Report for card.com Generated 2017-10-05T21:18:25Z

card.com

https://card.com/ source code | headers | screenshot

200 OK  
Cache-Control no-cache, must-revalidate
Cf-Ray 3a936996af256944-CDG
Content-Language en
Content-Type text/html; charset=utf-8
Date Thu, 05 Oct 2017 21:18:17 GMT
Expires Sun, 19 Nov 1978 05:00:00 GMT
Link <https://www.card.com/>; rel="canonical",<https://www.card.com/>; rel="shortlink"
Server cloudflare-nginx
Set-Cookie __cfduid=d9de5638ccdcc1edd9f378ee60a9700ad1507238296; expires=Fri, 05-Oct-18 21:18:16 GMT; path=/; domain=.card.com; HttpOnly; Secure SSESS6842d8c7cb1b116c2c910791f6feb606=vly1JU_JKlMrCuaL3a-lNgZa_itkcmNvc3eHaiDzZfo; expires=Wed, 06-Oct-2027 07:28:16 GMT; Max-Age=315569400; path=/; domain=.www.card.com; secure; HttpOnly
Status 200
Strict-Transport-Security max-age=15552000; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff nosniff
X-Frame-Options SameOrigin SAMEORIGIN
X-Generator Drupal 7 (http://drupal.org)
X-Mission Do something insanely great in financial services.
X-Recruiting If you're reading this, maybe you should be working at CARD.com. Check out https://www.CARD.com/careers
X-Ua-Compatible IE=Edge,chrome=1
card.com

http://card.com/ source code | headers | screenshot

200 OK  
Cache-Control no-cache, must-revalidate
Cf-Ray 3a936993a9cb08ea-CDG
Content-Language en
Content-Type text/html; charset=utf-8
Date Thu, 05 Oct 2017 21:18:16 GMT
Expires Sun, 19 Nov 1978 05:00:00 GMT
Link <https://www.card.com/>; rel="canonical",<https://www.card.com/>; rel="shortlink"
Server cloudflare-nginx
Set-Cookie __cfduid=d8392f1ab6ba60fae55e458081ef55a591507238295; expires=Fri, 05-Oct-18 21:18:15 GMT; path=/; domain=.card.com; HttpOnly; Secure SSESS6842d8c7cb1b116c2c910791f6feb606=ejLhiz_XTfRgKNZymogNFHR3XSmxnd0POW565YXa8as; expires=Wed, 06-Oct-2027 07:28:16 GMT; Max-Age=315569400; path=/; domain=.www.card.com; secure; HttpOnly
Status 200
Strict-Transport-Security max-age=15552000; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff nosniff
X-Frame-Options SameOrigin SAMEORIGIN
X-Generator Drupal 7 (http://drupal.org)
X-Mission Do something insanely great in financial services.
X-Recruiting If you're reading this, maybe you should be working at CARD.com. Check out https://www.CARD.com/careers
X-Ua-Compatible IE=Edge,chrome=1
ivr.card.com

https://ivr.card.com/ source code | headers | screenshot

200 OK  
Cache-Control no-cache, must-revalidate
Cf-Ray 3a936999894d14cd-CDG
Content-Language en
Content-Type text/html; charset=utf-8
Date Thu, 05 Oct 2017 21:18:17 GMT
Expires Sun, 19 Nov 1978 05:00:00 GMT
Link <https://www.card.com/>; rel="canonical",<https://www.card.com/>; rel="shortlink"
Server cloudflare-nginx
Set-Cookie __cfduid=d7d71b7b8512640c05340855033da496c1507238296; expires=Fri, 05-Oct-18 21:18:16 GMT; path=/; domain=.card.com; HttpOnly; Secure SSESS6842d8c7cb1b116c2c910791f6feb606=M5oTdM15LV9JR0PDvaC6_33UXz4Meme9s2bq-ZHHxio; expires=Wed, 06-Oct-2027 07:28:17 GMT; Max-Age=315569400; path=/; domain=.www.card.com; secure; HttpOnly
Status 200
Strict-Transport-Security max-age=15552000; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff nosniff
X-Frame-Options SameOrigin SAMEORIGIN
X-Generator Drupal 7 (http://drupal.org)
X-Mission Do something insanely great in financial services.
X-Recruiting If you're reading this, maybe you should be working at CARD.com. Check out https://www.CARD.com/careers
X-Ua-Compatible IE=Edge,chrome=1
ivr.card.com

