submit bug report: http://card.comCARD.com creates Fair, Fashionable and Fun online prepaid card solutions.
Inelegible targets
The following are specifically excluded from scope and should not be tested:
3rd party tools used by by CARD.com
3rd party service providers to CARD.com
All shared hosting environment (e.g. networking equipment, firewalls and other equipment) components that are not directly used to host the target URL
Physical environment pen-testing such as obtaining access to offices, server rooms, cars, homes, and physical objects (such as USB keys, phones, laptops)
Note: Our server may indicate a banner (e.g. Apache version X.Y.Z) that seems out of date, but which is not in fact out of date due to the way we manage patches to that software.
Policy:
https://bugcrowd.com/card
