flt.cards Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://flt.cards/t/drolgtpwst
Submission: On August 19 via api (August 19th 2023, 12:35:13 pm UTC) from LU — Scanned from DE

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 3 countries across 32 domains to perform 64 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is flt.cards.
TLS certificate: Issued by R3 on July 5th 2023. Valid for: 3 months.

This is the only time flt.cards was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:883b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	108.157.5.209 108.157.5.209	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:6cc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:77be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
3	3.141.224.235 3.141.224.235	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:b941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.111.73.67 34.111.73.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	216.24.57.3 216.24.57.3	397273 (RENDER) (RENDER)
1	2606:4700::68... 2606:4700::6811:4341	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:231... 2600:9000:2315:b800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:24e... 2600:1f18:24e6:b902:da90:c926:b7af:a971	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	52.54.183.124 52.54.183.124	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	36

3 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

flt.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:883b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.157.5.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-5-209.dus51.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6cc7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:77be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.141.224.235 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-224-235.us-east-2.compute.amazonaws.com

api.tryjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:b941 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.73.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.73.111.34.bc.googleusercontent.com

js.chilipiper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.24.57.3 (United States)

ASN397273 (RENDER, US)

grow.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4341 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2315:b800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b902:da90:c926:b7af:a971 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.183.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-183-124.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 421 www.linkedin.com — Cisco Umbrella Rank: 686 px4.ads.linkedin.com — Cisco Umbrella Rank: 6363	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62 region1.google-analytics.com — Cisco Umbrella Rank: 2102	21 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1907	34 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	313 KB
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 11275 scout.salesloft.com — Cisco Umbrella Rank: 13717	4 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	96 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 412	13 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 122	4 KB
3	tryjournal.com api.tryjournal.com	1 KB
3	appcues.com fast.appcues.com — Cisco Umbrella Rank: 7045	132 KB
3	flt.cards flt.cards	1 MB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	239 B
2	google.de www.google.de — Cisco Umbrella Rank: 5345	563 B
2	google.com www.google.com — Cisco Umbrella Rank: 3	563 B
2	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 7414
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1154	738 B
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 1139	140 B
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5564 forms.hscollectedforms.net — Cisco Umbrella Rank: 5675	26 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2912	2 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2767	1 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1702	637 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 4058	1 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5220	2 KB
1	clearbitjs.com grow.clearbitjs.com — Cisco Umbrella Rank: 39251	335 B
1	chilipiper.com js.chilipiper.com — Cisco Umbrella Rank: 19066	22 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 8001	165 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1500	8 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1072	5 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3832	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2654	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2657	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	1 KB
64	32

	Domain	Requested by
4	cdn.segment.com	flt.cards cdn.segment.com
4	www.googletagmanager.com	flt.cards www.googletagmanager.com js.hsadspixel.net
3	px.ads.linkedin.com	3 redirects
3	connect.facebook.net	flt.cards connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com flt.cards
3	api.tryjournal.com	flt.cards
3	fast.appcues.com	flt.cards fast.appcues.com
3	flt.cards	flt.cards
2	www.facebook.com	flt.cards
2	scout.salesloft.com	flt.cards
2	www.google.de	flt.cards
2	www.google.com	flt.cards
2	rum-http-intake.logs.datadoghq.com	flt.cards
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.linkedin.oribi.io	flt.cards
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com flt.cards
2	sessions.bugsnag.com	flt.cards
2	js.hs-scripts.com	flt.cards www.googletagmanager.com
1	track.hubspot.com
1	alb.reddit.com	flt.cards
1	stats.g.doubleclick.net	flt.cards
1	px4.ads.linkedin.com	flt.cards
1	www.linkedin.com	1 redirects
1	api.hubapi.com	flt.cards
1	forms.hscollectedforms.net	flt.cards
1	ws.zoominfo.com	flt.cards
1	scout-cdn.salesloft.com	flt.cards
1	grow.clearbitjs.com	flt.cards
1	js.chilipiper.com	www.googletagmanager.com
1	js.hsforms.net	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	fonts.googleapis.com	flt.cards
64	38

This site contains no links.

Subject Issuer	Validity	Valid
flt.cards R3	`2023-07-05` - `2023-10-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-05` - `2024-09-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
*.tryjournal.com Amazon RSA 2048 M01	`2023-03-21` - `2024-04-18`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
chilipiper.com GoGetSSL RSA DV CA	`2023-01-31` - `2024-03-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-28` - `2023-08-26`	3 months	crt.sh
grow.clearbitjs.com R3	`2023-07-27` - `2023-10-25`	3 months	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-18`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://flt.cards/t/drolgtpwst
Frame ID: 98CF4109881637DFC326A0124F8E46C6
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Float

Detected technologies

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Chili Piper (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

js\.chilipiper\.com/marketing\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

64
Requests

97 %
HTTPS

78 %
IPv6

32
Domains

38
Subdomains

36
IPs

3
Countries

2168 kB
Transfer

7486 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1692448506147&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1692448506147&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2818138%26time%3D1692448506147%26url%3Dhttps%253A%252F%252Fflt.cards%252Ft%252Fdrolgtpwst%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1692448506147&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1692448506147&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&cookiesTest=true&liSync=true&e_ipv6=AQKJKCzIAfi11gAAAYoNysNt_FPSf1QdE_bV5bDc7SUXlpA3h5vtFnio34qBEw7UXg

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request drolgtpwst Show response
flt.cards/t/ 4 KB
2 KB 102ms
15ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

224872317fb121183efc519190d561c8af298d03cb85d9fc15b14667ce9d5431

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 37741
cache-control: s-maxage=0
content-disposition: inline; filename="index.html"
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 19 Aug 2023 12:35:05 GMT
etag: W/"17817a7c4785a0634fed051c39048c7d"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: fra1::qfsk4-1692448505184-dde067f20ad1

