accounts.ecrsbackup.com Open in urlscan Pro
34.202.65.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ecrsbackup.com/
Effective URL:
https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5
Submission: On May 22 via api (May 22nd 2024, 4:41:02 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 10 HTTP transactions. The main IP is 34.202.65.44, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is accounts.ecrsbackup.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 2nd 2023. Valid for: a year.

This is the only time accounts.ecrsbackup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	96.45.83.201 96.45.83.201	16552 (TIGGEE) (TIGGEE)
4 5	34.202.65.44 34.202.65.44	14618 (AMAZON-AES) (AMAZON-AES)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
3	18.66.192.105 18.66.192.105	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:26d... 2600:9000:26db:2000:11:4a29:cbc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:200... 2a04:4e42:200::347	54113 (FASTLY) (FASTLY)
10	5

1 96.45.83.201 (United States) 1 redirects

ASN16552 (TIGGEE, US)
PTR: redirection.dnsmadeeasy.com

ecrsbackup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.202.65.44 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-65-44.compute-1.amazonaws.com

www.ecrsbackup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hydra.servosity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.servosity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.ecrsbackup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.192.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-105.muc50.r.cloudfront.net

static.s7y.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26db:2000:11:4a29:cbc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

code.sorryapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::347 (United States)

ASN54113 (FASTLY, US)

ro-api.sorryapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	sorryapp.com code.sorryapp.com — Cisco Umbrella Rank: 329481 ro-api.sorryapp.com — Cisco Umbrella Rank: 270339	91 KB
4	ecrsbackup.com 3 redirects ecrsbackup.com — Cisco Umbrella Rank: 516416 www.ecrsbackup.com accounts.ecrsbackup.com	4 KB
3	s7y.co static.s7y.co	20 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	63 KB
2	servosity.com 2 redirects hydra.servosity.com accounts.servosity.com	712 B
10	5

	Domain	Requested by
3	static.s7y.co	accounts.ecrsbackup.com
2	ro-api.sorryapp.com	code.sorryapp.com
2	code.sorryapp.com	accounts.ecrsbackup.com code.sorryapp.com
2	cdn.jsdelivr.net	accounts.ecrsbackup.com
2	www.ecrsbackup.com	2 redirects
1	accounts.ecrsbackup.com
1	accounts.servosity.com	1 redirects
1	hydra.servosity.com	1 redirects
1	ecrsbackup.com	1 redirects
10	9

This site contains links to these domains. Also see Links.

Domain
www.ecrsbackup.com

Subject Issuer	Validity	Valid
ecrsbackup.com Amazon RSA 2048 M01	`2023-10-02` - `2024-10-30`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
s7y.co Amazon RSA 2048 M02	`2024-04-08` - `2025-05-07`	a year	crt.sh
sorryapp.com Amazon RSA 2048 M02	`2023-09-10` - `2024-10-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5
Frame ID: 5EBA3AB8656544EFEA041659D85E5ECF
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ECRS

Page URL History Show full URLs

http://ecrsbackup.com/ HTTP 307
https://ecrsbackup.com/ HTTP 302
https://www.ecrsbackup.com/ HTTP 302
https://www.ecrsbackup.com/login/ HTTP 302
https://hydra.servosity.com/oauth2/auth?state=21334240b1e18dacd5b2767449375329&scope=openid&response_typ... HTTP 302
https://accounts.servosity.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5 HTTP 302
https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5 Page URL

Detected technologies

Bulma (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+bulma(?:\.min)?\.css

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

9
Subdomains

5
IPs

1
Countries

179 kB
Transfer

595 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ecrsbackup.com/send-password/
Title: Forgot your password?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ecrsbackup.com/ HTTP 307
https://ecrsbackup.com/ HTTP 302
https://www.ecrsbackup.com/ HTTP 302
https://www.ecrsbackup.com/login/ HTTP 302
https://hydra.servosity.com/oauth2/auth?state=21334240b1e18dacd5b2767449375329&scope=openid&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fwww.ecrsbackup.com%2Flogin%2F&client_id=d2a9af31-cadb-4cf2-878c-b306a3e69f35 HTTP 302
https://accounts.servosity.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5 HTTP 302
https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
accounts.ecrsbackup.com/o/login/
Redirect Chain

http://ecrsbackup.com/
https://ecrsbackup.com/
https://www.ecrsbackup.com/
https://www.ecrsbackup.com/login/
https://hydra.servosity.com/oauth2/auth?state=21334240b1e18dacd5b2767449375329&scope=openid&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fwww.ecrsbackup.com%2Flogin%2F&client_i...
https://accounts.servosity.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5
https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5

3 KB
3 KB

308ms
286ms

Document
text/html

34.202.65.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.65.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-65-44.compute-1.amazonaws.com

