flt.cards Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://flt.cards/t/dyqjznstqj
Submission: On December 26 via api (December 26th 2023, 12:58:28 am UTC) from LU — Scanned from DE

Summary HTTP 80 Redirects Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 35 domains to perform 80 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is flt.cards.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.

This is the only time flt.cards was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:bf59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:600... 2a04:4e42:600::622	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
6	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:4dba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:5a9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
3	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:1901:0:7... 2600:1901:0:7a0b::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	18.116.213.43 18.116.213.43	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8ace	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.111.73.67 34.111.73.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	216.24.57.253 216.24.57.253	397273 (RENDER) (RENDER)
1	2606:4700::68... 2606:4700::6811:129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:890f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
3	2600:1f18:24e... 2600:1f18:24e6:b900:74c8:903a:1012:412b	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.198.187.91 54.198.187.91	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.163.144.222 35.163.144.222	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
80	43

3 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

flt.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:bf59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4dba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:5a9a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.116.213.43 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-213-43.us-east-2.compute.amazonaws.com

api.tryjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ace (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.73.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.73.111.34.bc.googleusercontent.com

js.chilipiper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.24.57.253 (Sweden)

ASN397273 (RENDER, US)

grow.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:129 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:24e6:b900:74c8:903a:1012:412b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.198.187.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-187-91.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.163.144.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-144-222.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 k.clarity.ms — Cisco Umbrella Rank: 18779 c.clarity.ms — Cisco Umbrella Rank: 1377	29 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	5 KB
6	segment.com cdn.segment.com — Cisco Umbrella Rank: 1681	100 KB
4	tryjournal.com api.tryjournal.com	2 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 329 c.bing.com — Cisco Umbrella Rank: 228	14 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	330 KB
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2024 rs.fullstory.com — Cisco Umbrella Rank: 2033	71 KB
3	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 6595
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 9979 scout.salesloft.com — Cisco Umbrella Rank: 11992	4 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	116 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	4 KB
3	appcues.com fast.appcues.com — Cisco Umbrella Rank: 4861	135 KB
3	flt.cards flt.cards	1 MB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	google.de www.google.de — Cisco Umbrella Rank: 6765	563 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	563 B
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 599	130 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	31 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4726 forms.hscollectedforms.net — Cisco Umbrella Rank: 4810	26 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2326	2 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2246	1 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1340	169 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3450	1 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1387	637 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4490	2 KB
1	clearbitjs.com grow.clearbitjs.com — Cisco Umbrella Rank: 43884	357 B
1	chilipiper.com js.chilipiper.com — Cisco Umbrella Rank: 22696	25 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6767	154 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1266	9 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2129	20 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3131	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2128	21 KB
80	35

	Domain	Requested by
6	cdn.segment.com	flt.cards cdn.segment.com
4	px.ads.linkedin.com	3 redirects flt.cards
4	api.tryjournal.com	flt.cards
4	www.googletagmanager.com	flt.cards www.googletagmanager.com js.hsadspixel.net
3	rum-http-intake.logs.datadoghq.com	flt.cards
3	connect.facebook.net	flt.cards connect.facebook.net
3	www.clarity.ms	flt.cards www.clarity.ms
3	bat.bing.com	www.googletagmanager.com bat.bing.com flt.cards
3	fast.appcues.com	flt.cards fast.appcues.com
3	flt.cards	flt.cards
2	c.clarity.ms	1 redirects
2	edge.fullstory.com	cdn.segment.com flt.cards
2	k.clarity.ms	flt.cards
2	www.facebook.com	flt.cards
2	scout.salesloft.com	flt.cards
2	www.google.de	flt.cards
2	www.google.com	flt.cards
2	region1.google-analytics.com	www.googletagmanager.com
2	sessions.bugsnag.com	flt.cards
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	www.google-analytics.com	www.googletagmanager.com flt.cards
2	fonts.googleapis.com	flt.cards
2	js.hs-scripts.com	flt.cards www.googletagmanager.com
1	rs.fullstory.com	flt.cards
1	c.bing.com	1 redirects
1	track.hubspot.com
1	api.segment.io	flt.cards
1	api.hubapi.com	flt.cards
1	forms.hscollectedforms.net	flt.cards
1	alb.reddit.com	flt.cards
1	stats.g.doubleclick.net	flt.cards
1	px4.ads.linkedin.com	flt.cards
1	www.linkedin.com	1 redirects
1	ws.zoominfo.com	flt.cards
1	scout-cdn.salesloft.com	flt.cards
1	grow.clearbitjs.com	flt.cards
1	js.chilipiper.com	www.googletagmanager.com
1	js.hsforms.net	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.redditstatic.com	www.googletagmanager.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
80	45

This site contains no links.

Subject Issuer	Validity	Valid
flt.cards R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-05` - `2024-09-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.tryjournal.com Amazon RSA 2048 M01	`2023-03-21` - `2024-04-18`	a year	crt.sh
chilipiper.com GoGetSSL RSA DV CA	`2023-01-31` - `2024-03-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-04` - `2024-01-02`	3 months	crt.sh
grow.clearbitjs.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-18`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-11-10` - `2024-02-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://flt.cards/t/dyqjznstqj
Frame ID: DB3D199E8F94F6D5977DE52B097E990C
Requests: 79 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Float

Detected technologies

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Chili Piper (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

js\.chilipiper\.com/marketing\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

80
Requests

96 %
HTTPS

69 %
IPv6

35
Domains

45
Subdomains

43
IPs

5
Countries

2502 kB
Transfer

8492 kB
Size

41
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1703552300526&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1703552300526&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2818138%26time%3D1703552300526%26url%3Dhttps%253A%252F%252Fflt.cards%252Ft%252Fdyqjznstqj%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1703552300526&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1703552300526&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&cookiesTest=true&liSync=true&e_ipv6=AQKEcH6IO4UHuQAAAYyjoTlVwazE1l9g3Yt6ohVybq_xzARmCCBma1qJaXqdB3JcRIGlzye3

Request Chain 71

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ED9C7A7F6C4A4350B8A29C676AA527B9&RedC=c.clarity.ms&MXFR=37D77B297307628B33A868DA77076C3F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ED9C7A7F6C4A4350B8A29C676AA527B9&MUID=3491DF25156A6FB60B01CCD614C66E46

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request dyqjznstqj Show response
flt.cards/t/ 7 KB
3 KB 288ms
46ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

44418ef323a21c14963cf2374e408310a5a90af40ab3aea7f84142abde82d136

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 349483
cache-control: s-maxage=0
content-disposition: inline; filename="index.html"
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 00:58:19 GMT
etag: W/"3dffdc2304f4c4d2e551a8b36ac7583b"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: fra1::m5dbn-1703552299363-b6d02e6b8096

GET
H2 200 6317545.js Show response
js.hs-scripts.com/ 2 KB
1 KB 440ms
344ms Script
application/javascript 2606:4700::6810:bf59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/6317545.js

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a23aff48c8acf06d35a85e156559896893f92edeeb4549abd3a0c177a0a39f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b2155b75-bcd2-49ca-85e5-03c6fcfe30d9
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b2155b75-bcd2-49ca-85e5-03c6fcfe30d9
last-modified: Sat, 23 Dec 2023 15:44:12 GMT
server: cloudflare
x-trace: 2B9579A8F5A78B69B067777499658AC26F566FA65F000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://flt.cards
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-57d4fb94bb-4m556
cf-ray: 83b55fefea0965c5-FRA
expires: Tue, 26 Dec 2023 00:59:19 GMT

GET
H2 200 146114.js Show response
fast.appcues.com/ 21 KB
5 KB 968ms
830ms Script
text/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/146114.js
Requested by: Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 22c941eed066887c4b83cc021af0cbfa2de29c3f39a826fbd5bc968a0e13ada6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 4883
x-request-id: F6Q7yo9gIkJVWMSTesFh
x-served-by: cache-sof1510030-SOF
server: Cowboy
x-timer: S1703552300.557377,VS0,VE773
vary: accept-encoding, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 0