GET
H2 200 6317545.js Show response
js.hs-scripts.com/ 2 KB
1 KB 152ms
127ms Script
application/javascript 2606:4700::6812:883b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/6317545.js

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:883b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66fef518760a5f45dfb33dd7cbb1b0c375e567f5315f0d7d0ab80e750854375b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2eb5fbe2-23fc-44bc-8716-25bd4a2d1f11
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2eb5fbe2-23fc-44bc-8716-25bd4a2d1f11
last-modified: Sat, 19 Aug 2023 12:35:05 GMT
server: cloudflare
x-trace: 2BD8991CFFA603A3742B6B1605FE5DCA85536E8C2C000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://flt.cards
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-kl852
cf-ray: 7f926f35baa90368-FRA
expires: Sat, 19 Aug 2023 12:36:05 GMT

GET
H2 200 146114.js Show response
fast.appcues.com/ 20 KB
5 KB 265ms
184ms Script
text/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/146114.js
Requested by: Host: flt.cards
URL: https://flt.cards/t/drolgtpwst
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e9bde4b298e97e3eebfbabcbe2fe0ee10a05e4d9d1c2cad0cf7f32e82ea21f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:05 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 4830
x-request-id: F3zI8tw3vM3xZK_vEX4D
x-served-by: cache-fra-etou8220105-FRA
server: Cowboy
x-timer: S1692448505.301151,VS0,VE171
vary: accept-encoding, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 0

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 47ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d11f6ac62c5e0e2c0955a79615e06f561c5622f4d4598b3e7b853055c7b5643e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Aug 2023 12:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 12:28:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Aug 2023 12:35:05 GMT

GET
H2 200 index-25cd2eb4.js Show response
flt.cards/assets/ 4 MB
1 MB 15ms
13ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flt.cards/assets/index-25cd2eb4.js

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

46f881ca3a9f65f009f26f816460555ba9c79367af70ff1b9d0ed9449726d9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://flt.cards/t/drolgtpwst
Origin: https://flt.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::mjqv6-1692448505216-3010b189a21c
age: 40925
etag: W/"3e0dd5ae02ba992479e621fda2a846eb"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="index-25cd2eb4.js"

GET
H2 200 index-a3d081f8.css
flt.cards/assets/ 495 KB
70 KB 14ms
12ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flt.cards/assets/index-a3d081f8.css

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a3d081f8906755c3d8a8c5b7fc2643ab5348ad52473b09e96ce9eb96a1b8e5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/t/drolgtpwst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::8bnwf-1692448505215-c64b0cccbf9e
age: 40926
etag: W/"28ca41c3a51190f3a1b470064834800f"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="index-a3d081f8.css"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
89 KB 98ms
40ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b1cc400a30af9fdf86d94e6b460965c8073a46d0d172b542f35fac66696c5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90915
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 19 Aug 2023 12:35:05 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/ 105 KB
28 KB 695ms
612ms Script
text/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js
Requested by: Host: flt.cards
URL: https://flt.cards/t/drolgtpwst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f712fa2e30770af62cb5d711ccaedffa58b2415c5a78a5e8289e82756e0e0576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

x-amz-version-id: WzW.cMTypVyeFAnJBwtiGrhrXzaDaadT
content-encoding: br
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
date: Sat, 19 Aug 2023 12:35:07 GMT
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Jun 2023 00:56:56 GMT
server: AmazonS3
etag: W/"79e48ee4afd4e3919d1ffb6874ac3096"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: 6EGT_CCk8d91MJ_frWxAECWTM-h8wvjDuWsCRcTi3XWXvFVVyUu1Tg==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 166ms
115ms Script
application/javascript 2606:4700::6811:6cc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6317545.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6cc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flt.cards/
Origin: https://flt.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:05 GMT
x-amz-version-id: EcjZkyUfgxNGQ.xnv1Vqq9Oda2f1T.dE
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: ed3f1e3a-f531-471b-89d7-8eb22483ba5c
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.394/bundles/project.js&cfRay=7f926f379f7c39c7-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ed3f1e3a-f531-471b-89d7-8eb22483ba5c
last-modified: Wed, 09 Aug 2023 09:05:38 UTC
server: cloudflare
etag: W/"6fb5b8aa66d730f2a49b41a9c712ffa7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-2zr9h
cf-ray: 7f926f379f7c39c7-FRA
x-amz-cf-id: lxQyu_SnJJo0XaalsyXv-IK56mPVdr04OOnBf98S5CPp3rxv0fipbQ==
x-hs-target-asset: collected-forms-embed-js/static-1.394/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/6317545/ 65 KB
20 KB 544ms
490ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/6317545/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6317545.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5f53827e4398814ea48d5ed81a327f3cc29d61778e051346e760259796b3af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
x-amz-version-id: SR8hz5B2L2Ck6T7kZFST.k4EGjillmoZ
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: BGY696YNEE3H54EN
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: be91eb8a-e007-4c58-b08f-bdef1c729493
x-envoy-upstream-service-time: 39
x-amz-id-2: AIawHfWxqyxlikXSBkuS0rnyQ1q5yRhEJU5QRBmHw/OVNQgktDCIqzF1STuV4N5UTkciiPADWHzx9+Bu31wbutmv5qFFOiCX
x-evy-trace-listener: listener_https
x-request-id: be91eb8a-e007-4c58-b08f-bdef1c729493
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 31 Jul 2023 22:08:48 GMT
server: cloudflare
etag: W/"32189650eebda464c20df7b4dab0cbe2"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://flt.cards
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-qh8zw
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7f926f37acee90f2-FRA
expires: Sat, 19 Aug 2023 12:40:05 GMT

