urlscan.io logo urlscan.io
SecurityTrails logo

ekf.e-card.cc Open in urlscan Pro
176.118.167.85  Public Scan

Go To Rescan Add Verdict Report
URL: https://ekf.e-card.cc/
Submission: On December 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 176.118.167.85, located in Tallinn, Estonia and belongs to ARVID-LOGICUM, EE. The main domain is ekf.e-card.cc.
TLS certificate: Issued by R3 on December 23rd 2023. Valid for: 3 months.
This is the only time ekf.e-card.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 176.118.167.85 202376 (ARVID-LOG...)
8 2
Apex Domain
Subdomains		 Transfer
8 e-card.cc
ekf.e-card.cc
6 MB
0 Failed
function sub() { [native code] }. Failed
8 2
Domain Requested by
8 ekf.e-card.cc ekf.e-card.cc
0 truncated Failed ekf.e-card.cc
8 2

This site contains links to these domains. Also see Links.

Domain
wa.me
Subject Issuer Validity Valid
ekf.e-card.cc
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ekf.e-card.cc/
Frame ID: 00E066A2125E64330958872463BF192F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

It works

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

6484 kB
Transfer

6473 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ekf.e-card.cc/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ekf.e-card.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.118.167.85 Tallinn, Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS
srv247.clients.zbs.cloud
Software
nginx /
Resource Hash
e14d0c952f240b34448c9603cf7ab91314aa77d0b8e890e7bb76e258881e7957
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
content-type
text/html; charset=UTF-8
date
Sat, 23 Dec 2023 15:07:20 GMT
permissions-policy
accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
stylesheet.css
ekf.e-card.cc/roboto/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ekf.e-card.cc/roboto/stylesheet.css
Requested by
Host: ekf.e-card.cc
URL: https://ekf.e-card.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.118.167.85 Tallinn, Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS
srv247.clients.zbs.cloud
Software
nginx /
Resource Hash
05eb10ba1342304e4d4c04014221dfe671cad5d19a3b381df9379ae55acb97b6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekf.e-card.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:07:21 GMT
content-security-policy
default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 23 Dec 2023 10:59:59 GMT
server
nginx
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
accept-ranges
bytes
content-length
4457
x-xss-protection
1; mode=block
plugins.bundle.css
ekf.e-card.cc/panel_assets/plugins/global/ 		407 KB
408 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ekf.e-card.cc/panel_assets/plugins/global/plugins.bundle.css
Requested by
Host: ekf.e-card.cc
URL: https://ekf.e-card.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.118.167.85 Tallinn, Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS
srv247.clients.zbs.cloud
Software
nginx /
Resource Hash
6b05aed3fd010116895c6a9d0350a9d8c8f8f4b3d677d5da634d1f1f5b1b5f56
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekf.e-card.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:07:21 GMT
content-security-policy
default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 23 Dec 2023 11:00:00 GMT
server
nginx
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
accept-ranges
bytes
content-length
416672
x-xss-protection
1; mode=block
style.bundle.css
ekf.e-card.cc/panel_assets/css/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ekf.e-card.cc/panel_assets/css/style.bundle.css
Requested by
Host: ekf.e-card.cc
URL: https://ekf.e-card.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.118.167.85 Tallinn, Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS
srv247.clients.zbs.cloud
Software
nginx /
Resource Hash
32033f0645083504a4cbdfd83a4f08e0ce7edee41767774e2188920a2214fcb4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekf.e-card.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:07:21 GMT
content-security-policy
default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 23 Dec 2023 11:00:00 GMT
server
nginx
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
accept-ranges
bytes
content-length
1237344
x-xss-protection
1; mode=block
edit.css
ekf.e-card.cc/panel_assets/custom/profile/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ekf.e-card.cc/panel_assets/custom/profile/edit.css
Requested by
Host: ekf.e-card.cc
URL: https://ekf.e-card.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.118.167.85 Tallinn, Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS
srv247.clients.zbs.cloud
Software
nginx /
Resource Hash
d5d50422b693e94494a824441d60f9ac3c6dca57218511d00b0ddc86fd711f50
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekf.e-card.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:07:21 GMT
content-security-policy
default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 23 Dec 2023 11:00:00 GMT
server
nginx
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
accept-ranges
bytes
content-length
2029
x-xss-protection
1; mode=block
jquery-3.6.0.min.js
ekf.e-card.cc/panel_assets/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekf.e-card.cc/panel_assets/js/jquery-3.6.0.min.js
Requested by
Host: ekf.e-card.cc
URL: https://ekf.e-card.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.118.167.85 Tallinn, Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS
srv247.clients.zbs.cloud
Software
nginx /
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekf.e-card.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:07:21 GMT
content-security-policy
default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 23 Dec 2023 10:59:59 GMT
server
nginx
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
accept-ranges
bytes
content-length
89500
x-xss-protection
1; mode=block
plugins.bundle.js
ekf.e-card.cc/panel_assets/plugins/global/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekf.e-card.cc/panel_assets/plugins/global/plugins.bundle.js
Requested by
Host: ekf.e-card.cc
URL: https://ekf.e-card.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.118.167.85 Tallinn, Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS
srv247.clients.zbs.cloud
Software
nginx /
Resource Hash
947fb04b787c2625584bbb375439d3108d25e2e5ded4ed3c62a41b129e993f71
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekf.e-card.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:07:21 GMT
content-security-policy
default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 23 Dec 2023 11:00:00 GMT
server
nginx
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
accept-ranges
bytes
content-length
4662019
x-xss-protection
1; mode=block
scripts.bundle.js
ekf.e-card.cc/panel_assets/js/ 		207 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekf.e-card.cc/panel_assets/js/scripts.bundle.js
Requested by
Host: ekf.e-card.cc
URL: https://ekf.e-card.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.118.167.85 Tallinn, Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS
srv247.clients.zbs.cloud
Software
nginx /
Resource Hash
7eb56f81ea2c5648bf29f8d55b17cba574317cbc8093624af29b8fd411600b2b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekf.e-card.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:07:21 GMT
content-security-policy
default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 23 Dec 2023 10:59:59 GMT
server
nginx
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
accept-ranges
bytes
content-length
211572
x-xss-protection
1; mode=block
truncated
/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
truncated
URL
data:truncated