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
688 B 137ms
50ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@500&display=swap

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eeec46530340c420257c12e2e5725b5d34f54ab34fb1936b4ec6abe884c273f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Dec 2023 00:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 23:56:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Dec 2023 00:58:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 135ms
48ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6134e6ac14d17d2359f910de71889d3e82743aef08773c93901a12acf72f393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Dec 2023 00:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 00:02:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Dec 2023 00:58:19 GMT

GET
H2 200 index-9d2b2ce0.js Show response
flt.cards/assets/ 4 MB
1 MB 75ms
75ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flt.cards/assets/index-9d2b2ce0.js

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a57d74ed2e491c7afe6bf2d7ba8fc4efd5bf64f16f376fa89d33fca08bc66e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://flt.cards/t/dyqjznstqj
Origin: https://flt.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:19 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::s2npk-1703552299417-8b79260a10fa
age: 342059
etag: W/"17bf8cb291aa63a43be937ede04d69e1"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="index-9d2b2ce0.js"

GET
H2 200 index-8e8588b1.css
flt.cards/assets/ 495 KB
70 KB 47ms
47ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flt.cards/assets/index-8e8588b1.css

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8e8588b14a72e9b533523a3ad277209c3a02179efb0c37a59aa90e2befa2cebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/t/dyqjznstqj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:19 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::gf6q4-1703552299414-cd4a09ec2dbb
age: 349483
etag: W/"f62bd6de819a11238dd7c10b559c3d87"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="index-8e8588b1.css"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 288 KB
96 KB 148ms
62ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c842e03d6632624b86423015bdcff26918a61a8840b72e5e9a0def327f66799f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98051
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Dec 2023 00:58:19 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/ 108 KB
31 KB 762ms
640ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js
Requested by: Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13b3374fed25f3c43f0a291fef146d5d9fb510103ee03d70c695ba41b3d395eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

x-amz-version-id: LwMe6GuZfcJgxJZ846KnRyyQJj8.92HX
content-encoding: gzip
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 00:58:21 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Dec 2023 23:27:23 GMT
server: AmazonS3
etag: W/"fc2cbec75d30a7aa085e422f53801b27"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: h9Wp_b2uFbHXUu94ZZ5RA9uITFZDalr3kM58U5xiGVbffitjxcP5EA==

GET
H2 200 6317545.js Show response
js.hs-analytics.net/analytics/1703552100000/ 66 KB
21 KB 266ms
170ms Script
text/javascript 2606:4700::6810:4dba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1703552100000/6317545.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6317545.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 147ae7c5e2d010e8946f3bd50ae9b5167e6b4cfa69e7192226d042afb919eb75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: WGMPV8PANN05RNF2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: abad7cf7-5f94-46bf-b5ac-118fed3dd139
x-envoy-upstream-service-time: 21
x-amz-id-2: un4bO8LQ7xqWVSDeaTpPmgyDMF1eZEAea+vyfRqlxJRvIQll/lLAPpxz2gv97isR1Vh9XKjiOiE=
x-evy-trace-listener: listener_https
x-request-id: abad7cf7-5f94-46bf-b5ac-118fed3dd139
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 15 Nov 2023 17:24:40 GMT
server: cloudflare
etag: W/"30e530c9cb9c3fdafed231b7105010ff"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-55f4f74954-8z6xl
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 83b55ff5fb269b77-FRA
expires: Tue, 26 Dec 2023 01:03:20 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 144ms
46ms Script
application/javascript 2606:4700::6811:e6a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6317545.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e6a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72e8aa11120d22eddafdee660ecc72d141bff2ab7c42c04bbf50399b83e1645c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
x-amz-version-id: xhcuv40vMhop9D9LE0Ufg_3zdYpVKT_8
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 130
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.504/bundles/pixels-release.js&cfRay=83b55cc70f561c1e-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 0637f2ab-0a53-4f7f-8fe9-c391182e72a0
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0637f2ab-0a53-4f7f-8fe9-c391182e72a0
last-modified: Mon, 18 Dec 2023 17:07:06 UTC
server: cloudflare
etag: W/"8d0d43ba9e333894d9c5e9471d2657d0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-qqq7r
cf-ray: 83b55ff609b830d2-FRA
x-amz-cf-id: FOS08CU97xiz4bvAJYY6BaGXkRDdiQ-SF1Bh2SEltKHdj-VuOza8YA==
x-hs-target-asset: adsscriptloaderstatic/static-1.504/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 239ms
142ms Script
application/javascript 2606:4700::6811:5a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6317545.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5a9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flt.cards/
Origin: https://flt.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
x-amz-version-id: qOShuUL.zI.RMIWwukZE0taADNX_1wuf
via: 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 027c8b3b-a079-46fe-b0d2-e7bd13d3fe57
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.444/bundles/project.js&cfRay=83b55ff60c959a41-FRA
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 027c8b3b-a079-46fe-b0d2-e7bd13d3fe57
last-modified: Mon, 04 Dec 2023 12:10:50 UTC
server: cloudflare
etag: W/"109b7665e389a0b17fbf732bf7a02089"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-9gm2w
cf-ray: 83b55ff60c959a41-FRA
x-amz-cf-id: RJsabJzGsUVzDvBoL1SXoYIIGUvUmeSnZ1PYl0BP94480VxLiPF4-Q==
x-hs-target-asset: collected-forms-embed-js/static-1.444/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/6317545/ 65 KB
20 KB 353ms
258ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/6317545/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6317545.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b6fbcde5cb72592ed0b4c7a6250971815aba4bf5816d16d3f96bbbab48a605d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
x-amz-version-id: Nz2M.Uz1pxosGJo9TZzMAe_GiqZazgjw
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: WGMZT5KNKEFKGYSE
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: b472bfcc-e777-4be0-82a0-954347171ff4
x-envoy-upstream-service-time: 34
x-amz-id-2: DOO0XZ4rf7cwMRol+Ig7JU1LfEFajQDjFnQ5MKSmyujBuwoTvnNppCQ8krl29y0LFEVfRaOEf2J410v53oUjFA6A4gZwPSsT5Om8M82K3o4=
x-evy-trace-listener: listener_https
x-request-id: b472bfcc-e777-4be0-82a0-954347171ff4
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 17 Oct 2023 23:06:36 GMT
server: cloudflare
etag: W/"5c2e3f72e44b5e9e60efed4045082062"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://flt.cards
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-55f4f74954-qdt7s
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 83b55ff609789b63-FRA
expires: Tue, 26 Dec 2023 01:03:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1GFXRP385B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a6dd414017a4df3a7f73021464545f9bf409ff6946fa79fea460420e619c57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90758
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Dec 2023 00:58:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 23:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5755
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 26 Dec 2023 01:22:25 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
15 KB 146ms
40ms Script
application/javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 13:09:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=18102
accept-ranges: bytes
content-length: 15541

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/410007659/ 2 KB
2 KB 137ms
51ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/410007659/?random=1703552300090&cv=11&fst=1703552300090&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v850174047&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&hn=www.googleadservices.com&frm=0&auid=1438876782.1703552300&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ca13ee4e5783e5c77ad00dbbb4489e433a4f95b15dd4f6f63a15cb345e292a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 158ms
66ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 26 Dec 2023 00:58:20 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 17884732DDD948E7BDA1438913AF1AE2 Ref B: FRA31EDGE0110 Ref C: 2023-12-26T00:58:20Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 26 KB
9 KB 188ms
58ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 39657f7f198608406cab1de96720a22549e6b6d918db8dfdd0f5ef9ab84ef17c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 12 Dec 2023 19:56:38 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "ead4fccfb1bebd02138cf2dcadd7dcba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8123

GET
H2 200 appcues.main.0250d604adc0cfee96d042ad982b733f04892869.js Show response
fast.appcues.com/generic/main/4.60.62/ 449 KB
127 KB 172ms
57ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.60.62/appcues.main.0250d604adc0cfee96d042ad982b733f04892869.js
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/146114.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5dd3ea3d5b8e086967e631b00bef489b1c22c03484e9d11855d6a97bad4f520