GET
H2 200 6317545.js Show response
js.hs-analytics.net/analytics/1692448500000/ 66 KB
21 KB 182ms
129ms Script
text/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1692448500000/6317545.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6317545.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ddbacec8412bbee611920e07ee39b7ed8401d672f30c9c8d8933b269535bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:05 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: BGY3WH14SZP0ZCZ1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1570cab8-2053-4b96-9700-eea7893ec361
x-envoy-upstream-service-time: 13
x-amz-id-2: HdzvQr5KLlTbYkiyyZbMcb+F34/820LaN6+RkoumUDwniHRc8orAdzUvNQe+JmoMRprou05jksM=
x-evy-trace-listener: listener_https
x-request-id: 1570cab8-2053-4b96-9700-eea7893ec361
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 14 Aug 2023 15:38:43 GMT
server: cloudflare
etag: W/"f0b3775f0db8c24efb42bfe7f1c29760"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ww4tr
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7f926f3798db363e-FRA
expires: Sat, 19 Aug 2023 12:40:05 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 75ms
19ms Script
application/javascript 2606:4700::6810:77be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6317545.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:77be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a58b231f4bd34d323b5a7da9caf1a2706ecc87ca22a822763b96659043017e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:05 GMT
x-amz-version-id: jPXu6qi.g7uxBjG4s6uCQIhIPiNAy8nk
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 134
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.396/bundles/pixels-release.js&cfRay=7f926bef2d9e6955-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: db53f97a-5a8f-41c1-bc6f-0bcfa3598ba8
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: db53f97a-5a8f-41c1-bc6f-0bcfa3598ba8
last-modified: Mon, 07 Aug 2023 08:57:08 UTC
server: cloudflare
etag: W/"c80164a2fdf0ea90248ff107d11fb350"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-z6gg5
cf-ray: 7f926f37a9019a17-FRA
x-amz-cf-id: QSO0KBVyEtgXhQbfX1jef2aMitucS2B_a_bghJq1vTcQMXYNymKhUg==
x-hs-target-asset: adsscriptloaderstatic/static-1.396/bundles/pixels-release.js

GET
H2 200 appcues.main.d974e555156ca96ca271a26c22832187138e4cbb.js Show response
fast.appcues.com/generic/main/4.60.6/ 439 KB
125 KB 37ms
17ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.60.6/appcues.main.d974e555156ca96ca271a26c22832187138e4cbb.js
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/146114.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bd8c7962d20ec374cbef414616113a0d48c92b3494b623cb609a4e03ad90ab6

Request headers

Referer: https://flt.cards/
Origin: https://flt.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:05 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: DFZ0AKVQFVGK4KCG
age: 234056
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 127223
x-amz-id-2: JzrzEhT6EQru9TVmFr5LmcS4KClkc7hDnCmfgU8vKXddSGhfxTq5EpxaoNObeRCx+8hhQx3saMnF/85qWytc8Q==
x-served-by: cache-fra-etou8220074-FRA
last-modified: Wed, 16 Aug 2023 19:28:45 GMT
server: AmazonS3
x-timer: S1692448506.509069,VS0,VE0
etag: "32c3d38782c62a12de25a45c92bf8cfd"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 14239

GET
H2 200 container.d974e555156ca96ca271a26c22832187138e4cbb.css
fast.appcues.com/generic/main/4.60.6/ 15 KB
2 KB 13ms
12ms Stylesheet
text/css 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.60.6/container.d974e555156ca96ca271a26c22832187138e4cbb.css
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.60.6/appcues.main.d974e555156ca96ca271a26c22832187138e4cbb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de

Request headers

Referer: https://flt.cards/
Origin: https://flt.cards
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:05 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: ETKGW3MAC7VJNAFH
age: 234101
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2027
x-amz-id-2: JclBzNRtRW5KGfgvo2LdlvJe7nl8+vjzSlznXx0+R7BMWUYPksL+Ni4gkwki68Wg7FTMfQnFICCecaEyzTAgKg==
x-served-by: cache-fra-etou8220074-FRA
last-modified: Wed, 16 Aug 2023 19:28:45 GMT
server: AmazonS3
x-timer: S1692448506.679942,VS0,VE0
etag: "040cf4e7e86c4d735fc66db697584fb0"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css; charset=utf-8;
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 13658

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 195ms
149ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://flt.cards
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 19 Aug 2023 12:35:05 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 171ms
167ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://flt.cards/
Bugsnag-Sent-At: 2023-08-19T12:35:05.806Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: d7ef588a4b5694af3e9cee215e30288c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 19 Aug 2023 12:35:06 GMT
via: 1.1 google
bugsnag-session-uuid: 331016d8-dea8-45a2-a996-93a4cb91e842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
BLOB 200
OK 7f3d36af-543a-4c98-9ec9-802b438a2c03
https://flt.cards/ 4 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://flt.cards/7f3d36af-543a-4c98-9ec9-802b438a2c03
Requested by: Host: flt.cards
URL: https://flt.cards/t/drolgtpwst
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14818a6aa61db8fe8d897a7378306fc6366b2d94e6b1d01777aa4c6e311ca538

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

Content-Length: 4218
Content-Type: application/javascript

GET
H2 404 drolgtpwst Show response
api.tryjournal.com/api/v1/transactions/spender-categorization/ 152 B
408 B 362ms
122ms Fetch
application/json 3.141.224.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tryjournal.com/api/v1/transactions/spender-categorization/drolgtpwst

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.141.224.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-141-224-235.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
vary: Origin
allow: GET, PUT, PATCH, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 19 Aug 2023 11:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3043
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 19 Aug 2023 13:44:23 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 59ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=39071
accept-ranges: bytes
content-length: 4862

