f9788d4b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers x-amz-version-id F371OEojdjqRG8FN716StFZJa1NPznML content-encoding br via 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront) date Mon, 06 May 2024 12:22:55 GMT x-amz-cf-pop FRA6-C1 age 65756 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 22 Apr 2024 15:19:00 GMT server AmazonS3 etag W/"9853fc31e4d99bb86ca16c40dee18814" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * vary Accept-Encoding x-amz-cf-id Q98QTWE0GnMtDcZ3FeWiEBUNhZZU_09b6c3Ph6PfkpkHM33nwkt11Q==
GET H2	200	i Show response scout.salesloft.com/	48 B 460 B	123ms 120ms	XHR application/json	54.161.62.92 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scout.salesloft.com/i Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.161.62.92 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-161-62-92.compute-1.amazonaws.com Software / Resource Hash 8d8b27b6bd26c4a5dcbd6952e49a12fab8a625eec004335da8bbadbf8c31765c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://flt.cards access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true content-length 48 x-request-id 38664b6be838ca21d5c735cca6ba1efa
GET H2	200	open-sans-latin.woff2 surveys-static.survicate.com/fonts/	39 KB 40 KB	142ms 57ms	Font binary/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://surveys-static.survicate.com/fonts/open-sans-latin.woff2 Requested by Host: surveys-static.survicate.com URL: https://surveys-static.survicate.com/fonts/fonts.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://surveys-static.survicate.com/fonts/fonts.css Origin https://flt.cards Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' x-amz-request-id 9AEPJ1WV3A18MJAM cdn-pullzone 1133799 referrer-policy strict-origin-when-cross-origin cdn-proxyver 1.04 etag "e92e9c8caaf29c4446167f6f01a78e96" x-frame-options DENY access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=604800 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match date Tue, 07 May 2024 06:38:50 GMT x-amz-version-id null x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cdn-edgestorageid 1079 cdn-cachedat 04/26/2024 14:29:36 content-length 39556 x-amz-id-2 BgHnty8bUDtQw2sS95Y751v/HPXo/Afv7pPlejc7jmHlzJY/A0Cjo+HqLEhfuJ1oUo6BDNG98YE= x-xss-protection 1; mode=block last-modified Wed, 13 Apr 2022 12:02:11 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 access-control-max-age 3600 cdn-uid 039640c0-4b09-428d-a0ae-513ccdd44502 cdn-requestid 85f2d9291c0cde3a095b1f9d3de96d6f cdn-status 200 cdn-requestpullsuccess True
GET H2	200	fs.js Show response edge.fullstory.com/s/	270 KB 73 KB	152ms 42ms	Script application/javascript	35.201.112.186 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/fs.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/actions/fullstory/485382d83567a3510605.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 0f790bb4c8aab0ba674aa0590ba1b0c29ddbd1ea3c6005491fafd343be6772dd Request headers Referer https://flt.cards/ Origin https://flt.cards Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:30:42 GMT content-encoding br age 488 x-guploader-uploadid ABPtcPr5BMBSQaLl3AVz1OueeFqlO1OyqJ87Gyk-ShzX6GGVVGWXp1ao18p8FXBzihHdOCQ_dd4 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74565 last-modified Mon, 06 May 2024 14:27:39 GMT server UploadServer etag "4c5d1aaa6a2849a014e2b9ba869f3a6b" vary Accept-Encoding x-goog-generation 1715005659222125 x-goog-hash crc32c=Qb22Nw==, md5=TF0aqmooSaAU4rm6hp86aw== access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600,no-transform x-goog-stored-content-length 74565 accept-ranges bytes content-type application/javascript expires Tue, 07 May 2024 07:30:42 GMT
POST H2	200	p Show response api.segment.io/v1/	21 B 169 B	755ms 208ms	Fetch application/json	35.163.144.222 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-163-144-222.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://flt.cards date Tue, 07 May 2024 06:38:50 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