Request headers

Referer: https://flt.cards/
Origin: https://flt.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 124K6R68Z83DP6W5
age: 369709
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 129743
x-amz-id-2: yDNgeFb8aZqjU03U40xXBs67hDuitiAKFVkyG/vkQDcQKiarCjdNiYEx2DqgsYrpqZT0TRoa0rk=
x-served-by: cache-sof1510024-SOF
last-modified: Thu, 21 Dec 2023 18:07:14 GMT
server: AmazonS3
x-timer: S1703552301.515399,VS0,VE0
etag: "060434df9847b95f3ad7e62b437b1504"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 59978

GET
H2 200 j95a8uk0ei Show response
www.clarity.ms/tag/ 668 B
1 KB 260ms
138ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/j95a8uk0ei
Requested by: Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0e40791ea380c665b0eefb02743280e168079ecc620b52fac279047f2386fe1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

expires: -1
date: Tue, 26 Dec 2023 00:58:20 GMT
x-azure-ref: 20231226T005820Z-hvzfx5xk5x48d13qz7tq7qdh440000000aeg00000000dy8n
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 668
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 272ms
182ms Preflight 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://flt.cards
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 26 Dec 2023 00:58:20 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
130 B 181ms
181ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://flt.cards/
Bugsnag-Sent-At: 2023-12-26T00:58:20.417Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: d7ef588a4b5694af3e9cee215e30288c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 00:58:20 GMT
via: 1.1 google
bugsnag-session-uuid: c71e6e22-2131-48e6-8cbf-286acb2ba004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flt.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:07:43 GMT
x-content-type-options: nosniff
age: 413437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 06:07:43 GMT

GET
BLOB 200
OK 0ee5b405-2979-4a28-abfb-bbac04a5160a
https://flt.cards/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://flt.cards/0ee5b405-2979-4a28-abfb-bbac04a5160a
Requested by: Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58763412c3a28933886d961ee282e33be311ebb239509e94b7de687316937d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

Content-Length: 2235
Content-Type: application/javascript

GET
H2 404 dyqjznstqj Show response
api.tryjournal.com/api/v1/transactions/spender-categorization/ 152 B
408 B 427ms
153ms Fetch
application/json 18.116.213.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tryjournal.com/api/v1/transactions/spender-categorization/dyqjznstqj

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.116.213.43 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-116-213-43.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
vary: Origin
allow: GET, PUT, PATCH, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 132ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1GFXRP385B&gtm=45je3bt0v871302425z8850174047&_p=1703552299409&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=58235220.1703552300&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703552300&sct=1&seg=0&dl=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&dt=Float&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1386
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1GFXRP385B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flt.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6317545.js Show response
js.hs-scripts.com/ 2 KB
643 B 51ms
51ms Script
application/javascript 2606:4700::6810:bf59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/6317545.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d362b9bc1dda88d1f998167f80ed926b2556af31d08eaee2be914bca13974b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: b2155b75-bcd2-49ca-85e5-03c6fcfe30d9
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2002
age: 1
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b2155b75-bcd2-49ca-85e5-03c6fcfe30d9
cf-bgj: minify
last-modified: Tue, 26 Dec 2023 00:58:19 GMT
server: cloudflare
x-trace: 2B9579A8F5A78B69B067777499658AC26F566FA65F000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://flt.cards
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-57d4fb94bb-4m556
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 83b55ff63d9e65c5-FRA
expires: Tue, 26 Dec 2023 00:59:20 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 485 KB
154 KB 147ms
50ms Script
application/javascript 2606:4700::6810:8ace
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8ace , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2e1c7db0ffa63e5333bc3771c96bf5c5d704332d79dfcfbff8bc16187b1abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

content-encoding: br
age: 378
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4371/bundles/project-v2.js&cfRay=83b556bb7bcabbc2-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"982d8d22d576c26eb044b0e746926bef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4371/bundles/project-v2.js
date: Tue, 26 Dec 2023 00:58:20 GMT
x-amz-version-id: wkCPEW5SoVMi9CoHH5BglhAxVEpTVVPC
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 6a6cdecc-4f3e-4266-9afb-08e60f92eda3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6a6cdecc-4f3e-4266-9afb-08e60f92eda3
last-modified: Wed, 20 Dec 2023 09:57:15 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4r7fdGRfa3VVBayrEuRVnwmB5vBrbnGDYzspfQwjhvNLyeJVVrrObQv2Y0OhJ65ZtloAfHRb0lenXy65YRw6Ealk8jX3yi2G2sENy2%2BYFlYORmW%2Ffjr%2FxDakr4%2FF%2Fi2UmQlTjC1agr%2BdIMf6"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-n6bsm
cf-ray: 83b55ff6ec271e49-FRA
x-amz-cf-id: LcLnnenq3sDIxWaFZLZmYah7PwAU0F94lOaE2Ovwr-3heaAGMeDP7A==

GET
H2 200 marketing.js Show response
js.chilipiper.com/ 73 KB
25 KB 143ms
40ms Script
application/javascript 34.111.73.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chilipiper.com/marketing.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.73.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