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/410007659/ 3 KB
2 KB 95ms
61ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/410007659/?random=1692448506076&cv=11&fst=1692448506076&bg=ffffff&guid=ON&async=1&gtm=45He38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&hn=www.googleadservices.com&frm=0&tiba=Float&auid=511127842.1692448506&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00ee967e3414fc98ee94216906cd7d232896a0d799dc448110886305008a3449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 69ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 19 Aug 2023 12:35:05 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A5CE84446A54E12B4CC78874A244C8B Ref B: FRA31EDGE0612 Ref C: 2023-08-19T12:35:06Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 59ms
8ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 6317545.js Show response
js.hs-scripts.com/ 2 KB
634 B 40ms
39ms Script
application/javascript 2606:4700::6812:883b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/6317545.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:883b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53ab852cdce0ea0bff89043edb1134babab5d1622f77b0992ee2b6c7bcfdfd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: 2eb5fbe2-23fc-44bc-8716-25bd4a2d1f11
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2002
age: 1
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2eb5fbe2-23fc-44bc-8716-25bd4a2d1f11
cf-bgj: minify
last-modified: Sat, 19 Aug 2023 12:35:05 GMT
server: cloudflare
x-trace: 2BD8991CFFA603A3742B6B1605FE5DCA85536E8C2C000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://flt.cards
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-kl852
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 7f926f3b0a5b0368-FRA
expires: Sat, 19 Aug 2023 12:36:06 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 526 KB
165 KB 63ms
22ms Script
application/javascript 2606:4700::6810:b941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

250dc46c1691ff969d5ea984b282e46403885ec806ed96ac3ee301db043a1a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

content-encoding: br
age: 526
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3544/bundles/project-v2.js&cfRay=7f926266ac09994e-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"0b631c5c17436fe9a934a378374d7e4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3544/bundles/project-v2.js
date: Sat, 19 Aug 2023 12:35:06 GMT
x-amz-version-id: 2tqrkyXrj45cp.Q0BoEeKReD9HeN0VyM
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 70dc9eba-6eaf-4286-8158-4edde91b8526
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 70dc9eba-6eaf-4286-8158-4edde91b8526
last-modified: Fri, 11 Aug 2023 02:53:20 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCwo0WpEI9Eo4CY6%2FCP%2FUNBKRveeKK0rW%2Fan8BkRehlQfFffISbGof63zTAvk%2FBKqxzHOuHGCh46FYW1Ux%2F8qVHZUxdIdV7RT2yBbFCQ7jyw4gsxrM8ZKJHyUe1pBOaa1jLmLStYJ1P8JoIf"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-fs8rm
cf-ray: 7f926f3b4c706901-FRA
x-amz-cf-id: e_BmYCkTVXPA-v2JhXwk8StB3Zj04pqJgNNqIn38iXDj1KRO6utuug==

GET
H2 200 marketing.js Show response
js.chilipiper.com/ 72 KB
22 KB 53ms
8ms Script
application/javascript 34.111.73.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.chilipiper.com/marketing.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.73.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.73.111.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e9ffe1b49acba74a13ac2cd871f9e3e2a1a633fc65dce4dc22773b32e8280bec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:34:36 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 24 May 2023 09:58:42 GMT
server: Google Frontend
age: 30
etag: W/"646ddfd2-12118"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: 43dcf7e5bda80c61e7e463fa97cf9400
cache-control: public, max-age=0, s-maxage=60, must-revalidate
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22264

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 173 KB
47 KB 48ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 19 Aug 2023 12:35:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: De9k44ngcreWduYFKGBlRncxBecZZK27h4eIruitXvDen1vPsdeR67roJ6+0b/ZrRl936azKI40yg28sjJn3Dw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
grow.clearbitjs.com/api/ 100 B
335 B 561ms
466ms Script
text/javascript 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://grow.clearbitjs.com/api/pixel.js?v=1692448506083

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4bdad53042e2bd6e5a231bfcd66d19dc33f507edc2b847ff3c58aca74ff138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
x-render-origin-server: Render
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 7f926f3b9cc618cb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 136ms
17ms Script
application/javascript 2606:4700::6811:4341
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4341 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: ZBK9GVWNHMM615HE
age: 3975
alt-svc: h3=":443"; ma=86400
x-amz-id-2: QApJjUMe6dPSmzYXiYFc6dOGGKZMkdZ0kUVJbzRIgTVpYxPQx33CSERxtLdkqDuVapIv8BDSyiw=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7f926f3bfe8c1a49-FRA
expires: Sat, 19 Aug 2023 16:35:06 GMT

GET
H2 200 63694f26cd89674cdfa4ca86 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 280ms
187ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/63694f26cd89674cdfa4ca86

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4591bbd200161084102dfdf8f282f18ac3945ad2697d36950b664c25172eca75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/t/drolgtpwst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f926f3bfe0b363f-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
86 KB 38ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1GFXRP385B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d4b5e73e307b79387c1b0b7fac8dbd706e55cd169297e2953327528a84d1f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87753
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 19 Aug 2023 12:35:06 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
451 B 117ms
112ms XHR
application/json 2606:4700::6811:6cc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=6317545&utk=

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6cc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c354bab070dc9b56e5564b532a8612d7c0e7e5de67b8228f0489dc8ce7becb8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 73fe7f11-960e-4f33-824f-b686772dcf6a
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 73fe7f11-960e-4f33-824f-b686772dcf6a
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://flt.cards
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-7475r
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7f926f3b2b6b39c7-FRA

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 254 B
1 KB 166ms
144ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=6317545

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7d8072446e517eb5c383adc2ac27ac9dcbfae3013110f6030ef836c98687a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0447f9da-547f-4609-8032-eabda27df9ae
content-encoding: br
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0447f9da-547f-4609-8032-eabda27df9ae
server: cloudflare
x-trace: 2B960049D63DF683EE6B2889B1D8384720232746C4000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://flt.cards
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-8w2j6
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxsisAIJCK4WKxCbXWA1tOmd58NM8d4oPUCbVdjuLVYwm%2FdtEUH6yi6TN9N9lWGN80JL%2B%2F7sDF2ib1Kuxg452%2BN67QmIPEewIKvF7Cyr7ryR4GyCLQfgdP%2FJug2%2B%2Fv5OSvHdAPR69QLpfq1%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 7f926f3b497f367b-FRA
access-control-allow-headers: *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
204 B 18ms
17ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1457871948&t=pageview&_s=1&dl=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&ul=en-us&de=UTF-8&dt=Float&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1071222071&gjid=2089636906&cid=213044381.1692448506&tid=UA-163128166-1&_gid=2083154963.1692448506&_r=1&_slc=1&gtm=45He38g0n81KXNDS38&z=1775202081