OPTIONS H3	200	track api.dyh8ken8pc.com/sdk/event/ Frame	0 0	192ms 192ms	Preflight	34.120.213.93 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.dyh8ken8pc.com/sdk/event/track Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.213.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 93.213.120.34.bc.googleusercontent.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://flt.cards Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,Authorization access-control-allow-methods GET,POST,PUT,HEAD,DELETE access-control-allow-origin * access-control-max-age 43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Tue, 07 May 2024 06:38:50 GMT via 1.1 google, 1.1 google
POST H3	200	track Show response api.dyh8ken8pc.com/sdk/event/	96 B 114 B	227ms 227ms	Fetch application/json	34.120.213.93 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.dyh8ken8pc.com/sdk/event/track Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.213.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 93.213.120.34.bc.googleusercontent.com Software / Resource Hash 56006c3374e00f8a26e5fc99e1c109a56fe4137bb66ed2bc7324271482edfbe9 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 Authorization w4vclt1mhqnhl0zin4h4rxdcbx93s01v User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=31536000;includeSubDomains date Tue, 07 May 2024 06:38:50 GMT x-content-type-options nosniff via 1.1 google, 1.1 google x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * x-req-id cossouktafi5l6k49afg alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 96
POST H/1.1	204 No Content	collect Show response v.clarity.ms/	0 289 B	692ms 406ms	XHR text/plain	20.114.189.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v.clarity.ms/collect Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin https://flt.cards Date Tue, 07 May 2024 06:38:50 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
GET H2	200	web-widget-main-7bc1c0f.js Show response static.zdassets.com/web_widget/messenger/latest/ Frame 5300	450 KB 140 KB	67ms 65ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=4531d80c-e24d-4f5b-9fde-1f17d41cc542 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f4c7b47fe2151a74a693533fd52c91d78ec03203027ee9a1210baa9e915b5fa Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT x-amz-version-id FF8unFdBB4gI.67XhH2GhVTn74pudK_c content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DKWG1E69PV39MED6 age 2228021 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 b4iFBmysrfVotSuHVYf858Tif60NDMsmlxIcV+9+imkbX/a3if2QgSpESGWXoHhfcj6Cw5wtguE= last-modified Mon, 08 Apr 2024 13:55:43 GMT server cloudflare etag W/"61166b9a0a776703db59d8fbffd8e621" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pz0XQ9l7q8tXK0%2FoESR1g8VMd0JRhh2zZtQhHfXTfkCNWpUPG7lLG%2F4Mp89m%2BAtZX2v7UFa9Yja4caulNc5de82cr6mvRN5TBx83bG%2Fw2sizxZhrHvw8%2FxgNDiZ4IFaBETLtotk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=31536000 access-control-max-age 0 cf-ray 87ff359c184bb742-AMS access-control-allow-headers * expires Tue, 08 Apr 2025 13:55:42 GMT
GET H2	200	web Show response edge.fullstory.com/s/settings/o-1RT3C8-na1/v1/	12 KB 2 KB	156ms 155ms	XHR application/json	35.201.112.186 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/settings/o-1RT3C8-na1/v1/web Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 0d70c03e4f98b18f7529733f60c5a6f81541783e6a0b61e1db7dd13f7e85ab0d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT content-encoding gzip age 0 x-guploader-uploadid ABPtcPpcFASyquEALuRIZrbe5cSp8gbwP4uJ83RxBaYK-x2sRfpBcA37ITtqF4GbWm0Sc2lf0JQK3JD37g x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1948 last-modified Thu, 23 Nov 2023 05:14:56 GMT server UploadServer etag "219f61997442d0f309bf87907283b8f2" x-goog-generation 1700716496792367 x-goog-hash crc32c=IjNRUg==, md5=IZ9hmXRC0PMJv4eQcoO48g== access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public,max-age=900,no-transform x-goog-stored-content-length 1948 accept-ranges bytes content-type application/json expires Tue, 07 May 2024 06:53:50 GMT