67.73.111.34.bc.googleusercontent.com

Software

Resource Hash

a872bd399e25068e20cfedcf431503be8a0d09772ba2b4894d9b2839223477ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: wss://.chilipiper.com wss://.chilipiper.io wss://.chilipiper.cool wss://.chilipiper.team https://.chilipiper.com https://.chilipiper.io https://.chilipiper.cool https://.chilipiper.team https://www.google-analytics.com https://www.googletagmanager.com https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://.rollout.io https://.facebook.com https://.marketo.com https://.mixpanel.com https://.hubspot.com https://.pardot.com https://.getdrip.com https://.google.com https://.googleapis.com https://.hsforms.net https://.clearbit.com https://www.youtube.com https://s3.amazonaws.com https://sentry.io https://cdn.ravenjs.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://twemoji.maxcdn.com https://.cloudfront.net https://intercom-sheets.com https://static.intercomassets.com https://js.intercomcdn.com https://cdn.segment.com https://api.segment.io https://maxcdn.bootstrapcdn.com https://.intercom.io https://.mutinycdn.com https://.mutinyhq.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.bugsnag.com https://zoom.us https://.gotomeeting.com https://.rollout.io https://.codox.io https://cdn.tiny.cloud https://js.stripe.com https://.zdassets.com https://.zendesk.com https://.zopim.com wss://chilipiper.zendesk.com wss://.zopim.com https://.googleusercontent.com https://.facebook.net https://.doubleclick.net https://.licdn.com https://.googleadservices.com https://.digitaloceanspaces.com https://.ingest.sentry.io https://canny.io/sdk.js https://changelog-widget.canny.io https://edge.fullstory.com https://rs.fullstory.com https://.lr-in-prod.com https://polyfill.io https://.planhat.com https://.sprig.com https://com-chilipiper-prod1.mini.snplow.net https://com-chilipiper-prod1.collector.snplow.net https://fast.chameleon.io https://js.chargify.com https://selfservice.maxio.com https://hooks.slack.com 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://fonts.googleapis.com https://js.intercomcdn.com; img-src data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' blob: data: wss://.chilipiper.com wss://.chilipiper.io wss://.chilipiper.cool wss://.chilipiper.team https://.chilipiper.com https://.chilipiper.io https://.chilipiper.cool https://.chilipiper.team https://www.google-analytics.com https://www.googletagmanager.com https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://.rollout.io https://.facebook.com https://.marketo.com https://.mixpanel.com https://.hubspot.com https://.pardot.com https://.getdrip.com https://.google.com https://.googleapis.com https://.hsforms.net https://.clearbit.com https://www.youtube.com https://s3.amazonaws.com https://sentry.io https://cdn.ravenjs.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://twemoji.maxcdn.com https://.cloudfront.net https://intercom-sheets.com https://static.intercomassets.com https://js.intercomcdn.com https://cdn.segment.com https://api.segment.io https://maxcdn.bootstrapcdn.com https://.intercom.io https://.mutinycdn.com https://.mutinyhq.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.bugsnag.com https://zoom.us https://.gotomeeting.com https://.rollout.io https://.codox.io https://cdn.tiny.cloud https://js.stripe.com https://.zdassets.com https://.zendesk.com https://.zopim.com wss://chilipiper.zendesk.com wss://.zopim.com https://.googleusercontent.com https://.facebook.net https://.doubleclick.net https://.licdn.com https://.googleadservices.com https://.digitaloceanspaces.com https://.ingest.sentry.io https://canny.io/sdk.js https://changelog-widget.canny.io https://edge.fullstory.com https://rs.fullstory.com https://.lr-in-prod.com https://polyfill.io https://.planhat.com https://.sprig.com https://com-chilipiper-prod1.mini.snplow.net https://com-chilipiper-prod1.collector.snplow.net https://fast.chameleon.io https://js.chargify.com https://selfservice.maxio.com https://hooks.slack.com 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://fonts.googleapis.com https://js.intercomcdn.com; img-src data: blob: 'unsafe-inline';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:57:55 GMT
content-encoding: gzip
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25
content-security-policy: default-src 'self' blob: data: wss://*.chilipiper.com wss://*.chilipiper.io wss://*.chilipiper.cool wss://*.chilipiper.team https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://www.google-analytics.com https://www.googletagmanager.com https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://*.rollout.io https://*.facebook.com https://*.marketo.com https://*.mixpanel.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://*.clearbit.com https://www.youtube.com https://s3.amazonaws.com https://sentry.io https://cdn.ravenjs.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://twemoji.maxcdn.com https://*.cloudfront.net https://intercom-sheets.com https://static.intercomassets.com https://js.intercomcdn.com https://cdn.segment.com https://api.segment.io https://maxcdn.bootstrapcdn.com https://*.intercom.io https://*.mutinycdn.com https://*.mutinyhq.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.bugsnag.com https://zoom.us https://*.gotomeeting.com https://*.rollout.io https://*.codox.io https://cdn.tiny.cloud https://js.stripe.com https://*.zdassets.com https://*.zendesk.com https://*.zopim.com wss://chilipiper.zendesk.com wss://*.zopim.com https://*.googleusercontent.com https://*.facebook.net https://*.doubleclick.net https://*.licdn.com https://*.googleadservices.com https://*.digitaloceanspaces.com https://*.ingest.sentry.io https://canny.io/sdk.js https://changelog-widget.canny.io https://edge.fullstory.com https://rs.fullstory.com https://*.lr-in-prod.com https://polyfill.io https://*.planhat.com https://*.sprig.com https://com-chilipiper-prod1.mini.snplow.net https://com-chilipiper-prod1.collector.snplow.net https://fast.chameleon.io https://js.chargify.com https://selfservice.maxio.com https://hooks.slack.com 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://fonts.googleapis.com https://js.intercomcdn.com; img-src * data: blob: 'unsafe-inline';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22399
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 20 Dec 2023 14:13:46 GMT
etag: W/"6582f69a-122e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=60, must-revalidate
x-cache-hit: hit
x-content-security-policy: default-src 'self' blob: data: wss://*.chilipiper.com wss://*.chilipiper.io wss://*.chilipiper.cool wss://*.chilipiper.team https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://www.google-analytics.com https://www.googletagmanager.com https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://*.rollout.io https://*.facebook.com https://*.marketo.com https://*.mixpanel.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://*.clearbit.com https://www.youtube.com https://s3.amazonaws.com https://sentry.io https://cdn.ravenjs.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://twemoji.maxcdn.com https://*.cloudfront.net https://intercom-sheets.com https://static.intercomassets.com https://js.intercomcdn.com https://cdn.segment.com https://api.segment.io https://maxcdn.bootstrapcdn.com https://*.intercom.io https://*.mutinycdn.com https://*.mutinyhq.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.bugsnag.com https://zoom.us https://*.gotomeeting.com https://*.rollout.io https://*.codox.io https://cdn.tiny.cloud https://js.stripe.com https://*.zdassets.com https://*.zendesk.com https://*.zopim.com wss://chilipiper.zendesk.com wss://*.zopim.com https://*.googleusercontent.com https://*.facebook.net https://*.doubleclick.net https://*.licdn.com https://*.googleadservices.com https://*.digitaloceanspaces.com https://*.ingest.sentry.io https://canny.io/sdk.js https://changelog-widget.canny.io https://edge.fullstory.com https://rs.fullstory.com https://*.lr-in-prod.com https://polyfill.io https://*.planhat.com https://*.sprig.com https://com-chilipiper-prod1.mini.snplow.net https://com-chilipiper-prod1.collector.snplow.net https://fast.chameleon.io https://js.chargify.com https://selfservice.maxio.com https://hooks.slack.com 'unsafe-inline'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://fonts.googleapis.com https://js.intercomcdn.com; img-src * data: blob: 'unsafe-inline';

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 119ms
39ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Dec 2023 00:58:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 95c2I02fi7WoWcbt1bCKW8clGiAUI3ZPoJyYcZ2ppiEhIh+PHXsmmmnFHCgmZPaBEzwNYug6TZN26Y32fN+zmQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
grow.clearbitjs.com/api/ 100 B
357 B 332ms
233ms Script
text/javascript 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://grow.clearbitjs.com/api/pixel.js?v=1703552300494

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.253 , Sweden, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4bdad53042e2bd6e5a231bfcd66d19dc33f507edc2b847ff3c58aca74ff138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
rndr-id: a947564e-0f6a-49bf
x-render-origin-server: Render
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 83b55ff70beb2681-TXL
alt-svc: h3=":443"; ma=86400

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 196ms
46ms Script
application/javascript 2606:4700::6811:129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: EXAG3MAF7BSE5ECQ
age: 2038
alt-svc: h3=":443"; ma=86400
x-amz-id-2: QbRsy9U1VHBOm3DRSoQ4UXEJDxrHxYL4oSzQeocj2G3dgJChg5Mjns/OCGTktjL4G4bQShF4fS0=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 83b55ff79bd618d9-FRA
expires: Tue, 26 Dec 2023 04:58:20 GMT

GET
H2 200 63694f26cd89674cdfa4ca86 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 360ms
261ms Script
text/javascript 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/63694f26cd89674cdfa4ca86

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

809ceebb4abb2cfc5c2ba04ce16f5cb4ad10fb3911a2b91c4f2362781decb4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/t/dyqjznstqj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 83b55ff79c463643-FRA

GET
H2 200 j9khmvbu01 Show response
www.clarity.ms/tag/ 650 B
1015 B 135ms
134ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/j9khmvbu01
Requested by: Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e931770e16305c12aae6d4fae4d9771e9a6c02e81e48903feef45d0f69df7ccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

expires: -1
date: Tue, 26 Dec 2023 00:58:20 GMT
x-azure-ref: 20231226T005820Z-hvzfx5xk5x48d13qz7tq7qdh440000000aeg00000000dy8p
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 /
www.google.com/pagead/1p-user-list/410007659/ 42 B
455 B 135ms
50ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/410007659/?random=1703552300090&cv=11&fst=1703548800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v850174047&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&frm=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_LL89q5XkBk5zwwYITW-_MuMaQ7_JyA&random=935390747&rmt_tld=0&ipr=y

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/410007659/ 42 B
455 B 138ms
52ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/410007659/?random=1703552300090&cv=11&fst=1703548800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v850174047&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&frm=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_LL89q5XkBk5zwwYITW-_MuMaQ7_JyA&random=935390747&rmt_tld=1&ipr=y

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
204 B 46ms
45ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1404518882&t=pageview&_s=1&dl=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&ul=en-us&de=UTF-8&dt=Float&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=979811394&gjid=1327566157&cid=58235220.1703552300&tid=UA-163128166-1&_gid=1112142210.1703552301&_r=1&_slc=1&gtm=45He3bt0n81KXNDS38v850174047&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=175952970

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flt.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1703552300526&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1703552300526&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2818138%26time%3D1703552300526%26url%3Dhttps%253A%252F%252Fflt.cards%252Ft%252Fdy...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1703552300526&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1703552300526&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&cookiesTest=true&liSync=true&e_ipv6=AQKEcH6IO4UHuQAAAYyjoTlVwazE1l9g3Yt6o...