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 12:35:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flt.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2818138/domain/flt.cards/ 36 B
370 B 242ms
161ms XHR
application/json 2600:9000:2315:b800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2818138/domain/flt.cards/token
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: gzip
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=29918
x-amz-cf-id: kSkGEy081wEm5iTsXAcUkoZa3CELNpNX6Ou71R9xiQjpCngtx_jvlg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1692448506147&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1692448506147&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2818138%26time%3D1692448506147%26url%3Dhttps%253A%252F%252Fflt.cards%252Ft%252Fdr...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1692448506147&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1692448506147&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&cookiesTest=true&liSync=true&e_ipv6=AQKJKCzIAfi11gAAAYoNysNt_FPSf1QdE_bV5...

0
266 B

174ms
107ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1692448506147&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&cookiesTest=true&liSync=true&e_ipv6=AQKJKCzIAfi11gAAAYoNysNt_FPSf1QdE_bV5bDc7SUXlpA3h5vtFnio34qBEw7UXg
Requested by: Host: flt.cards
URL: https://flt.cards/t/drolgtpwst
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0E0DFFB863A947A88D10BC562B79E096 Ref B: DUS30EDGE0721 Ref C: 2023-08-19T12:35:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDReAN71c2rApDXJ4OGQ==

Redirect headers

date: Sat, 19 Aug 2023 12:35:06 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 245F36D3B5814D63AD11B507544EC478 Ref B: DUS30EDGE0805 Ref C: 2023-08-19T12:35:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818138&time=1692448506147&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&cookiesTest=true&liSync=true&e_ipv6=AQKJKCzIAfi11gAAAYoNysNt_FPSf1QdE_bV5bDc7SUXlpA3h5vtFnio34qBEw7UXg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDReALR/dvTpz17XvH8A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
341 B 99ms
24ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-163128166-1&cid=213044381.1692448506&jid=1071222071&gjid=2089636906&_gid=2083154963.1692448506&_u=YEBAAEAAAAAAACAAI~&z=642889674

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 19 Aug 2023 12:35:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flt.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 173ms
103ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1692448506160&id=t2_gw5muiekh&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=bec3e74f-e6d1-4353-bc86-5aa7247f4d43&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: flt.cards
URL: https://flt.cards/t/drolgtpwst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 276117734283491 Show response
connect.facebook.net/signals/config/ 97 KB
25 KB 83ms
79ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/276117734283491?v=2.9.124&r=stable&domain=flt.cards

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

859542667f0e5373db05ab9c0bf2f918facec1e916fbedce9078b59ff417537b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 19 Aug 2023 12:35:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Wgf9hEC8SdHB/2Qq2XYc5/6A4ZoQAGaVHF25n+gmDFfBAHeJfZHoaVZUclHgtWfp1MscwyGNr01YBuHi24Lx5Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 40ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1GFXRP385B&gtm=45je38g0&_p=1457871948&cid=213044381.1692448506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692448506&sct=1&seg=0&dl=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&dt=Float&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1GFXRP385B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 12:35:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flt.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 27026028.js Show response
bat.bing.com/p/action/ 0
117 B 29ms
28ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27026028.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 19 Aug 2023 12:35:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8D24F5295A2746E49D1779D75BC80BAD Ref B: FRA31EDGE0612 Ref C: 2023-08-19T12:35:06Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 34ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27026028&tm=gtm002&Ver=2&mid=7bed0d10-55f2-47d7-98b5-ff5cedd3d249&sid=d3af8d503e8c11eeb39cf7ac41f6b4e8&vid=d3afa7c03e8c11eea4ad912dff3ac9b9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Float&p=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&r=&lt=796&evt=pageLoad&sv=1&rn=506326

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 19 Aug 2023 12:35:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8EE9B9B7133745149A54773400F20CB0 Ref B: FRA31EDGE0612 Ref C: 2023-08-19T12:35:06Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-410007659

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7f0bf94bd001a5d2edac125b7ad8252be2c22605a8fed0642efc3a95ba97b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70583
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 19 Aug 2023 12:35:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-410007659&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXNDS38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b57856d95b156e4bcc85e529840a2bae32281ee8fd41d819f8366b00adb39db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70575
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 19 Aug 2023 12:35:06 GMT

POST
H2 200 pube9a70ecba28e048e3a2d538f705e6cbc
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 395ms
195ms Ping
application/json 2600:1f18:24e6:b902:da90:c926:b7af:a971
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pube9a70ecba28e048e3a2d538f705e6cbc?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aproduction%2Cservice%3Afrontend&batch_time=1692448506341
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:da90:c926:b7af:a971 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 /
www.google.com/pagead/1p-user-list/410007659/ 42 B
455 B 62ms
21ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/410007659/?random=1692448506076&cv=11&fst=1692446400000&bg=ffffff&guid=ON&async=1&gtm=45He38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&frm=0&tiba=Float&fmt=3&is_vtc=1&random=3808692419&rmt_tld=0&ipr=y

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 12:35:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/410007659/ 42 B
455 B 87ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/410007659/?random=1692448506076&cv=11&fst=1692446400000&bg=ffffff&guid=ON&async=1&gtm=45He38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&frm=0&tiba=Float&fmt=3&is_vtc=1&random=3808692419&rmt_tld=1&ipr=y