GET H2	200	en-us-json-7bc1c0f.js Show response static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 5300	18 KB 4 KB	63ms 62ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-7bc1c0f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT x-amz-version-id Pqq5depyzV0eh0laMyX._YPJQ2ernPin content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DKWKWY7EYSDTY0JC age 2228019 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 mbU811k/ke7iB1r45HmcMwHgvh8kN9E9sRl4eMG/0K2MLT+hcAipus8m0JeNgKrH4tO3MDO4Fpw= last-modified Mon, 08 Apr 2024 13:55:45 GMT server cloudflare etag W/"3ac3100c0ffed8d435c31e09d2196883" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJ%2BmF%2F5Id27jZoXbfVTimJ739IWUhfYkeax%2Bozyrm5rU35INxcX54qmZ6P9qF1FNDcAxC9GPSW5e%2Fr8Oj20jzS60D%2BazODBTQOWPGjNCx1nFhbYAzyXe9OphMy%2BnFsJZlD19dOc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=31536000 access-control-max-age 0 cf-ray 87ff359dd99fb742-AMS access-control-allow-headers * expires Tue, 08 Apr 2025 13:55:44 GMT
GET H2	200	web-widget-84852-7bc1c0f.js Show response static.zdassets.com/web_widget/messenger/latest/ Frame 5300	139 KB 47 KB	70ms 68ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-7bc1c0f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e66e9e0525b7a7a4658edba07661dcf6c6cb3928f966cde5f3e0f53fa1deb71 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT x-amz-version-id 3L5YeUCttGrZSMgt.0v0..dBBy_FKIDi content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DKWSZSSYT57K063G age 2228021 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 EehDTpLwmOnkppZUwosB+oaQhjdfxRvyIfxaMK5Q9+YpYYZW/Vp9c1MxYEfkCaNLStlrjekmXTk= last-modified Mon, 08 Apr 2024 13:55:42 GMT server cloudflare etag W/"e4e7aad221ba7d1077b83221a7f7a4fc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FCfOrpUmn97iSs%2BObBZeOWp%2FzAsp6FmeifZHPbyuaSrOZaB95Rkdtvt2c0lwBOcmBLSB7%2Bmn8zXZQFNSZIsBpzqvdfsf6ZnPmtFkLxNl7nG2drLL55LzXmbDFi2OVMsWBl2A5rM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=31536000 access-control-max-age 0 cf-ray 87ff359dd9a1b742-AMS access-control-allow-headers * expires Tue, 08 Apr 2025 13:55:41 GMT
GET H2	200	web-widget-9527-7bc1c0f.js Show response static.zdassets.com/web_widget/messenger/latest/ Frame 5300	29 KB 11 KB	60ms 58ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-7bc1c0f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT x-amz-version-id HwbZ6uxK1YLhJ9IXLd6hWwZS5dWaJJTm content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id ZQ9TTCX63Q6ZNP2V age 2228021 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 zrhUuxuSuLSxdOViPNUAwCRlmr3BEAYlvtDfbsuyuyCHwcOxKmNOznNucnIH3fUdID1v3bd78zS1br5U0SfV6Q== last-modified Mon, 08 Apr 2024 13:55:43 GMT server cloudflare etag W/"083d4fe56f4013855997ad6d21392f69" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znjhZS5V0N%2FBzFeXxckwwYSZrCOctmByy97gVMuCxiLQwyqHtyaOZLMlsAb7RhR%2BXw94uxg997tuJLHWu5YdihgacARKK0i27AP1%2F%2FqYnKTFapHQxxJ2JmcuUWJ5t7ugmY977lI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=31536000 access-control-max-age 0 cf-ray 87ff359dd9a2b742-AMS access-control-allow-headers * expires Tue, 08 Apr 2025 13:55:42 GMT
GET H2	200	web-widget-92795-7bc1c0f.js Show response static.zdassets.com/web_widget/messenger/latest/ Frame 5300	14 KB 4 KB	61ms 59ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-92795-7bc1c0f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e6a4d9e16ce4da30f229293ef16fbdd906a6d7579d9090e6c83236db665c18c Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT x-amz-version-id VqXB39TxxRyQBgdUUulygv8iZIIl.U6A content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id ZQ9QW50VQEW3Z764 age 2228021 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 ArvWc1yuTqe/WVjk37lS+kEO6jdZyIciiLzRNRIeg0EHO7Zbxg4zrjCBRF5coULRO893rKW76OQ= last-modified Mon, 08 Apr 2024 13:55:43 GMT server cloudflare etag W/"8dacd87b4c48f734bef8b1d2179cf0a8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y43mbTLBN1P%2FnQNl1gwNu2LGh9UvE%2BQy5m8fFZQ6o3SbkDG8jsBEpeC9fBzPJrdH4CJtZUkwBgctU6MVohNJzSU%2BmJ1H4X2LOYtBGli0TCeKBQtAqGnoR1dbPDvlTiwdWEr61pA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=31536000 access-control-max-age 0 cf-ray 87ff359dd9a3b742-AMS access-control-allow-headers * expires Tue, 08 Apr 2025 13:55:42 GMT
