Submitted URL: https://idva.power-ecard.io/
Effective URL: https://idva.power-ecard.io/login
Submission: On June 23 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 29 HTTP transactions. The main IP is 3.124.49.58, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is idva.power-ecard.io.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on October 6th 2023. Valid for: a year.
This is the only time idva.power-ecard.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 3.124.49.58 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
3 2603:1020:c01... 8075 (MICROSOFT...)
1 2600:9000:276... 16509 (AMAZON-02)
29 4
Domain Requested by
25 idva.power-ecard.io 1 redirects idva.power-ecard.io
2 power-ecard.containers.piwik.pro idva.power-ecard.io
1 power-ecard.piwik.pro power-ecard.containers.piwik.pro
1 fonts.power-ecard.net idva.power-ecard.io
1 server-side-tagging-jpkyoraqsq-ey.a.run.app idva.power-ecard.io
29 5

This site contains no links.

Subject Issuer Validity Valid
*.power-ecard.io
AlphaSSL CA - SHA256 - G4
2023-10-06 -
2024-11-06
a year crt.sh
*.a.run.app
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
*.containers.piwik.pro
GlobeSSL DV CA
2024-01-02 -
2025-01-01
a year crt.sh
fonts.power-ecard.net
Amazon RSA 2048 M03
2024-02-02 -
2025-03-02
a year crt.sh
*.piwik.pro
GlobeSSL DV CA
2024-01-02 -
2025-01-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://idva.power-ecard.io/login
Frame ID: 5CBCB67ABCE2896D676BFB97DCEC9E1A
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

Power eCard

Page URL History Show full URLs

  1. https://idva.power-ecard.io/ HTTP 302
    https://idva.power-ecard.io/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1211 kB
Transfer