http://ivr.card.com/ source code | headers | screenshot

200 OK  
Cache-Control no-cache, must-revalidate
Cf-Ray 3a93699b1b273c7d-CDG
Content-Language en
Content-Type text/html; charset=utf-8
Date Thu, 05 Oct 2017 21:18:18 GMT
Expires Sun, 19 Nov 1978 05:00:00 GMT
Link <https://www.card.com/>; rel="canonical",<https://www.card.com/>; rel="shortlink"
Server cloudflare-nginx
Set-Cookie __cfduid=dfbf3197c7ed5c1f4025321dc689b97e61507238296; expires=Fri, 05-Oct-18 21:18:16 GMT; path=/; domain=.card.com; HttpOnly; Secure SSESS6842d8c7cb1b116c2c910791f6feb606=0lBUNcYUaAXMk1UlJGkj2ZwJItgWLxlaSMvSbrYfuMI; expires=Wed, 06-Oct-2027 07:28:17 GMT; Max-Age=315569400; path=/; domain=.www.card.com; secure; HttpOnly
Status 200
Strict-Transport-Security max-age=15552000; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff nosniff
X-Frame-Options SameOrigin SAMEORIGIN
X-Generator Drupal 7 (http://drupal.org)
X-Mission Do something insanely great in financial services.
X-Recruiting If you're reading this, maybe you should be working at CARD.com. Check out https://www.CARD.com/careers
X-Ua-Compatible IE=Edge,chrome=1
support.card.com

https://support.card.com/ source code | headers | screenshot

200 OK  
Cache-Control must-revalidate, private, max-age=0
Connection keep-alive
Content-Length 1706
Content-Type text/html; charset=UTF-8
Date Thu, 05 Oct 2017 21:18:18 GMT
Etag "be2ac9e37066ec529610d252e081c6d8"
P3p CP="NOI DSP COR NID ADMa OPTa OUR NOR"
Server nginx
Set-Cookie _zendesk_authenticated=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure; HttpOnly _zendesk_session=BAh7C0kiD3Nlc3Npb25faWQGOgZFVEkiJTQxOTJmNTNjZGVjMWI1MWM3OTA1Yzk0NDM5YmM2ZTg5BjsAVEkiDGFjY291bnQGOwBGaQOcpQRJIgpyb3V0ZQY7AEZpA8vQBEkiDmlzX21vYmlsZQY7AFRGSSITd2FyZGVuLm1lc3NhZ2UGOwBUewBJIhBfY3NyZl90b2tlbgY7AEZJIjFZeHBrSFFjZ0JBSE5POFJ3OXdOZmpidEJWVDF4MlFCdnEzVFFqMko5OFBZPQY7AEY%3D--6d2bf8337c43d3db057e8ae0998bb7dbd092a9cd; path=/; secure; HttpOnly
Strict-Transport-Security max-age=259200;
Vary Accept
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Rack-Cache miss
X-Request-Id e1135a87-43e1-427a-c2b2-b8ca3a6b1f90
X-Runtime 0.108622
X-Ua-Compatible IE=Edge,chrome=1
X-Xss-Protection 1; mode=block
X-Zendesk-Origin-Server app26.pod5.iad1.zdsys.com
X-Zendesk-Request-Id 49d05225d5bbcbfb7b85
support.card.com

http://support.card.com/ source code | headers | screenshot

200 OK  
Cache-Control must-revalidate, private, max-age=0
Connection keep-alive
Content-Length 1706
Content-Type text/html; charset=UTF-8
Date Thu, 05 Oct 2017 21:18:22 GMT
Etag "26a49a7e18dec987ed0531e883342d1c"
P3p CP="NOI DSP COR NID ADMa OPTa OUR NOR"
Server nginx
Set-Cookie _zendesk_authenticated=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure; HttpOnly _zendesk_session=BAh7C0kiD3Nlc3Npb25faWQGOgZFVEkiJWMxMjFmOWRjNjZlMTE4MjQ4MzFlY2NiYjY1ZmI0NTUyBjsAVEkiDGFjY291bnQGOwBGaQOcpQRJIgpyb3V0ZQY7AEZpA8vQBEkiDmlzX21vYmlsZQY7AFRGSSITd2FyZGVuLm1lc3NhZ2UGOwBUewBJIhBfY3NyZl90b2tlbgY7AEZJIjFoOWo5R1FMS3pxNXpIVUlNWTduVS85MGJDWFQrN2M5d0Y3UUFuSzA3d0Q4PQY7AEY%3D--c918064f39c55c225eb7fa686b5201ab6f6c8969; path=/; secure; HttpOnly
Strict-Transport-Security max-age=259200;
Vary Accept
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Rack-Cache miss
X-Request-Id eb765da5-efae-4d2c-cd95-b8ca3a6bb7d1
X-Runtime 0.110152
X-Ua-Compatible IE=Edge,chrome=1
X-Xss-Protection 1; mode=block
X-Zendesk-Origin-Server app33.pod5.iad1.zdsys.com
X-Zendesk-Request-Id 6859b106068e5bf85da8
to.card.com