GET H2	200	web-widget-15178-7bc1c0f.js Show response static.zdassets.com/web_widget/messenger/latest/ Frame 5300	12 KB 5 KB	57ms 56ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-15178-7bc1c0f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6d6b877a6e65b87c7eaada4f2e8ee780d5749e21a0b31a42dd843f50b74cf03 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT x-amz-version-id 2HcNSYrwF4nmwUJUJvgVhxrgkT6qyOzm content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DKWJ1ZHR7X4F6WDQ age 2228021 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 HMIflAK/iPWxphdlvNeCUvclLYoj+mvXpDHa6tbh3ikAtfH/Kt+x8We7nbG8RLfphu8ASmL4s88C2SfETE0Rpw== last-modified Mon, 08 Apr 2024 13:55:36 GMT server cloudflare etag W/"30cd804708caa9949248913ba8f11137" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B07HO4SMP275LQU5eB1OEkOBNGQzf0cUgnNuwCsdTeqEnuSkYvOR6EDMm6%2FJNIo1Q%2FZb1KDGj6SpRSUtRFDnU27VuwSvCmT7m5X2REZ0BUQJpLpSI1bKkxZC6WI6LRqrS1Y8%2Fbs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=31536000 access-control-max-age 0 cf-ray 87ff359dd9a4b742-AMS access-control-allow-headers * expires Tue, 08 Apr 2025 13:55:35 GMT
GET H2	200	web-widget-59535-7bc1c0f.js Show response static.zdassets.com/web_widget/messenger/latest/ Frame 5300	15 KB 6 KB	63ms 63ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-59535-7bc1c0f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49c6b066c7794e32489b24de0b9269cdbd3a18ad9cb32552cb60f25d3123c972 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT x-amz-version-id CPyEyXK6TSeQFi3.kU_Huc_t6EdbgHbO content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id ZQ9HG5MJCVRK3MH5 age 2228021 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 l9jY+QGDab3UN2BUYQApDPgjCySc3XA3hz3MivAtWXlWzIsfS1YUVn8tU8A9daHt7ggtSCAdlnK37PmAW+3WgUt/fNjI3hHC last-modified Mon, 08 Apr 2024 13:55:39 GMT server cloudflare etag W/"d872b805dfde20482fe32889700afdc1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SvHgzrmF6IkmPMBB%2BCDpYr0c4bD6Ghd%2BbnISxHZ04pV6ofQdZ9K7W0dABkSCQnTicS6ytaQHyCqLa9D1bAIzfI3QCQ2Eot7mrmrQWKoZXkC5fUJS7VbV1ZvRf9q2Db5zlzj8L2E%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=31536000 access-control-max-age 0 cf-ray 87ff359dd9a5b742-AMS access-control-allow-headers * expires Tue, 08 Apr 2025 13:55:38 GMT
POST H2	200	pv floatcard.zendesk.com/frontendevents/ Frame 5300	0 0	261ms 260ms	Fetch	104.16.51.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://floatcard.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088 Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type application/json Response headers date Tue, 07 May 2024 06:38:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare x-zendesk-zorg yes vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LD%2F1ZVw7O%2BZ5BnEWLRhTkXAr7Gfv4ERVbJo3HoLlHE0yCbuEd%2BFerXJoLj%2BcqGSG1h2hDq5%2FLa5QDugk%2FGioizyEt3Jc9O2k4VVOJIGMlJSGU9Huc6eoDdoGsOawN3M2bPAGLePKwA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 87ff35a0f942b76c-AMS content-length 0 x-request-id 87ff35a0f942b76c-AMS