1395 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://idva.power-ecard.io/ HTTP 302
    https://idva.power-ecard.io/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
idva.power-ecard.io/
Redirect Chain
  • https://idva.power-ecard.io/
  • https://idva.power-ecard.io/login
22 KB
23 KB
Document
General
Full URL
https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
a43974bdded7942bbc74d6b7928694da03f0ef02604cb2302597b88a89f32cc0
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
content-type
text/html; charset=UTF-8
date
Sun, 23 Jun 2024 06:17:30 GMT
feature-policy
sync-xhr 'self'
referrer-policy
no-referrer
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
content-type
text/html; charset=UTF-8
date
Sun, 23 Jun 2024 06:17:30 GMT
feature-policy
sync-xhr 'self'
location
https://idva.power-ecard.io/login
referrer-policy
no-referrer
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
F1d64E34_screen.css
idva.power-ecard.io/uploads/files/F1d64E34/
190 KB
191 KB
Stylesheet
General
Full URL
https://idva.power-ecard.io/uploads/files/F1d64E34/F1d64E34_screen.css?version=5.7.15
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
51daf475457e5ba4bb21f6bb0170d9436f62b712a24b5fad54a44822ab0516f4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Fri, 21 Jun 2024 02:58:52 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"2f968-61b5d9c874478"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
194920
x-xss-protection
1; mode=block
modernizr-2.5.3.js
idva.power-ecard.io/assets/js/
47 KB
47 KB
Script
General
Full URL
https://idva.power-ecard.io/assets/js/modernizr-2.5.3.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
7c92df48da65681a2aee335e5d0d707e82d65ab1341212e06eb781b771d86632
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"bbfc-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
48124
x-xss-protection
1; mode=block
metisMenu.min.css
idva.power-ecard.io/themes/power-ecard/css/plugins/metisMenu/
586 B
710 B
Stylesheet
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/css/plugins/metisMenu/metisMenu.min.css
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
46ca184f49e833f0898a4d05439d97c449a80b17c13cefe2588621041379d240
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"24a-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
586
x-xss-protection
1; mode=block
timeline.css
idva.power-ecard.io/themes/power-ecard/css/plugins/
3 KB
3 KB
Stylesheet
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/css/plugins/timeline.css
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
56ce419afae15f491bb55b2b5cfca44668fd397c11894062f18f25ddcc79566b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"d5f-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
3423
x-xss-protection
1; mode=block
font-awesome.min.css
idva.power-ecard.io/themes/power-ecard/css/
28 KB
28 KB
Stylesheet
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/css/font-awesome.min.css
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"7186-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
29062
x-xss-protection
1; mode=block
power-ecard_users_users_login_mod.min.css
idva.power-ecard.io/assets/cache/
51 B
127 B
Stylesheet
General
Full URL
https://idva.power-ecard.io/assets/cache/power-ecard_users_users_login_mod.min.css
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
af9517e17ff773861766dc76482eed22e5ba88d66050c86b9af507548319268f
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:24:59 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"33-61b53eb02e558"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
51
x-xss-protection
1; mode=block
de.png
idva.power-ecard.io/assets/images/flags/
545 B
600 B
Image
General
Full URL
https://idva.power-ecard.io/assets/images/flags/de.png
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"221-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
image/png
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
545
x-xss-protection
1; mode=block
en.png
idva.power-ecard.io/assets/images/flags/
4 KB
4 KB
Image
General
Full URL
https://idva.power-ecard.io/assets/images/flags/en.png
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
2d6a17d6e90f91c88137d56b08a88e3e96c3ba4f106a63ea5673a0c54745d3ab
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"ef4-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
image/png
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
3828
x-xss-protection
1; mode=block
fr.png
idva.power-ecard.io/assets/images/flags/
545 B
600 B
Image
General
Full URL
https://idva.power-ecard.io/assets/images/flags/fr.png
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"221-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
image/png
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
545
x-xss-protection
1; mode=block
nl.png
idva.power-ecard.io/assets/images/flags/
453 B
508 B
Image
General
Full URL
https://idva.power-ecard.io/assets/images/flags/nl.png
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
1546928846ee0a8377fd30865d4c43cef501eba7d775d494b98d1ce699627a4a
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"1c5-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
image/png
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
453
x-xss-protection
1; mode=block
logo_powerecard.png
idva.power-ecard.io/assets/images/
16 KB
16 KB
Image
General
Full URL
https://idva.power-ecard.io/assets/images/logo_powerecard.png
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
cb874309da10af413f06d8bc50be051dec47ecbceb8d6a35d638e4b5de270c45
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"407a-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
image/png
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
16506
x-xss-protection
1; mode=block
jquery-3.6.1.min.js
idva.power-ecard.io/assets/js/
88 KB
88 KB
Script
General
Full URL
https://idva.power-ecard.io/assets/js/jquery-3.6.1.min.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
131c0d82967fed05e1920e519e0ea6ec91ab97b7c40480f72f8af8680bba1f0a
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"15e3f-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
89663
x-xss-protection
1; mode=block
bootstrap.min.js
idva.power-ecard.io/themes/power-ecard/js/
31 KB
31 KB
Script
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/js/bootstrap.min.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"7c4b-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
31819
x-xss-protection
1; mode=block
jquery.placeholder.js
idva.power-ecard.io/themes/power-ecard/js/
5 KB
5 KB
Script
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/js/jquery.placeholder.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
6e07fb60c079fcbe2bd6c12504ccc02997c719a3be5e25da6786b5d5468e87f2
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"14b1-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
5297
x-xss-protection
1; mode=block
metisMenu.min.js
idva.power-ecard.io/themes/power-ecard/js/plugins/metisMenu/
1 KB
1 KB
Script
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/js/plugins/metisMenu/metisMenu.min.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
0fcb285e05a2de5c2b04fb919f2e32108c7d0ef3d5f8171067c0fedf623868aa
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"4e6-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
1254
x-xss-protection
1; mode=block
global.js
idva.power-ecard.io/themes/power-ecard/js/
1 KB
1 KB
Script
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/js/global.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
a60604abc5113da29d21803527c8a01f68f83edabe612374d8891875c37de981
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"45a-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
1114
x-xss-protection
1; mode=block
main.js
idva.power-ecard.io/themes/power-ecard/js/
461 B
516 B
Script
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/js/main.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
bb080507425a786efd165a8ca753a1a300eef5ee3238c0b8613bc46ed593ded5
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"1cd-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
461
x-xss-protection
1; mode=block
jquery.ui.widget.js
idva.power-ecard.io/themes/power-ecard/js/plugins/upload/vendor/
15 KB
15 KB
Script
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/js/plugins/upload/vendor/jquery.ui.widget.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
291691462901925685e9739065f5d8792cfccd842d116ac024029a3684780664
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"3d8f-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
15759
x-xss-protection
1; mode=block
jquery.iframe-transport.js
idva.power-ecard.io/themes/power-ecard/js/plugins/upload/
10 KB
10 KB
Script
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/js/plugins/upload/jquery.iframe-transport.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
e127082f8c4e76952f5a8e1e9a0c2731372ca3f7d800fa9a5ec1bed0a516c2a9
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"2974-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
10612
x-xss-protection
1; mode=block
jquery.fileupload.js
idva.power-ecard.io/themes/power-ecard/js/plugins/upload/
62 KB
62 KB
Script
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/js/plugins/upload/jquery.fileupload.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
326007a66ec2d56dd52fee86631021c416be2745ae96994e56227fa76b27b98d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"f60b-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
62987
x-xss-protection
1; mode=block
upload.js
idva.power-ecard.io/themes/power-ecard/js/plugins/upload/
5 KB
5 KB
Script
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/js/plugins/upload/upload.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
97890a9d8efe84b4cde78a1aa3112403c6df1478052f4c5fe27f3b46ab20b54b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:32 GMT
etag
"121b-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
4635
x-xss-protection
1; mode=block
gtm.js
server-side-tagging-jpkyoraqsq-ey.a.run.app/
0
0
Script
General
Full URL
https://server-side-tagging-jpkyoraqsq-ey.a.run.app/gtm.js?id=GTM-WDQTXGX
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cloud-trace-context
d8ac83d20574b58dccea779ca005eeb3;o=1
date
Sun, 23 Jun 2024 06:17:33 GMT
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
2b4f20b2-48c7-422a-b3cd-b00f5020cd29.js
power-ecard.containers.piwik.pro/
213 KB
62 KB
Script
General
Full URL
https://power-ecard.containers.piwik.pro/2b4f20b2-48c7-422a-b3cd-b00f5020cd29.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a44cbbab02bcd90c71142f122eba7771af3c737d3af416ac428ba35b947d307e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 06:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
referrer-policy
origin
etag
W/"9d548891fbcd1224-d7279f1e4bbb2a17"
vary
Accept-Encoding, Cookie
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
cache-control
public, must-revalidate
x-robots-tag
none
x-cached
MISS
OpenSans-VariableFont_wdth,wght.ttf
fonts.power-ecard.net/Google/open-sans-variable/
517 KB
518 KB
Font
General
Full URL
https://fonts.power-ecard.net/Google/open-sans-variable/OpenSans-VariableFont_wdth,wght.ttf
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a200:19:6e21:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3a5bdcadaa935ae2627783acbe7672d50e0f3681f6d9431303e51ebc4032f78