0
265 B

259ms
165ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1703552300526&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&cookiesTest=true&liSync=true&e_ipv6=AQKEcH6IO4UHuQAAAYyjoTlVwazE1l9g3Yt6ohVybq_xzARmCCBma1qJaXqdB3JcRIGlzye3
Requested by: Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:21 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 432891647C80484CAABC4D48E96B9C5B Ref B: FRAEDGE1320 Ref C: 2023-12-26T00:58:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNXy3LZnRGEN7tBrB97Q==

Redirect headers

date: Tue, 26 Dec 2023 00:58:21 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1EB16471398140BE860018EAF01CB48F Ref B: FRAEDGE1318 Ref C: 2023-12-26T00:58:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1703552300526&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&cookiesTest=true&liSync=true&e_ipv6=AQKEcH6IO4UHuQAAAYyjoTlVwazE1l9g3Yt6ohVybq_xzARmCCBma1qJaXqdB3JcRIGlzye3
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNXy3H3MD1NhwUmJr4MQ==

GET
H2 204 27026028.js Show response
bat.bing.com/p/action/ 0
117 B 63ms
63ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27026028.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 26 Dec 2023 00:58:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF1B38E5E97041AD9779A5A0B36C87FA Ref B: FRA31EDGE0110 Ref C: 2023-12-26T00:58:20Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 146ms
146ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27026028&tm=gtm002&Ver=2&mid=ffeaff2a-4d68-42d1-910a-62decee8fd92&sid=dccd54f0a38911ee859f2de008ad2644&vid=dccd60a0a38911ee878b4554b3564baa&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Float&p=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&r=&lt=1355&evt=pageLoad&sv=1&rn=999950

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Dec 2023 00:58:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 554A376BDA5A4EC99E5A4EC69C9EDA98 Ref B: FRA31EDGE0110 Ref C: 2023-12-26T00:58:20Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
341 B 141ms
47ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-163128166-1&cid=58235220.1703552300&jid=979811394&gjid=1327566157&_gid=1112142210.1703552301&_u=YADAAEAAAAAAACAAI~&z=136376571

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 26 Dec 2023 00:58:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flt.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 124ms
39ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1703552300569&id=t2_gw5muiekh&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=fa75dc00-6df3-43df-bb21-8c500001a8ad&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_3549b422&dpm=&dpcc=&dprc=
Requested by: Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
431 B 164ms
148ms XHR
application/json 2606:4700::6811:5a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=6317545&utk=

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5a9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c354bab070dc9b56e5564b532a8612d7c0e7e5de67b8228f0489dc8ce7becb8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d053e817-789d-45b9-ac7a-cd43693684f3
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d053e817-789d-45b9-ac7a-cd43693684f3
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://flt.cards
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-qqq7r
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 83b55ff74d1c9a41-FRA

GET
H2 200 container.0250d604adc0cfee96d042ad982b733f04892869.css
fast.appcues.com/generic/main/4.60.62/ 16 KB
2 KB 57ms
57ms Stylesheet
text/css 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.60.62/container.0250d604adc0cfee96d042ad982b733f04892869.css
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.60.62/appcues.main.0250d604adc0cfee96d042ad982b733f04892869.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

Request headers

Referer: https://flt.cards/
Origin: https://flt.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 35V7WHCD7RJH1RY9
age: 369685
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1992
x-amz-id-2: NUittLwQ0U6APypfFkueudWP1pcVqWB56OhRyZ3Ae6CLS8Q8RFXmzzsrSWJRF6xakMhaQcchwLg6r3a39nFkFw==
x-served-by: cache-sof1510024-SOF
last-modified: Thu, 21 Dec 2023 18:07:13 GMT
server: AmazonS3
x-timer: S1703552301.748303,VS0,VE0
etag: "5be05ce494e7cac41d062a0b12a1657c"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css; charset=utf-8;
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 13366

POST
H2 200 pube9a70ecba28e048e3a2d538f705e6cbc
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 540ms
285ms Ping
application/json 2600:1f18:24e6:b900:74c8:903a:1012:412b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pube9a70ecba28e048e3a2d538f705e6cbc?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aproduction%2Cservice%3Afrontend&batch_time=1703552300738
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:74c8:903a:1012:412b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 254 B
1 KB 248ms
154ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=6317545

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de67122ae2ee28ab2395435671d027147af7400801eb83c057040c01682fc5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 22f4032b-ce3e-48a6-ae0f-ea4cc5d43af4
content-encoding: br
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 22f4032b-ce3e-48a6-ae0f-ea4cc5d43af4
server: cloudflare
x-trace: 2B94FC0FC5C17983E042C1B01A66411A4E24446747000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://flt.cards
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-57d4fb94bb-z8qzg
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8dQeZf2UEO6lKvZ%2FZkN7wlg476rS38suOZOPl7%2BV4vuMbbrfBvy815FM0FhMI0GeACNMOnDOLxwWAORDzjyNmVmWNgY3%2BDKsIwze1MF1qgOgDDbPMSLZEny%2BvRfGfgDjXKchu5slFHduyEq"}],"group":"cf-nel","max_age":604800}
cf-ray: 83b55ff85e9c65b1-FRA
access-control-allow-headers: *

GET
H2 200 276117734283491 Show response
connect.facebook.net/signals/config/ 116 KB
31 KB 98ms
98ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/276117734283491?v=2.9.138&r=stable&domain=flt.cards

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c36a9b6616f4cd5775c66ca378b9b649eaeb615d45a5ab3df60545654edd17b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Dec 2023 00:58:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: c4gr1Pkg0XWyk5NGAJN/QEFqyG5p6OTCfGlmlkewXimC6HcTZlp2qmcNCVh8i4nZrbFcYsWzGbAH6l/2V8M8eQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
352 B 378ms
117ms XHR
application/json 54.198.187.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDg0NDJ9.nQTOGTLW9HORzH2IX4mmRsb6ut11vNa5nzak6vq7a6s

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.198.187.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-198-187-91.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flt.cards
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 95cc122dfe00770db621941dd49187b8

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 78ms
77ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/j9khmvbu01
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
content-encoding: br
last-modified: Wed, 13 Dec 2023 19:57:52 GMT
etag: W/"0x8DBFC15CAB825ED"
vary: Accept-Encoding
x-azure-ref: 20231226T005820Z-hvzfx5xk5x48d13qz7tq7qdh440000000aeg00000000dy8u
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 16e16076-601e-006f-35c7-302428000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/ 2 KB
1 KB 717ms
637ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/settings
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd612378201073e326cb24fea958d86e0be1368b6dd564180552a8c2b4ce28d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

x-amz-version-id: CWO3vB3gunW0cDsL_NaTTR_PJoKRBU5l
content-encoding: br
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 00:58:22 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 Nov 2023 20:11:56 GMT
server: AmazonS3
etag: W/"41b6d8a650630b1d0e85724aa4b11ecb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: hxHXkh0dRh8MfAS8HH42APgDPTnk4w_gs4TSwAE-VziQtoCvY4fI9A==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 119ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=276117734283491&ev=PageView&dl=https%3A%2F%2Fflt.cards&rl=&if=false&ts=1703552300868&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1703552300867.279743835&pm=1&hrl=d54cc2&ler=empty&it=1703552300750&coo=false&cs_cc=1&cas=4856347901159417%2C4986333924788399%2C5392406534121330%2C5592993027393962&rqm=GET

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Dec 2023 00:58:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
289 B 392ms
127ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://flt.cards
Date: Tue, 26 Dec 2023 00:58:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-410007659

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2671cf2813d7b8bbf481125c4f0158012e7285e08becc32173df2b62483dae84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74059
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Dec 2023 00:58:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-410007659&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9d35670ec512c2770440d3ba07bff4fcb8344062fe85a1326b30d39f67e8729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74052
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Dec 2023 00:58:21 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
15 KB 39ms
39ms Script
application/javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 13:09:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=18101
accept-ranges: bytes
content-length: 15541