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| hostUrl function| $ function| jQuery number| uidEvent object| bootstrap object| Popper function| wNumb function| moment object| TreemapSquared function| SVG object| Apex function| ApexCharts object| FormValidation function| flatpickr function| Inputmask object| noUiSlider function| autosize function| ClipboardJS function| Dropzone function| Quill function| Tagify object| toastr object| sessionTimeout function| swal function| Swal object| countUp function| Chart function| tns function| SmoothScroll object| KTUtilElementDataStore number| KTUtilElementDataStoreID object| KTUtilDelegatedEventHandlers object| KTUtil object| KTEventHandler function| KTBlockUI object| KTCookie function| KTDialer function| KTDrawer function| KTFeedback function| KTImageInput function| KTMenu function| KTScroll function| KTScrolltop function| KTSearch function| KTStepper function| KTSticky function| KTSwapper function| KTToggle object| KTApp object| KTLayoutHeader object| KTLayoutSearch

0 Cookies

2 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
security error URL: https://ekf.e-card.cc/(Line 46)
Message:
Refused to load the image 'data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZlcnNpb249IjEuMSIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHhtbG5zOnN2Z2pzPSJodHRwOi8vc3ZnanMuY29tL3N2Z2pzIiB3aWR0aD0iNTEyIiBoZWlnaHQ9IjUxMiIgeD0iMCIgeT0iMCIgdmlld0JveD0iMCAwIDY4MiA2ODIuNjY2NjkiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDUxMiA1MTIiIHhtbDpzcGFjZT0icHJlc2VydmUiIGNsYXNzPSIiPjxnPjxwYXRoIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgZD0ibTU0NC4zODY3MTkgOTMuMDA3ODEyYy01OS44NzUtNTkuOTQ1MzEyLTEzOS41M...kuNjQ4NDM4IDE4LjkwNjI1IDguMTcxODc0IDMzLjY2NDA2MyAxMy4wNDI5NjggNDUuMTc1NzgyIDE2LjY5NTMxMiAxOC45ODQzNzQgNi4wMzEyNSAzNi4yNTM5MDYgNS4xNzk2ODggNDkuOTEwMTU2IDMuMTQwNjI1IDE1LjIyNjU2Mi0yLjI3NzM0NCA0Ni44Nzg5MDYtMTkuMTcxODc1IDUzLjQ4ODI4MS0zNy42Nzk2ODcgNi42MDE1NjMtMTguNTExNzE5IDYuNjAxNTYzLTM0LjM3NSA0LjYxNzE4Ny0zNy42ODM1OTQtMS45NzY1NjItMy4zMDQ2ODgtNy4yNjE3MTgtNS4yODUxNTYtMTUuMTgzNTkzLTkuMjUzOTA2em0wIDAiIGZpbGwtcnVsZT0iZXZlbm9kZCIgZmlsbD0iI2ZmZmZmZiIgZGF0YS1vcmlnaW5hbD0iIzAwMDAwMCIgY2xhc3M9IiI+PC9wYXRoPjwvZz48L3N2Zz4=' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://ecard.ajmanbank.ae https://fonts.gstatic.com/ https://code.jquery.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block