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 12:35:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2818138/domain/flt.cards/ 36 B
368 B 21ms
9ms XHR
application/json 2600:9000:2315:b800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2818138/domain/flt.cards/token
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: gzip
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=29918
x-amz-cf-id: 9Dp11cFHTX2yzyy1T_H4G6GmImtjnsZp6iz53O_4Hu5CPTtEMjBtlg==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/ 686 B
1 KB 69ms
17ms Fetch
application/json 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/settings
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd41767bd885cd1f495f0e25f69d6b67e6c86c8fdf5e2caf4f542d7946984663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:11:36 GMT
x-amz-version-id: 0mstnpe5ggBXrO1Kv.g9eyxrnK3vy7Mm
via: 1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 1411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 686
last-modified: Fri, 19 May 2023 18:26:50 GMT
server: AmazonS3
etag: "b31826fbe0a8d54bc4a12c4c91b1468a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
x-amz-cf-id: li38Ambe9P6L5bLrc0YDMF-9Z2zstdwYxDyqkK0abUsEKMj0erekag==

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
352 B 330ms
92ms XHR
application/json 52.54.183.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDg0NDJ9.nQTOGTLW9HORzH2IX4mmRsb6ut11vNa5nzak6vq7a6s

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.54.183.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-183-124.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flt.cards
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 9a8ff0b8a5875a0154a3bef0d06eaec9

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 35ms
10ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=276117734283491&ev=PageView&dl=https%3A%2F%2Fflt.cards&rl=&if=false&ts=1692448506462&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=28&fbp=fb.1.1692448506459.319820307&pm=1&hrl=988ecd&it=1692448506173&coo=false&cs_cc=1&cas=4856347901159417%2C4986333924788399%2C5392406534121330%2C5592993027393962&rqm=GET

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 19 Aug 2023 12:35:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/410007659/ 3 KB
2 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/410007659/?random=1692448506493&cv=11&fst=1692448506493&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&hn=www.googleadservices.com&frm=0&tiba=Float&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=511127842.1692448506&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-410007659

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d773dd4ceb86c67b13b40dea797ff0984de58596bb0aab4d5fb59f301f14337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 12:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs-destination.bundle.0f003b5e4b03680982b4.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 21ms
17ms Script
application/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 03:02:01 GMT
x-amz-version-id: hhE3k3yWmWEqYQNTH9bQSXJwnZOXCxRz
content-encoding: br
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 2107986
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jul 2023 00:10:05 GMT
server: AmazonS3
etag: W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: u7R8TwqFVWw4AzVpYI3Y7FoI2bKmVNJTyzx4bQFSJNMOi6IsiRx8Vw==

GET
H2 200 /
www.google.com/pagead/1p-user-list/410007659/ 42 B
108 B 25ms
18ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/410007659/?random=1692448506493&cv=11&fst=1692446400000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&frm=0&tiba=Float&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1154559295&rmt_tld=0&ipr=y

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 12:35:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/410007659/ 42 B
108 B 28ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/410007659/?random=1692448506493&cv=11&fst=1692446400000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&frm=0&tiba=Float&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1154559295&rmt_tld=1&ipr=y

Requested by

Host: flt.cards
URL: https://flt.cards/t/drolgtpwst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 12:35:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 10ms
10ms Script
application/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HZVdEA8Wkskdi3YiZ3xXj5BrDWghSA35/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:24:59 GMT
x-amz-version-id: z9.duCzpxRT4R19RwDYbcbNoSmoR01Uk
content-encoding: br
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 2056208
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jul 2023 16:08:23 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: XB7ENH-4AKnGrtlWHx3mxiM2r7EGUm8hx46XEysQQhAI5wigCy-09A==

POST
H2 200 pube9a70ecba28e048e3a2d538f705e6cbc
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 153ms
152ms Ping
application/json 2600:1f18:24e6:b902:da90:c926:b7af:a971
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pube9a70ecba28e048e3a2d538f705e6cbc?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aproduction%2Cservice%3Afrontend&batch_time=1692448506603
Requested by: Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:da90:c926:b7af:a971 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flt.cards/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
460 B 92ms
92ms XHR
application/json 52.54.183.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.54.183.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-183-124.compute-1.amazonaws.com

Software

Resource Hash

2a8d4f1284ca36c30fa2862517249087ac0f419cb4ed328b7c672907a9d5313a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flt.cards
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 483383ccad2da767d97cbef6caf356bd

GET
H3 200 1940817879400549 Show response
connect.facebook.net/signals/config/ 96 KB
24 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1940817879400549?v=2.9.124&r=stable&domain=flt.cards

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

902c1f559296381df1eaf831edd03af6e1a36cd9d5174e822a161d4a00781964

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 19 Aug 2023 12:35:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: V17KzXFirDJGnqNmUTdIgwk2t6cF3mplfH98u+tresGmbOPBK+xSegen9H1catfe+SQVKSp0LiFGdY+UYbqd/w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 189ms
171ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2874259437&v=1.1&a=6317545&pu=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&t=Float&cts=1692448506969&vi=6ce22b1041603d45b6dd8cb1c171451f&nc=true&u=133920017.6ce22b1041603d45b6dd8cb1c171451f.1692448506965.1692448506965.1692448506965.1&b=133920017.1.1692448506965&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6e8c3162-fdb6-494c-ad95-730e0761e856
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6e8c3162-fdb6-494c-ad95-730e0761e856
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FVn3p0ahjzFq%2FYJb5%2F73McWmhX0RgXrKBmte9lKecGIIPWH7hBbXQ9n0NQihbF1TyTD4B%2FEgyWzxxEoDgQV6EIVfMzCDzTs4UyrU1QYx74eqFvMpcDoGVNIIhfDpKWThr4nTXTaLlPxi2skruwB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-85gwf
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7f926f40bcb94d79-FRA
x-robots-tag: none

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 11ms
10ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1940817879400549&ev=PageView&dl=https%3A%2F%2Fflt.cards&rl=&if=false&ts=1692448507048&sw=1600&sh=1200&ud[external_id]=6ce22b1041603d45b6dd8cb1c171451f&v=2.9.124&r=stable&ec=0&o=28&fbp=fb.1.1692448506459.319820307&pm=1&hrl=141f86&it=1692448506173&coo=false&cs_cc=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 19 Aug 2023 12:35:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 404 drolgtpwst Show response
api.tryjournal.com/api/v1/transactions/spender-categorization/ 152 B
407 B 118ms
118ms Fetch
application/json 3.141.224.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tryjournal.com/api/v1/transactions/spender-categorization/drolgtpwst