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
326 B 138ms
138ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Dec 2023 00:58:20 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0305012AD9E34DFFB45F36CE277BC2D3 Ref B: FRAEDGE1318 Ref C: 2023-12-26T00:58:21Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://flt.cards
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYNXy3Dfqwyy+lDs3pjGw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/410007659/ 3 KB
2 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/410007659/?random=1703552301179&cv=11&fst=1703552301179&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&hn=www.googleadservices.com&frm=0&tiba=Float&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1438876782.1703552300&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-410007659

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

746e19e1702278843a3d1a6c98e4f209ea4afcf544701d36674a52dc9580e54b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1256
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
458 B 119ms
119ms XHR
application/json 54.198.187.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.198.187.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-198-187-91.compute-1.amazonaws.com

Software

Resource Hash

b5983e33cfc7fe3be24f6ca1ea8f0d6e19d1850f2c913d18186df72383337769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flt.cards
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 50824d2cdaac0522451099197a72f9ec

POST
H2 200 pube9a70ecba28e048e3a2d538f705e6cbc
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 146ms
146ms Ping
application/json 2600:1f18:24e6:b900:74c8:903a:1012:412b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pube9a70ecba28e048e3a2d538f705e6cbc?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aproduction%2Cservice%3Afrontend&batch_time=1703552301186
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:74c8:903a:1012:412b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 /
www.google.com/pagead/1p-user-list/410007659/ 42 B
108 B 71ms
70ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/410007659/?random=1703552301179&cv=11&fst=1703548800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&frm=0&tiba=Float&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_i6b-JG3HFr7ZxUm7OmpJo6-2XZ_tQT6LBNeXwCEjBNtVXFVi&random=3578607507&rmt_tld=0&ipr=y

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/410007659/ 42 B
108 B 51ms
50ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/410007659/?random=1703552301179&cv=11&fst=1703548800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&frm=0&tiba=Float&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_i6b-JG3HFr7ZxUm7OmpJo6-2XZ_tQT6LBNeXwCEjBNtVXFVi&random=3578607507&rmt_tld=1&ipr=y

Requested by

Host: flt.cards
URL: https://flt.cards/t/dyqjznstqj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs-destination.bundle.13362ca512563a10e34d.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 41ms
40ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id: p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding: br
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3470994
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Nov 2023 20:12:01 GMT
server: AmazonS3
etag: W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: -689t061S8XdREouINX-RwpKyFVzUxAU1MolOmaRDloqdOtDWKwHbA==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 40ms
39ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:42:23 GMT
x-amz-version-id: ImHr9JVwNOQx3sB3unWxqI5ddwoeSEnO
content-encoding: br
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1757759
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 01 Dec 2023 20:22:01 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: rlxUxDGxQ2MdlQAorY1lYflxQH6gIMwyF1PUZY74wcvdLtwEW2fC4A==

GET
H2 200 c0f9a3573f52c6ea231c.js Show response
cdn.segment.com/next-integrations/actions/fullstory/ 180 KB
56 KB 47ms
47ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/fullstory/c0f9a3573f52c6ea231c.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77b98e585b418bba157acd3d391662230b0397b6582cbc84ca9163716b04cccb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Kj.Bo0niV_kh3QChEepjNr0yz_Gq4NoX
content-encoding: gzip
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
date: Mon, 25 Dec 2023 21:48:30 GMT
x-amz-cf-pop: FRA6-C1
age: 11398
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Dec 2023 18:51:00 GMT
server: AmazonS3
etag: W/"f3b03763802813c3f92bcb6f24c26c53"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: gAGZfhxWkf1wGRs7GR3KXIry6x9Wch0yu_1x74knVntqPvOrhxuj2Q==

GET
H2 200 b0eab045596385f932c0.js Show response
cdn.segment.com/next-integrations/actions/962/ 23 KB
8 KB 60ms
60ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/962/b0eab045596385f932c0.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/c0f9a3573f52c6ea231c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 659bf6fd03ae6ef2baabe1ec8bb4073f9834ea694254bc78f8839589a4eeb285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 06:39:04 GMT
x-amz-version-id: zk9rxxlqKCjHbsFrMYTC7R6tXRM31okT
content-encoding: br
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 65958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Dec 2023 18:50:59 GMT
server: AmazonS3
etag: W/"566a0711c9f794ab81f9adf75b9544ce"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: ipxAYPbsYxO2U7iHv8MsQmvhMT8HbwyQyZHyjfEt2bvCTTZakf-y8g==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 248 KB
69 KB 126ms
40ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/c0f9a3573f52c6ea231c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cd138cb8d1483ae8b41c3516e2001b12ac70368c411c9a6a5727d42f7162ab30

Request headers

Referer: https://flt.cards/
Origin: https://flt.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:07:32 GMT
content-encoding: br
age: 3049
x-guploader-uploadid: ABPtcPpENDWGCXdsyZ_TBAib0HW2muxYEzAJ6rVHWbxqQOrVySY7FmsQCzI7_Fta02EYpiJmOfArMjL3eQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69593
last-modified: Tue, 12 Dec 2023 16:27:20 GMT
server: UploadServer
etag: "20e8f197ce31d0a16939988b0de6f7d0"
vary: Accept-Encoding
x-goog-generation: 1702398440850044
x-goog-hash: crc32c=bnuCPg==, md5=IOjxl84x0KFpOZiLDeb30A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69593
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 26 Dec 2023 01:07:32 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
169 B 633ms
207ms Fetch
application/json 35.163.144.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-163-144-222.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flt.cards
date: Tue, 26 Dec 2023 00:58:22 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 404 dyqjznstqj Show response
api.tryjournal.com/api/v1/transactions/spender-categorization/ 152 B
407 B 151ms
151ms Fetch
application/json 18.116.213.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tryjournal.com/api/v1/transactions/spender-categorization/dyqjznstqj

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.116.213.43 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-116-213-43.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
vary: Origin
allow: GET, PUT, PATCH, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1RT3C8-na1/v1/ 12 KB
2 KB 143ms
143ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1RT3C8-na1/v1/web
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0d70c03e4f98b18f7529733f60c5a6f81541783e6a0b61e1db7dd13f7e85ab0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:22 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPr5rKs8JFxO9pJb0cQKVYChdfSu3iF0v7AkmCk4HWBR1incah543YiEfCJthzbLUT9rGAvt5Ayo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1948
last-modified: Thu, 23 Nov 2023 05:14:56 GMT
server: UploadServer
etag: "219f61997442d0f309bf87907283b8f2"
x-goog-generation: 1700716496792367
x-goog-hash: crc32c=IjNRUg==, md5=IZ9hmXRC0PMJv4eQcoO48g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1948
accept-ranges: bytes
content-type: application/json
expires: Tue, 26 Dec 2023 01:13:22 GMT

GET
H3 200 1940817879400549 Show response
connect.facebook.net/signals/config/ 117 KB
31 KB 95ms
95ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1940817879400549?v=2.9.138&r=stable&domain=flt.cards

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

697cf33de36b3e6a6222d48847a6d2fbd684ff9415def9c4569c175218700ad4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Dec 2023 00:58:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: /2XqygIQe/aWqVi+s9HUyqGXNhvdaoi3wdQX4A86AgV9aHjQZ7xK8pn9iDcY33BMHURiCROrQ4geR8H1L6aRfQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 268ms
171ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=114909860&v=1.1&a=6317545&pu=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&t=Float&cts=1703552302072&vi=42b7040ecd47257c9443d5c56ac08e0e&nc=true&u=133920017.42b7040ecd47257c9443d5c56ac08e0e.1703552302069.1703552302069.1703552302069.1&b=133920017.1.1703552302070&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b3bc586c-bcc7-4db8-a868-b3b3f8c2994c
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 13
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b3bc586c-bcc7-4db8-a868-b3b3f8c2994c
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmmk6iiXtV%2Fba9xVbMs6Xhc583oaGs86BVNZmr7eDzKvUKr5ZCi2dmLV23HyBdFczMnPoSaD0GV8gp5NNWHFd8Kfs4TLEHFppvzhQA1c8RbdCBkHRP%2BqnqeCRG8hb%2B%2FYgdbY%2FxVs7F6WrBGFRXCW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7484b4bf59-kms4s
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 83b56000ab3e918f-FRA
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ED9C7A7F6C4A4350B8A29C676AA527B9&RedC=c.clarity.ms&MXFR=37D77B297307628B33A868DA77076C3F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ED9C7A7F6C4A4350B8A29C676AA527B9&MUID=3491DF25156A6FB60B01CCD614C66E46