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://idva.power-ecard.io/
Origin
https://idva.power-ecard.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 06:17:34 GMT
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 12:10:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
etag
"996d0154a25c63500dee2ae91e4f2ea7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/ttf
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
528976
x-amz-cf-id
RvBpTFfjF6qL16PCxkmZsVsKd4DA2dvgZzwj44bMuSvPAIrlVlAWzQ==
fontawesome-webfont.woff2
idva.power-ecard.io/themes/power-ecard/fonts/
70 KB
70 KB
Font
General
Full URL
https://idva.power-ecard.io/themes/power-ecard/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/themes/power-ecard/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://idva.power-ecard.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:33 GMT
etag
"118d8-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
71896
x-xss-protection
1; mode=block
ppms.js
power-ecard.containers.piwik.pro/
60 KB
24 KB
Script
General
Full URL
https://power-ecard.containers.piwik.pro/ppms.js
Requested by
Host: idva.power-ecard.io
URL: https://idva.power-ecard.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d780ea58706b7a21b1db69f47c3c575c1f952291cc7963ae7ea050e78d1b1e6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 06:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
last-modified
Wed, 29 May 2024 11:49:19 GMT
referrer-policy
origin
etag
W/"6657163f-efb3"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
cache-control
max-age=21600
expires
Sun, 23 Jun 2024 12:17:33 GMT
ppms.php
power-ecard.piwik.pro/
0
0
Ping
General
Full URL
https://power-ecard.piwik.pro/ppms.php
Requested by
Host: power-ecard.containers.piwik.pro
URL: https://power-ecard.containers.piwik.pro/ppms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

favicon.ico
idva.power-ecard.io/
3 KB
3 KB
Other
General
Full URL
https://idva.power-ecard.io/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.49.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-49-58.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
b28c1f60dc900d894f11414398d7c35c827ca40749375984caffc15c10a41016
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Thu, 20 Jun 2024 15:16:32 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
date
Sun, 23 Jun 2024 06:17:36 GMT
etag
"b2e-61b53ccc59400"
x-frame-options
SAMEORIGIN
content-type
image/x-icon
feature-policy
sync-xhr 'self'
accept-ranges
bytes
content-length
2862
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage string| base_url string| currentLanguage object| dataLayer object| html5 object| Modernizr object| _paq string| f object| ppms function| $ function| jQuery object| saveButton object| progressBar function| setUploaderForm function| resetUploadForm function| publishUploaderForm function| setForm object| sevenTag object| wgxpath object| Piwik object| AnalyticsTracker function| piwik_log undefined| topOffset number| width number| height