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.141.224.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-141-224-235.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
vary: Origin
allow: GET, PUT, PATCH, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY

GET
H2 404 drolgtpwst Show response
api.tryjournal.com/api/v1/transactions/spender-categorization/ 152 B
407 B 123ms
121ms Fetch
application/json 3.141.224.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tryjournal.com/api/v1/transactions/spender-categorization/drolgtpwst

Requested by

Host: flt.cards
URL: https://flt.cards/assets/index-25cd2eb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.141.224.235 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-141-224-235.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 12:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
vary: Origin
allow: GET, PUT, PATCH, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 16ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1GFXRP385B&gtm=45je38g0&_p=1457871948&cid=213044381.1692448506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1692448506&sct=1&seg=0&dl=https%3A%2F%2Fflt.cards%2Ft%2Fdrolgtpwst&dt=Float&en=scroll&epn.percent_scrolled=90&_et=22
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1GFXRP385B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flt.cards/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 12:35:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flt.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
flt.cards/	1970-01-20 14:07:29	Name: _dd_s Value: rum=1&id=0c6b53f3-2263-4842-a758-eff67a2a6430&created=1692448505811&expire=1692449405811
.flt.cards/	1970-01-20 16:17:04	Name: _gcl_au Value: 1.1.511127842.1692448506
.flt.cards/	1970-01-20 14:08:54	Name: _gid Value: GA1.2.2083154963.1692448506
.flt.cards/	1970-01-20 14:07:28	Name: _gat_UA-163128166-1 Value: 1
.flt.cards/	1970-01-20 16:17:04	Name: _rdt_uuid Value: 1692448506159.bec3e74f-e6d1-4353-bc86-5aa7247f4d43
.flt.cards/	1970-01-20 23:43:28	Name: _ga Value: GA1.1.213044381.1692448506
.flt.cards/	1970-01-20 14:08:54	Name: _uetsid Value: d3af8d503e8c11eeb39cf7ac41f6b4e8
.flt.cards/	1970-01-20 23:29:04	Name: _uetvid Value: d3afa7c03e8c11eea4ad912dff3ac9b9
.flt.cards/	1970-01-20 23:43:28	Name: _ga_1GFXRP385B Value: GS1.1.1692448506.1.0.1692448506.0.0.0
.bing.com/	1970-01-20 23:29:04	Name: MUID Value: 3701D32E5E3B6EF61847C05C5FB06F4B
.linkedin.com/	1970-01-20 16:17:04	Name: li_sugr Value: 13a84969-85be-441e-b2a5-3137a036880f
.linkedin.com/	1970-01-20 22:53:04	Name: bcookie Value: "v=2&4ab8b92f-b741-4928-8f63-3e4ede9c96fa"
.linkedin.com/	1970-01-20 14:08:54	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2636:u=1:x=1:i=1692448506:t=1692534906:v=2:sig=AQGffO6hFCMB2asYhFnicT5NNdLbHYKL"
.ws.zoominfo.com/	1970-01-20 22:53:04	Name: visitorId Value: 8d5fb97590cfd67ac464c85784b0e4dcfbd1a1c2bf685595932b08e6c3bbeb46
.zoominfo.com/	1970-01-20 14:07:30	Name: __cf_bm Value: .LSpROC8sOdr80B4OXkABDlQb.usiPCWHIIzsRiyXD4-1692448506-0-AQwP6TeaOhZnCkUyGJNJ/8HqIad1Dm+Tz1a21+6nyoHoXQNVpPHflr0pBmFtbpaNX5VggTtaEDpKTwTak4HLbGE=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 46Qbdw9uAd2dDEITQFxHLoHFGcXoM4uFmIkHqAxgiBI-1692448506410-0-604800000
flt.cards/	1970-01-20 14:08:54	Name: ln_or Value: eyIyODE4MTM4IjoiZCJ9
.flt.cards/	1970-01-20 16:17:04	Name: _fbp Value: fb.1.1692448506459.319820307
.linkedin.com/	1970-01-20 14:50:40	Name: UserMatchHistory Value: AQLr8HWiirGYWQAAAYoNysJx4qfe0JzArQowJ7jQKDnHvlZ5-36SURSE6fL6sHH8nGlFvaaO2FFo7A
.linkedin.com/	1970-01-20 14:50:40	Name: AnalyticsSyncHistory Value: AQJAI2RULEoK0AAAAYoNysJxnA9i4cWTRqIYKYsn-1tKhatmDt9zoAz2UiZy00JyPACpDlwCAjUP0_lxwalITw
.doubleclick.net/	1970-01-20 23:29:04	Name: IDE Value: AHWqTUl34HWdaNnStImukieKn9LahRoqW66KTQs5JlNjUgWw4uMaZ6uUegY32dl6
.www.linkedin.com/	1970-01-20 22:53:04	Name: bscookie Value: "v=1&202308191235065662c0bf-ce9d-415e-880a-db8c1b983dcbAQFTGiTP6J5P206ksZuXOHKvWzrsGfn8"
.linkedin.com/	1970-01-20 18:26:40	Name: li_gc Value: MTswOzE2OTI0NDg1MDY7MjswMjEZk4Bto+cBkXuJHFcfaxUvIvTprXizBlGLhVKEiFKCrQ==
flt.cards/	1970-01-20 14:17:33	Name: slireg Value: https://scout.us4.salesloft.com
flt.cards/	1970-01-20 22:53:04	Name: sliguid Value: 20bd1ab8-b88c-4c7d-884e-1a6ec6b83d92
flt.cards/	1970-01-20 22:53:04	Name: slirequested Value: true
flt.cards/	1970-01-20 18:26:40	Name: __hstc Value: 133920017.6ce22b1041603d45b6dd8cb1c171451f.1692448506965.1692448506965.1692448506965.1
flt.cards/	1970-01-20 18:26:40	Name: hubspotutk Value: 6ce22b1041603d45b6dd8cb1c171451f
flt.cards/	1969-12-31 23:59:59	Name: __hssrc Value: 1