GET H2	200	config Show response floatcard.zendesk.com/embeddable/ Frame 5300	885 B 1 KB	684ms 547ms	Fetch application/json	104.16.51.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://floatcard.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c220dc2eb04c2986ed3aec44aa6398edd021b30f389f6da802e282c5cce3b626 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:51 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-zendesk-origin-server embeddable-app-server-6b5dd86575-xk2rm x-cached MISS x-runtime 0.001828 last-modified Tue, 07 May 2024 06:14:07 GMT server cloudflare access-control-max-age 7200 access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DcTzPHGGhg7bdbKCXJ%2BvbhWc2nelCq4nHpSCZSuzZcrZid5cBoanL%2FzyysGSl3DL3BlgrlI5fBW3E6Aa1MEDxje3foC4mgotTknb9O75dqyE1T42rqHY%2FOc0j1FGFh%2F%2F%2FKIOIGUfyw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control public, max-age=60, stale-while-revalidate=600, stale-if-error=3600 vary Origin, Accept-Encoding cf-ray 87ff359f5f89b76c-AMS
OPTIONS H2	204	pv floatcard.zendesk.com/frontendevents/ Frame	0 0	391ms 254ms	Preflight	104.16.51.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://floatcard.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://flt.cards Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-origin * access-control-max-age 600 cache-control max-age=600 cf-cache-status DYNAMIC cf-ray 87ff359f5f85b76c-AMS date Tue, 07 May 2024 06:38:50 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ze5SgN%2FYi%2Be6UoWFV5J%2BLLtO6yhxsn02x5cGxmtn7oWL2zwXuCBdQ0z3jBoNQMBnYW79fEfRRjLFnXFcBj%2BX6baWgWPnXbhli2xuSjTmya4flnXZZKF2zqjn68PlKRMMsWnWYy9cw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Origin x-request-id 87ff359f5f85b76c-AMS x-zendesk-zorg yes
GET H2	404	fryhjowcno Show response api.tryjournal.com/api/v1/transactions/spender-categorization/	152 B 464 B	153ms 152ms	Fetch application/json	3.22.103.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.tryjournal.com/api/v1/transactions/spender-categorization/fryhjowcno Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.22.103.46 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-22-103-46.us-east-2.compute.amazonaws.com Software nginx / Resource Hash b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff referrer-policy same-origin server nginx cross-origin-opener-policy same-origin x-frame-options DENY allow GET, PUT, PATCH, HEAD, OPTIONS content-language en access-control-allow-origin * content-type application/json vary Accept-Language, Origin
GET H3	200	1940817879400549 Show response connect.facebook.net/signals/config/	18 KB 3 KB	100ms 99ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1940817879400549?v=2.9.155&r=stable&domain=flt.cards&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C150%2C179%2C181%2C113%2C135%2C139%2C119%2C174%2C216%2C106%2C136%2C159%2C146%2C109%2C217%2C152%2C110%2C133%2C126%2C114 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 468af2234223185916d8168ab914d998d39c6d0e51bf519d2997ad281ed91c2a Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 07 May 2024 06:38:50 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4325, tp=9, tpl=0, uplat=58, ullat=0 pragma public x-fb-debug bNwCRp6vRn2AcnFlzdmStLBVfXU9lu/yr6ZEAkMpUSsUF20T1OE5JV0ySuuh+Z4SWrB1rE0wcQ6aFTa1Wu2rog== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	278ms 162ms	Image image/gif	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3160371460&v=1.1&a=6317545&pu=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&t=Float&cts=1715063930830&vi=e9e9ff5c176a0b4a23fd76b164c09de2&nc=true&u=133920017.e9e9ff5c176a0b4a23fd76b164c09de2.1715063930825.1715063930825.1715063930825.1&b=133920017.1.1715063930825&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 38b46d90-ec97-4ecc-b02a-3d695a98471f p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 6 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 38b46d90-ec97-4ecc-b02a-3d695a98471f server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQbzUGsNNMDH1rk0diGNKBjUS%2FnCMH3uBdgzQOOPX77%2BFq0HZnKz9MRoT%2BAB40RgpaOqXmqJqeun%2B5RY6UyyhZwC%2FtASWHtPS0n1%2FCUNzp0a1CeXNVvqXg7cYn7BOui9QzQvzVr8qalEPWjaOc3L"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-9kkj8 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 87ff35a08a774dcb-FRA x-robots-tag none