http://to.card.com/ source code | headers | screenshot

200 OK  
Cache-Control no-cache, no-store, max-age=0, must-revalidate, post-check=0, pre-check=0
Cf-Ray 3a93699c1980694a-CDG
Content-Language en
Content-Type text/html; charset=utf-8
Date Thu, 05 Oct 2017 21:18:17 GMT
Expires Sun, 19 Nov 1978 05:00:00 GMT
Link <https://www.card.com/app>; rel="canonical",<https://www.card.com/app>; rel="shortlink"
Server cloudflare-nginx
Status 200
Strict-Transport-Security max-age=15552000; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff nosniff
X-Frame-Options SameOrigin SAMEORIGIN
X-Generator Drupal 7 (http://drupal.org)
X-Mission Do something insanely great in financial services.
X-Recruiting If you're reading this, maybe you should be working at CARD.com. Check out https://www.CARD.com/careers
X-Ua-Compatible IE=Edge,chrome=1
to.card.com

https://to.card.com/ source code | headers | screenshot

200 OK  
Cache-Control no-cache, no-store, max-age=0, must-revalidate, post-check=0, pre-check=0
Cf-Ray 3a9369a53c4608f0-CDG
Content-Language en
Content-Type text/html; charset=utf-8
Date Thu, 05 Oct 2017 21:18:18 GMT
Expires Sun, 19 Nov 1978 05:00:00 GMT
Link <https://www.card.com/app>; rel="canonical",<https://www.card.com/app>; rel="shortlink"
Server cloudflare-nginx
Status 200
Strict-Transport-Security max-age=15552000; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff nosniff
X-Frame-Options SameOrigin SAMEORIGIN
X-Generator Drupal 7 (http://drupal.org)
X-Mission Do something insanely great in financial services.
X-Recruiting If you're reading this, maybe you should be working at CARD.com. Check out https://www.CARD.com/careers
X-Ua-Compatible IE=Edge,chrome=1
www.card.com

https://www.card.com:8443/ source code | headers | screenshot

403 Forbidden  
Cf-Ray 3a9369920d7b3c7d-CDG
Content-Length 575
Content-Type text/html
Date Thu, 05 Oct 2017 21:18:15 GMT
Server cloudflare-nginx
Status 403
www.card.com

https://www.card.com/ source code | headers | screenshot

403 Forbidden  
Cf-Ray 3a9369920a1e0bff-AMS
Content-Length 173
Content-Type text/html
Date Thu, 05 Oct 2017 21:18:15 GMT
Server cloudflare-nginx
Status 403
www.card.com

https://www.card.com:2096/ source code | headers | screenshot

403 Forbidden  
Cf-Ray 3a936991fca20cad-AMS
Content-Length 173
Content-Type text/html
Date Thu, 05 Oct 2017 21:18:15 GMT
Server cloudflare-nginx
Status 403
www.card.com

http://www.card.com:2082/ source code | headers | screenshot

200 OK  
Cache-Control no-cache, must-revalidate
Cf-Ray 3a9369935af7694a-CDG
Content-Language en
Content-Type text/html; charset=utf-8
Date Thu, 05 Oct 2017 21:18:16 GMT
Expires Sun, 19 Nov 1978 05:00:00 GMT
Link <https://www.card.com/>; rel="canonical",<https://www.card.com/>; rel="shortlink"
Server cloudflare-nginx
Set-Cookie __cfduid=dd67b0f379c26af2dd81ba618ce8475351507238295; expires=Fri, 05-Oct-18 21:18:15 GMT; path=/; domain=.card.com; HttpOnly; Secure SSESS6842d8c7cb1b116c2c910791f6feb606=-Oj1deX0RR_h7nakMekYRx0iBDCtqUJeo2TYgXpvG08; expires=Wed, 06-Oct-2027 07:28:16 GMT; Max-Age=315569400; path=/; domain=.www.card.com; secure; HttpOnly
Status 200
Strict-Transport-Security max-age=15552000; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff nosniff
X-Frame-Options SameOrigin SAMEORIGIN
X-Generator Drupal 7 (http://drupal.org)
X-Mission Do something insanely great in financial services.
X-Recruiting If you're reading this, maybe you should be working at CARD.com. Check out https://www.CARD.com/careers
X-Ua-Compatible IE=Edge,chrome=1
www.card.com