42 B
441 B

58ms
58ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ED9C7A7F6C4A4350B8A29C676AA527B9&MUID=3491DF25156A6FB60B01CCD614C66E46
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:21 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 42B721BE1DA542EBBAE489AB665D734C Ref B: FRA31EDGE0110 Ref C: 2023-12-26T00:58:22Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ED9C7A7F6C4A4350B8A29C676AA527B9&MUID=3491DF25156A6FB60B01CCD614C66E46
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 39ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1940817879400549&ev=PageView&dl=https%3A%2F%2Fflt.cards&rl=&if=false&ts=1703552302212&sw=1600&sh=1200&ud[external_id]=42b7040ecd47257c9443d5c56ac08e0e&v=2.9.138&r=stable&a=hubspot&ec=0&o=4124&fbp=fb.1.1703552300867.279743835&pm=1&hrl=cc7731&ler=empty&it=1703552300750&coo=false&cs_cc=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Dec 2023 00:58:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 202 page Show response
rs.fullstory.com/rec/ 73 B
266 B 246ms
155ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

6f2698f98407f1a9956464e98035700bfa6041e3d7a63d8022f983b69321f090

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 00:58:22 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://flt.cards
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
289 B 125ms
125ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://flt.cards
Date: Tue, 26 Dec 2023 00:58:23 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 404 dyqjznstqj Show response
api.tryjournal.com/api/v1/transactions/spender-categorization/ 152 B
407 B 156ms
156ms Fetch
application/json 18.116.213.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tryjournal.com/api/v1/transactions/spender-categorization/dyqjznstqj

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.116.213.43 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-116-213-43.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
vary: Origin
allow: GET, PUT, PATCH, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 46ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1GFXRP385B&gtm=45je3bt0v871302425&_p=1703552299409&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=58235220.1703552300&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703552300&sct=1&seg=0&dl=https%3A%2F%2Fflt.cards%2Ft%2Fdyqjznstqj&dt=Float&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6392
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1GFXRP385B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 00:58:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flt.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pube9a70ecba28e048e3a2d538f705e6cbc
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 290ms
290ms Ping
application/json 2600:1f18:24e6:b900:74c8:903a:1012:412b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pube9a70ecba28e048e3a2d538f705e6cbc?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aproduction%2Cservice%3Afrontend&batch_time=1703552305540
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:74c8:903a:1012:412b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 404 dyqjznstqj Show response
api.tryjournal.com/api/v1/transactions/spender-categorization/ 152 B
407 B 154ms
154ms Fetch
application/json 18.116.213.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tryjournal.com/api/v1/transactions/spender-categorization/dyqjznstqj