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B841872C2A8345C291FC6313B79EF171&RedC=c.clarity.ms&MXFR=05B03DFCA15267C206082984A55269A1 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B841872C2A8345C291FC6313B79EF171&MUID=07061811788A6FF104600C6979016EEB	42 B 441 B	59ms 59ms	Image image/gif	68.219.88.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B841872C2A8345C291FC6313B79EF171&MUID=07061811788A6FF104600C6979016EEB Protocol H2 Server 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 07 May 2024 06:38:50 GMT last-modified Fri, 01 Mar 2024 22:54:48 GMT server Microsoft-IIS/10.0 etag "3e26b762b6cda1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Tue, 07 May 2024 06:38:50 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: DFDEFD075EFA4D67A6871719A868A1D1 Ref B: FRA31EDGE0207 Ref C: 2024-05-07T06:38:51Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B841872C2A8345C291FC6313B79EF171&MUID=07061811788A6FF104600C6979016EEB cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	favicon.ico flt.cards/	102 KB 8 KB	70ms 68ms	Other image/vnd.microsoft.icon	76.76.21.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://flt.cards/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 9695bfe4f839356f62fa99d190d57d193e32d3672149f5467e8f7bacff7dab4c Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/t/fryhjowcno User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:50 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::scdjp-1715063930871-965df7a2695f age 19055 etag W/"b3201bf81dd5ab13b0138bc38cf3db0c" x-vercel-cache HIT content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="favicon.ico"
GET H2	200	page.gif track.customer.io/events/	35 B 274 B	281ms 150ms	Image image/gif	35.227.225.220 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://track.customer.io/events/page.gif?name=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=f9cb9a7a-551b-4b1d-ad09-abb2ad98b016&site_id=62d9962207c23cfdd073&timestamp=1715063930864 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 220.225.227.35.bc.googleusercontent.com Software / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:51 GMT via 1.1 google content-type image/gif access-control-allow-origin * status 200 OK cache-control no-cache, no-store, must-revalidate, max-age=0 content-transfer-encoding binary cross-origin-resource-policy cross-origin content-disposition attachment alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35
POST H2	202	page Show response rs.fullstory.com/rec/	73 B 275 B	266ms 155ms	XHR text/plain	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/page Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash 6f2698f98407f1a9956464e98035700bfa6041e3d7a63d8022f983b69321f090 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Tue, 07 May 2024 06:38:51 GMT via 1.1 google x-content-type-options nosniff content-type text/plain; charset=utf-8 access-control-allow-origin https://flt.cards access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73
POST H2	200	pube9a70ecba28e048e3a2d538f705e6cbc rum-http-intake.logs.datadoghq.com/v1/input/	0 0	298ms 297ms	Ping application/json	2600:1f18:24e6:b901:4264:c4b2:2d38:2fd6 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rum-http-intake.logs.datadoghq.com/v1/input/pube9a70ecba28e048e3a2d538f705e6cbc?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aproduction%2Cservice%3Afrontend&batch_time=1715063930890 Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b901:4264:c4b2:2d38:2fd6 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	/ www.facebook.com/tr/	0 126 B	42ms 41ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1940817879400549&ev=PageView&dl=https%3A%2F%2Fflt.cards&rl=&if=false&ts=1715063930945&sw=1600&sh=1200&ud[external_id]=e9e9ff5c176a0b4a23fd76b164c09de2&v=2.9.155&r=stable&a=hubspot&ec=0&o=4124&fbp=fb.1.1715063929821.1853320973&pm=1&hrl=70803a&ler=empty&cdl=API_unavailable&it=1715063929549&coo=false&cs_cc=1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1294, tbw=3124, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 07 May 2024 06:38:50 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H/1.1	204 No Content	collect Show response v.clarity.ms/	0 289 B	132ms 131ms	XHR text/plain	20.114.189.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v.clarity.ms/collect Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin https://flt.cards Date Tue, 07 May 2024 06:38:51 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