http://www.card.com:8080/ source code | headers | screenshot

200 OK  
Cache-Control no-cache, must-revalidate
Cf-Ray 3a9369932dd914cd-CDG
Content-Language en
Content-Type text/html; charset=utf-8
Date Thu, 05 Oct 2017 21:18:16 GMT
Expires Sun, 19 Nov 1978 05:00:00 GMT
Link <https://www.card.com/>; rel="canonical",<https://www.card.com/>; rel="shortlink"
Server cloudflare-nginx
Set-Cookie __cfduid=dd624c81830737ad50245fd5134ad1afb1507238295; expires=Fri, 05-Oct-18 21:18:15 GMT; path=/; domain=.card.com; HttpOnly; Secure SSESS6842d8c7cb1b116c2c910791f6feb606=AkFxFCYHnxyEaKhABGJJPbdbjTUx9sPiqTzmN5rgZOs; expires=Wed, 06-Oct-2027 07:28:16 GMT; Max-Age=315569400; path=/; domain=.www.card.com; secure; HttpOnly
Status 200
Strict-Transport-Security max-age=15552000; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff nosniff
X-Frame-Options SameOrigin SAMEORIGIN
X-Generator Drupal 7 (http://drupal.org)
X-Mission Do something insanely great in financial services.
X-Recruiting If you're reading this, maybe you should be working at CARD.com. Check out https://www.CARD.com/careers
X-Ua-Compatible IE=Edge,chrome=1
www.card.com

http://www.card.com/ source code | headers | screenshot

200 OK  
Cache-Control no-cache, must-revalidate
Cf-Ray 3a93699fcc341049-CDG
Content-Language en
Content-Type text/html; charset=utf-8
Date Thu, 05 Oct 2017 21:18:19 GMT
Expires Sun, 19 Nov 1978 05:00:00 GMT
Link <https://www.card.com/>; rel="canonical",<https://www.card.com/>; rel="shortlink"
Server cloudflare-nginx
Set-Cookie __cfduid=d0234f01c9f5718902d5591d99653adbd1507238297; expires=Fri, 05-Oct-18 21:18:17 GMT; path=/; domain=.card.com; HttpOnly; Secure SSESS6842d8c7cb1b116c2c910791f6feb606=TQ-XV8UpofHm0urOwF8IMkZytmxiqTmItE5tSR_4OR0; expires=Wed, 06-Oct-2027 07:28:18 GMT; Max-Age=315569400; path=/; domain=.www.card.com; secure; HttpOnly
Status 200
Strict-Transport-Security max-age=15552000; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff nosniff
X-Frame-Options SameOrigin SAMEORIGIN
X-Generator Drupal 7 (http://drupal.org)
X-Mission Do something insanely great in financial services.
X-Recruiting If you're reading this, maybe you should be working at CARD.com. Check out https://www.CARD.com/careers
X-Ua-Compatible IE=Edge,chrome=1
www.card.com

https://www.card.com:2087/ source code | headers | screenshot

403 Forbidden  
Cf-Ray 3a9369b79a627265-AMS
Content-Length 575
Content-Type text/html
Date Thu, 05 Oct 2017 21:18:21 GMT
Server cloudflare-nginx
Status 403
www.card.com

http://www.card.com:8880/ source code | headers | screenshot

200 OK  
Cache-Control no-cache, must-revalidate
Cf-Ray 3a9369b99c2e3c1d-CDG
Content-Language en
Content-Type text/html; charset=utf-8
Date Thu, 05 Oct 2017 21:18:22 GMT
Expires Sun, 19 Nov 1978 05:00:00 GMT
Link <https://www.card.com/>; rel="canonical",<https://www.card.com/>; rel="shortlink"
Server cloudflare-nginx
Set-Cookie __cfduid=dae1e053270ee448b1054ce3cdb2ab7f01507238301; expires=Fri, 05-Oct-18 21:18:21 GMT; path=/; domain=.card.com; HttpOnly; Secure SSESS6842d8c7cb1b116c2c910791f6feb606=sF7PXX1LOLwjFiQjWYJWgO3LEaJ9eJwXFwjDsQ5YK0k; expires=Wed, 06-Oct-2027 07:28:21 GMT; Max-Age=315569400; path=/; domain=.www.card.com; secure; HttpOnly
Status 200
Strict-Transport-Security max-age=15552000; preload
Vary Accept-Encoding
X-Content-Type-Options nosniff nosniff
X-Frame-Options SameOrigin SAMEORIGIN
X-Generator Drupal 7 (http://drupal.org)
X-Mission Do something insanely great in financial services.
X-Recruiting If you're reading this, maybe you should be working at CARD.com. Check out https://www.CARD.com/careers
X-Ua-Compatible IE=Edge,chrome=1