flt.cards/	1970-01-20 14:07:30	Name: __hssc Value: 133920017.1.1692448506965
.hubspot.com/	1970-01-20 14:07:30	Name: __cf_bm Value: 1F_rlvkTPo9mAkhgItp5RKb0w9x112FndVAU6GvBb3g-1692448507-0-AWuBbybfdzIN6n89c29uYTJRHvOTRdLXiduZhAuyMJIaJBEUTxK8YgtQ1662D8vM56AHvcuceYJNlEdbjcw1Fsg=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.tryjournal.com/api/v1/transactions/spender-categorization/drolgtpwst Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.tryjournal.com/api/v1/transactions/spender-categorization/drolgtpwst Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.tryjournal.com/api/v1/transactions/spender-categorization/drolgtpwst Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
api.hubapi.com
api.tryjournal.com
bat.bing.com
cdn.linkedin.oribi.io
cdn.segment.com
connect.facebook.net
fast.appcues.com
flt.cards
fonts.googleapis.com
forms.hscollectedforms.net
googleads.g.doubleclick.net
grow.clearbitjs.com
js.chilipiper.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
rum-http-intake.logs.datadoghq.com
scout-cdn.salesloft.com
scout.salesloft.com
sessions.bugsnag.com
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
108.157.5.209
13.107.42.14
151.101.129.140
2001:4860:4802:32::36
216.24.57.3
2600:1901:0:7a0b::
2600:1f18:24e6:b902:da90:c926:b7af:a971
2600:9000:2315:b800:2:53b2:240:93a1
2606:4700::6810:650c
2606:4700::6810:77be
2606:4700::6810:88ce
2606:4700::6810:b941
2606:4700::6811:4341
2606:4700::6811:6cc7
2606:4700::6811:cacc
2606:4700::6812:18c4
2606:4700::6812:883b
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c00::9b
2a02:26f0:3500:16::215:148d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::396
2a04:4e42::622
3.141.224.235
34.111.73.67
52.54.183.124
76.76.21.21
00ee967e3414fc98ee94216906cd7d232896a0d799dc448110886305008a3449
026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d4b5e73e307b79387c1b0b7fac8dbd706e55cd169297e2953327528a84d1f01
14818a6aa61db8fe8d897a7378306fc6366b2d94e6b1d01777aa4c6e311ca538
224872317fb121183efc519190d561c8af298d03cb85d9fc15b14667ce9d5431
250dc46c1691ff969d5ea984b282e46403885ec806ed96ac3ee301db043a1a4d
2a8d4f1284ca36c30fa2862517249087ac0f419cb4ed328b7c672907a9d5313a
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
36a58b231f4bd34d323b5a7da9caf1a2706ecc87ca22a822763b96659043017e
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
40ddbacec8412bbee611920e07ee39b7ed8401d672f30c9c8d8933b269535bca
4591bbd200161084102dfdf8f282f18ac3945ad2697d36950b664c25172eca75
46f881ca3a9f65f009f26f816460555ba9c79367af70ff1b9d0ed9449726d9c3
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
53ab852cdce0ea0bff89043edb1134babab5d1622f77b0992ee2b6c7bcfdfd7f
5bd8c7962d20ec374cbef414616113a0d48c92b3494b623cb609a4e03ad90ab6
5d773dd4ceb86c67b13b40dea797ff0984de58596bb0aab4d5fb59f301f14337
66fef518760a5f45dfb33dd7cbb1b0c375e567f5315f0d7d0ab80e750854375b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4bdad53042e2bd6e5a231bfcd66d19dc33f507edc2b847ff3c58aca74ff138
7b1cc400a30af9fdf86d94e6b460965c8073a46d0d172b542f35fac66696c5cf
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
859542667f0e5373db05ab9c0bf2f918facec1e916fbedce9078b59ff417537b
8b57856d95b156e4bcc85e529840a2bae32281ee8fd41d819f8366b00adb39db
902c1f559296381df1eaf831edd03af6e1a36cd9d5174e822a161d4a00781964
a3d081f8906755c3d8a8c5b7fc2643ab5348ad52473b09e96ce9eb96a1b8e5e2
a7d8072446e517eb5c383adc2ac27ac9dcbfae3013110f6030ef836c98687a3e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b9497fde4a7984ba6f60bad7ebb560e54c4da15183ec621482b010dc69c5da79
c354bab070dc9b56e5564b532a8612d7c0e7e5de67b8228f0489dc8ce7becb8a
cd41767bd885cd1f495f0e25f69d6b67e6c86c8fdf5e2caf4f542d7946984663
cd5f53827e4398814ea48d5ed81a327f3cc29d61778e051346e760259796b3af
d11f6ac62c5e0e2c0955a79615e06f561c5622f4d4598b3e7b853055c7b5643e
d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f0bf94bd001a5d2edac125b7ad8252be2c22605a8fed0642efc3a95ba97b8d
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e9bde4b298e97e3eebfbabcbe2fe0ee10a05e4d9d1c2cad0cf7f32e82ea21f1d
e9ffe1b49acba74a13ac2cd871f9e3e2a1a633fc65dce4dc22773b32e8280bec
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f712fa2e30770af62cb5d711ccaedffa58b2415c5a78a5e8289e82756e0e0576
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

flt.cards Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

78 %IPv6

32 Domains

38 Subdomains

36 IPs

3 Countries

2168 kBTransfer

7486 kBSize

31 Cookies

0 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flt.cards Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

78 %
IPv6

32
Domains

38
Subdomains

36
IPs

3
Countries

2168 kB
Transfer

7486 kB
Size

31
Cookies

64 HTTP transactions
0 data transactions