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-9d2b2ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.116.213.43 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-116-213-43.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:58:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
vary: Origin
allow: GET, PUT, PATCH, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.flt.cards/	1970-01-20 19:22:08	Name: _gcl_au Value: 1.1.1438876782.1703552300
flt.cards/	1970-01-20 17:12:33	Name: _dd_s Value: rum=1&id=9121f540-1541-4c74-9ac6-b21183bdc37f&created=1703552300419&expire=1703553200419
.flt.cards/	1970-01-21 02:48:32	Name: _ga_1GFXRP385B Value: GS1.1.1703552300.1.0.1703552300.0.0.0
.flt.cards/	1970-01-21 02:48:32	Name: _ga Value: GA1.2.58235220.1703552300
.flt.cards/	1970-01-20 17:13:58	Name: _gid Value: GA1.2.1112142210.1703552301
.flt.cards/	1970-01-20 17:12:32	Name: _gat_UA-163128166-1 Value: 1
.flt.cards/	1970-01-20 17:13:58	Name: _uetsid Value: dccd54f0a38911ee859f2de008ad2644
.flt.cards/	1970-01-21 02:34:08	Name: _uetvid Value: dccd60a0a38911ee878b4554b3564baa
.flt.cards/	1970-01-20 19:22:08	Name: _rdt_uuid Value: 1703552300569.fa75dc00-6df3-43df-bb21-8c500001a8ad
.bing.com/	1970-01-21 02:34:08	Name: MUID Value: 3491DF25156A6FB60B01CCD614C66E46
www.clarity.ms/	1970-01-21 01:58:08	Name: CLID Value: 484298e791a843198964a2bb3019d35f.20231226.20241225
.flt.cards/	1970-01-21 01:58:08	Name: _clck Value: 16jjbrw%7C2%7Cfhv%7C0%7C1455
.flt.cards/	1970-01-20 19:22:08	Name: _fbp Value: fb.1.1703552300867.279743835
.ws.zoominfo.com/	1970-01-21 01:58:08	Name: visitorId Value: ac463f3314d124cc9d49faaa4936c39bc3970dcafd4354a8e92a601db192678c
.zoominfo.com/	1970-01-20 17:12:34	Name: __cf_bm Value: phu.X6RvTeg_N9CAe8PTQi5yjomBjyzzBXM8Z1mlTm0-1703552300-1-ATcaViz+X+qnpBc5ZXgN45a99V27Dsi5EMC84J/X+jZXC7QPSDONomrAvlzKiLi8+xxEA+HLLMBELwlliGiSbwU=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: EZLn6WA4iZNMKbDny2EE7u36VdbVtnIiz1EPOHYEN4s-1703552300955-0-604800000
.linkedin.com/	1970-01-20 19:22:08	Name: li_sugr Value: 85e46001-5b13-4fd3-89ae-af4e32aa52cb
.linkedin.com/	1970-01-21 01:58:08	Name: bcookie Value: "v=2&933ac159-d544-4b48-8bcc-6fcc004cb25f"
.linkedin.com/	1970-01-20 17:13:58	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3194:u=1:x=1:i=1703552300:t=1703638700:v=2:sig=AQFb9k6JA_1Ot4hLnHsMju-M8-YbOUEn"
.linkedin.com/	1970-01-20 17:55:44	Name: UserMatchHistory Value: AQIv9WWungvuUgAAAYyjoTgPYratP7Y65Ph_YQlNXfgSJmQC81DFdLBkDRmx9vRQ8O3_L4312CBD_Q
.linkedin.com/	1970-01-20 17:55:44	Name: AnalyticsSyncHistory Value: AQKfSCGMprmzyAAAAYyjoTgPWIBcI2SP8PhWkwW1StgFawoyKx-fa94TgJAIcU6MD8DK95x8Db3yed2x3pUIMg
.linkedin.com/	1970-01-20 21:31:44	Name: li_gc Value: MTswOzE3MDM1NTIzMDE7MjswMjErkdQZynbW3h1XhMQuiGurYuhZSbpM1X2H4/eIwQSiOQ==
flt.cards/	1970-01-20 17:22:37	Name: slireg Value: https://scout.us4.salesloft.com
.doubleclick.net/	1970-01-21 02:34:08	Name: IDE Value: AHWqTUm2MOETBIrOVl8m_I8sAU3TQ77Ks501y-s29qvPJX8p090L1lDmQH2S8Cyl
flt.cards/	1970-01-21 01:58:08	Name: sliguid Value: 30dc60ce-46ea-4860-84dc-9647e10b511b
flt.cards/	1970-01-21 01:58:08	Name: slirequested Value: true
.www.linkedin.com/	1970-01-21 01:58:08	Name: bscookie Value: "v=1&202312260058216cc7ddeb-eb25-4e36-8dec-b1dda0438372AQHoEnLNOCl4WApS3RO2VskH8Bu-EIT2"
.flt.cards/	1970-01-20 17:13:58	Name: _clsk Value: xeuto8%7C1703552301347%7C1%7C1%7Ck.clarity.ms%2Fcollect
.flt.cards/	1970-01-21 01:58:08	Name: ajs_anonymous_id Value: 4939a56a-a75f-406a-8dcb-dd7bb3571c7a
flt.cards/	1970-01-20 21:31:44	Name: __hstc Value: 133920017.42b7040ecd47257c9443d5c56ac08e0e.1703552302069.1703552302069.1703552302069.1
flt.cards/	1970-01-20 21:31:44	Name: hubspotutk Value: 42b7040ecd47257c9443d5c56ac08e0e
flt.cards/	1969-12-31 23:59:59	Name: __hssrc Value: 1
flt.cards/	1970-01-20 17:12:34	Name: __hssc Value: 133920017.1.1703552302070
.c.bing.com/	1970-01-20 17:22:37	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:34:08	Name: SRM_B Value: 3491DF25156A6FB60B01CCD614C66E46
.hubspot.com/	1970-01-20 17:12:34	Name: __cf_bm Value: T5Is1Rf5U8sjtsQ_NiZswjSfvCGMqaF.nX5LRNQKye8-1703552302-1-AcMfc1f8HdmX9aGRkJmv9jaL/SiYRl6STCLD0g3mPXxr9MxGQcyI/vtxSEPPisSTtSU4JtMwwx5tp0ZKM7zU2RY=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ev73V0mGWWdfKMes9BkYtBN9vTQbwWMbeqkDzudoMO0-1703552302321-0-604800000
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:34:08	Name: MUID Value: 3491DF25156A6FB60B01CCD614C66E46
.c.clarity.ms/	1970-01-20 17:22:37	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:12:32	Name: ANONCHK Value: 0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.tryjournal.com/api/v1/transactions/spender-categorization/dyqjznstqj Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.tryjournal.com/api/v1/transactions/spender-categorization/dyqjznstqj Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://connect.facebook.net/signals/config/1940817879400549?v=2.9.138&r=stable&domain=flt.cards(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://api.tryjournal.com/api/v1/transactions/spender-categorization/dyqjznstqj Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.tryjournal.com/api/v1/transactions/spender-categorization/dyqjznstqj Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
api.hubapi.com
api.segment.io
api.tryjournal.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.segment.com
connect.facebook.net
edge.fullstory.com
fast.appcues.com
flt.cards
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
googleads.g.doubleclick.net
grow.clearbitjs.com
js.chilipiper.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
k.clarity.ms
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
rs.fullstory.com
rum-http-intake.logs.datadoghq.com
scout-cdn.salesloft.com
scout.salesloft.com
sessions.bugsnag.com
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
13.107.42.14
151.101.1.140
18.116.213.43
20.96.88.162
2001:4860:4802:32::36
216.24.57.253
2600:1901:0:7a0b::
2600:1f18:24e6:b900:74c8:903a:1012:412b
2606:4700:4400::6812:22e5
2606:4700::6810:4dba
2606:4700::6810:890f
2606:4700::6810:8ace
2606:4700::6810:bf59
2606:4700::6811:129
2606:4700::6811:5a9a
2606:4700::6811:cbcc
2606:4700::6811:e6a3
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:808::200a
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:148d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42:600::622
34.111.73.67
35.163.144.222
35.186.194.58
35.201.112.186
54.198.187.91
68.219.88.97
76.76.21.21
99.86.8.175
0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0
0b6fbcde5cb72592ed0b4c7a6250971815aba4bf5816d16d3f96bbbab48a605d
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d70c03e4f98b18f7529733f60c5a6f81541783e6a0b61e1db7dd13f7e85ab0d
0e40791ea380c665b0eefb02743280e168079ecc620b52fac279047f2386fe1c
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13b3374fed25f3c43f0a291fef146d5d9fb510103ee03d70c695ba41b3d395eb
147ae7c5e2d010e8946f3bd50ae9b5167e6b4cfa69e7192226d042afb919eb75
22c941eed066887c4b83cc021af0cbfa2de29c3f39a826fbd5bc968a0e13ada6
2671cf2813d7b8bbf481125c4f0158012e7285e08becc32173df2b62483dae84
39657f7f198608406cab1de96720a22549e6b6d918db8dfdd0f5ef9ab84ef17c
3a23aff48c8acf06d35a85e156559896893f92edeeb4549abd3a0c177a0a39f1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
44418ef323a21c14963cf2374e408310a5a90af40ab3aea7f84142abde82d136
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4c36a9b6616f4cd5775c66ca378b9b649eaeb615d45a5ab3df60545654edd17b
58763412c3a28933886d961ee282e33be311ebb239509e94b7de687316937d5d
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
659bf6fd03ae6ef2baabe1ec8bb4073f9834ea694254bc78f8839589a4eeb285
697cf33de36b3e6a6222d48847a6d2fbd684ff9415def9c4569c175218700ad4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4bdad53042e2bd6e5a231bfcd66d19dc33f507edc2b847ff3c58aca74ff138
6f2698f98407f1a9956464e98035700bfa6041e3d7a63d8022f983b69321f090
72e8aa11120d22eddafdee660ecc72d141bff2ab7c42c04bbf50399b83e1645c
746e19e1702278843a3d1a6c98e4f209ea4afcf544701d36674a52dc9580e54b
77b98e585b418bba157acd3d391662230b0397b6582cbc84ca9163716b04cccb
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
809ceebb4abb2cfc5c2ba04ce16f5cb4ad10fb3911a2b91c4f2362781decb4d8
8a6dd414017a4df3a7f73021464545f9bf409ff6946fa79fea460420e619c57e
8ca13ee4e5783e5c77ad00dbbb4489e433a4f95b15dd4f6f63a15cb345e292a9
8e8588b14a72e9b533523a3ad277209c3a02179efb0c37a59aa90e2befa2cebb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a57d74ed2e491c7afe6bf2d7ba8fc4efd5bf64f16f376fa89d33fca08bc66e05
a872bd399e25068e20cfedcf431503be8a0d09772ba2b4894d9b2839223477ad
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
b5983e33cfc7fe3be24f6ca1ea8f0d6e19d1850f2c913d18186df72383337769
b5dd3ea3d5b8e086967e631b00bef489b1c22c03484e9d11855d6a97bad4f520
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79
bc2e1c7db0ffa63e5333bc3771c96bf5c5d704332d79dfcfbff8bc16187b1abf
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
c354bab070dc9b56e5564b532a8612d7c0e7e5de67b8228f0489dc8ce7becb8a
c6134e6ac14d17d2359f910de71889d3e82743aef08773c93901a12acf72f393
c842e03d6632624b86423015bdcff26918a61a8840b72e5e9a0def327f66799f
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd138cb8d1483ae8b41c3516e2001b12ac70368c411c9a6a5727d42f7162ab30
d362b9bc1dda88d1f998167f80ed926b2556af31d08eaee2be914bca13974b53
d9d35670ec512c2770440d3ba07bff4fcb8344062fe85a1326b30d39f67e8729
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd612378201073e326cb24fea958d86e0be1368b6dd564180552a8c2b4ce28d3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de67122ae2ee28ab2395435671d027147af7400801eb83c057040c01682fc5ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e931770e16305c12aae6d4fae4d9771e9a6c02e81e48903feef45d0f69df7ccd
eeec46530340c420257c12e2e5725b5d34f54ab34fb1936b4ec6abe884c273f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6

flt.cards Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

96 %HTTPS

69 %IPv6

35 Domains

45 Subdomains

43 IPs

5 Countries

2502 kBTransfer

8492 kBSize

41 Cookies

0 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flt.cards Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

96 %
HTTPS

69 %
IPv6

35
Domains

45
Subdomains

43
IPs

5
Countries

2502 kB
Transfer

8492 kB
Size

41
Cookies

80 HTTP transactions
0 data transactions