GET H2	404	fryhjowcno Show response api.tryjournal.com/api/v1/transactions/spender-categorization/	152 B 465 B	151ms 151ms	Fetch application/json	3.22.103.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.tryjournal.com/api/v1/transactions/spender-categorization/fryhjowcno Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.22.103.46 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-22-103-46.us-east-2.compute.amazonaws.com Software nginx / Resource Hash b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 06:38:53 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff referrer-policy same-origin server nginx cross-origin-opener-policy same-origin x-frame-options DENY allow GET, PUT, PATCH, HEAD, OPTIONS content-language en access-control-allow-origin * content-type application/json vary Accept-Language, Origin
POST H/1.1	204 No Content	collect Show response v.clarity.ms/	0 289 B	132ms 132ms	XHR text/plain	20.114.189.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v.clarity.ms/collect Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin https://flt.cards Date Tue, 07 May 2024 06:38:54 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
POST H2	204	collect region1.analytics.google.com/g/	0 46 B	57ms 56ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-1GFXRP385B&gtm=45je4510v871302425za200&_p=1715063927113&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=628400078.1715063929&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715063929&sct=1&seg=0&dl=https%3A%2F%2Fflt.cards%2Ft%2Ffryhjowcno&dt=Float&en=scroll&epn.percent_scrolled=90&_et=31&tfd=7638 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1GFXRP385B&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://flt.cards/ User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 07 May 2024 06:38:54 GMT server Golfe2 content-type text/plain access-control-allow-origin https://flt.cards cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	update_properties api.dyh8ken8pc.com/sdk/event/	52 B 69 B	212ms 212ms	Fetch application/json	34.120.213.93 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.dyh8ken8pc.com/sdk/event/update_properties Requested by Host: flt.cards URL: https://flt.cards/assets/index-BmYKDD6G.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.213.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 93.213.120.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://flt.cards/ Accept-Language de-DE,de;q=0.9;q=0.9 Authorization w4vclt1mhqnhl0zin4h4rxdcbx93s01v User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=31536000;includeSubDomains date Tue, 07 May 2024 06:38:55 GMT x-content-type-options nosniff via 1.1 google, 1.1 google x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * x-req-id cossovvt5mc0qepiup80 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52
OPTIONS H3	200	update_properties api.dyh8ken8pc.com/sdk/event/ Frame	0 0	398ms 397ms	Preflight	34.120.213.93 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.dyh8ken8pc.com/sdk/event/update_properties Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.213.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 93.213.120.34.bc.googleusercontent.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://flt.cards Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,Authorization access-control-allow-methods GET,POST,PUT,HEAD,DELETE access-control-allow-origin * access-control-max-age 43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Tue, 07 May 2024 06:38:55 GMT via 1.1 google, 1.1 google