6 Cookies

Domain/Path Name / Value
idva.power-ecard.io/ Name: poe_session
Value: a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2294ead536dee3e5ce78e4f8402419c5fa%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22172.31.7.103%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A111%3A%22Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1719123450%3B%7De957e0fbe46be6cc0fa0cda3ca909ef0
idva.power-ecard.io/ Name: stg_traffic_source_priority
Value: 1
idva.power-ecard.io/ Name: _pk_id.2b4f20b2-48c7-422a-b3cd-b00f5020cd29.ba76
Value: f78b7eff8298941b.1719123453.1.1719123453.1719123453.
idva.power-ecard.io/ Name: _pk_ses.2b4f20b2-48c7-422a-b3cd-b00f5020cd29.ba76
Value: *
idva.power-ecard.io/ Name: stg_last_interaction
Value: Sun%2C%2023%20Jun%202024%2006:17:36%20GMT
idva.power-ecard.io/ Name: stg_returning_visitor
Value: Sun%2C%2023%20Jun%202024%2006:17:36%20GMT

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://idva.power-ecard.io/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://server-side-tagging-jpkyoraqsq-ey.a.run.app/gtm.js?id=GTM-WDQTXGX
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://power-ecard.piwik.pro https://www.googleapis.com/webfonts/v1/webfonts https://lib.power-ecard.net https://lib.dev.power-ecard.net https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.power-ecard.net https://api.vatcomply.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' js.stripe.com https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://teams.microsoft.com https://power-ecard.containers.piwik.pro http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net; style-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://power-ecard.containers.piwik.pro; font-src 'unsafe-inline' 'self' http://fonts.googleapis.com http://fonts.gstatic.com https://hello.myfonts.net https://fonts.power-ecard.net https://lib.power-ecard.net https://power-ecard.containers.piwik.pro; img-src 'unsafe-inline' 'self' https://server-side-tagging-jpkyoraqsq-ey.a.run.app https://s3.eu-central-1.amazonaws.com/ blob: https://hello.myfonts.net http://fonts.googleapis.com http://fonts.gstatic.com https://power-ecard.containers.piwik.pro https://fonts.power-ecard.net data:; frame-src 'self' js.stripe.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.power-ecard.net
idva.power-ecard.io
power-ecard.containers.piwik.pro
power-ecard.piwik.pro
server-side-tagging-jpkyoraqsq-ey.a.run.app
2001:4860:4802:34::35
2600:9000:2761:a200:19:6e21:e080:93a1
2603:1020:c01:4::40
3.124.49.58
0fcb285e05a2de5c2b04fb919f2e32108c7d0ef3d5f8171067c0fedf623868aa
131c0d82967fed05e1920e519e0ea6ec91ab97b7c40480f72f8af8680bba1f0a
1546928846ee0a8377fd30865d4c43cef501eba7d775d494b98d1ce699627a4a
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
291691462901925685e9739065f5d8792cfccd842d116ac024029a3684780664
2d6a17d6e90f91c88137d56b08a88e3e96c3ba4f106a63ea5673a0c54745d3ab
326007a66ec2d56dd52fee86631021c416be2745ae96994e56227fa76b27b98d
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
46ca184f49e833f0898a4d05439d97c449a80b17c13cefe2588621041379d240
51daf475457e5ba4bb21f6bb0170d9436f62b712a24b5fad54a44822ab0516f4
56ce419afae15f491bb55b2b5cfca44668fd397c11894062f18f25ddcc79566b
6e07fb60c079fcbe2bd6c12504ccc02997c719a3be5e25da6786b5d5468e87f2
79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
7c92df48da65681a2aee335e5d0d707e82d65ab1341212e06eb781b771d86632
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
97890a9d8efe84b4cde78a1aa3112403c6df1478052f4c5fe27f3b46ab20b54b
a43974bdded7942bbc74d6b7928694da03f0ef02604cb2302597b88a89f32cc0
a44cbbab02bcd90c71142f122eba7771af3c737d3af416ac428ba35b947d307e
a60604abc5113da29d21803527c8a01f68f83edabe612374d8891875c37de981
af9517e17ff773861766dc76482eed22e5ba88d66050c86b9af507548319268f
b28c1f60dc900d894f11414398d7c35c827ca40749375984caffc15c10a41016
bb080507425a786efd165a8ca753a1a300eef5ee3238c0b8613bc46ed593ded5
cb874309da10af413f06d8bc50be051dec47ecbceb8d6a35d638e4b5de270c45
d780ea58706b7a21b1db69f47c3c575c1f952291cc7963ae7ea050e78d1b1e6b
e127082f8c4e76952f5a8e1e9a0c2731372ca3f7d800fa9a5ec1bed0a516c2a9
e3a5bdcadaa935ae2627783acbe7672d50e0f3681f6d9431303e51ebc4032f78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855