Software

daphne /

Resource Hash

1e05f66c9c471b0d8766bfb5086c2c116c2e72309e7c0a80997731de781fbb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-length: 3127
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 22 May 2024 16:40:57 GMT
referrer-policy: same-origin
server: daphne
vary: Cookie, Origin
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 22 May 2024 16:40:57 GMT
location: https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5
referrer-policy: same-origin
server: daphne
vary: Cookie, Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 bulma.min.css
cdn.jsdelivr.net/npm/bulma@0.9.0/css/ 196 KB
28 KB 346ms
43ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bulma@0.9.0/css/bulma.min.css

Requested by

Host: accounts.ecrsbackup.com
URL: https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

68f78afcdf081e91ecbcf0427f8f6254a31dbac7e86caa36a3117c951aee5898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 16:40:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 642053
x-jsd-version: 0.9.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28703
x-served-by: cache-fra-etou8220157-FRA
x-jsd-version-type: version
etag: W/"30ebd-9HuFkF9/asdOiZY761mVkweDerQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ecrs-logo-61fd5da7.png
static.s7y.co/ 15 KB
16 KB 774ms
465ms Image
image/png 18.66.192.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.s7y.co/ecrs-logo-61fd5da7.png
Requested by: Host: accounts.ecrsbackup.com
URL: https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-105.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61fd5da72ebfe9ded8785ca0947b0a1a489712e941b646b82139cfa2ad9a6665

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 16:40:59 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 18:26:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
etag: "0f9ba0d1db21ffd99707537cdf72ebe1"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15853
x-amz-cf-id: Sy4CReJiR_CSRNsD6I4vFmuO_Ko9CI5W1EluCEZ-meBtjn6skEFo8Q==

GET
H2 200 vue@2.6.11 Show response
cdn.jsdelivr.net/npm/ 91 KB
35 KB 325ms
23ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.6.11

Requested by

Host: accounts.ecrsbackup.com
URL: https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 16:40:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 138185
x-jsd-version: 2.6.11
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 35673
x-served-by: cache-fra-etou8220157-FRA
x-jsd-version-type: version
etag: W/"16de6-q9I58ClmstMksFEsIDvbr4Kk7Xo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 form.f8376ad103e4.js Show response
static.s7y.co/identity_provider/ 192 B
525 B 334ms
46ms Script
text/javascript 18.66.192.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.s7y.co/identity_provider/form.f8376ad103e4.js
Requested by: Host: accounts.ecrsbackup.com
URL: https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-105.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8bbe6584b24e367a1c13b5d6f3f25f4f0178497e866d77d18b53d4c8e5c21bbf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 20:44:43 GMT
content-encoding: gzip
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 18:54:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 158176
etag: "8c2c83140a5e73755f1b7846a6ea83a9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 149
x-amz-cf-id: 2Zw-l7Gh4NHXK5NS1sT5jvRdC3oCvN92haxG2Zjip383P88-cuFiHA==

GET
H2 200 status-bar.min.js Show response
code.sorryapp.com/status-bar/4.latest/ 280 KB
89 KB 313ms
30ms Script
application/javascript 2600:9000:26db:2000:11:4a29:cbc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sorryapp.com/status-bar/4.latest/status-bar.min.js
Requested by: Host: accounts.ecrsbackup.com
URL: https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:2000:11:4a29:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4917ed90be23dd358bc896cb187baedda23ad85a68ab4a28ed54028181b8c87

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 06:10:40 GMT
content-encoding: gzip
via: 1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified: Mon, 18 Dec 2023 10:24:27 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 37849
x-amz-server-side-encryption: AES256
etag: W/"d90fe6a1b08a07dcadfe1fe94530f565"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: EgY6_lu5bV7hGXGiD_cQ73qlYT1-FQ6f-8xvMbkMZjVFuMRgJDCyjg==

GET
H2 200 15fc8b08 Show response
ro-api.sorryapp.com/v1/pages/ 1 KB
1 KB 172ms
171ms XHR
application/json 2a04:4e42:200::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ro-api.sorryapp.com/v1/pages/15fc8b08?include=brand%2Cnotices%2Cnotices.updates&filter%5Bnotices%5D%5Btimeline_state_in%5D%5B%5D=future&filter%5Bnotices%5D%5Btimeline_state_in%5D%5B%5D=present&filter%5Bnotices%5D%5Btype_in%5D%5B%5D=&filter%5Bnotices%5D%5Bcomponents_id_or_components_descendant_hierarchies_descendant_id_or_components_ancestor_hierarchies_ancestor_id_in%5D%5B%5D=

Requested by

Host: code.sorryapp.com
URL: https://code.sorryapp.com/status-bar/4.latest/status-bar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

cec7898b53619e22a96d5c3f7d5a4595edb80f18f3a5e40b33ddc496a4895f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Plugin-Ping: status-bar
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 16:40:59 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-cache: MISS, HIT, MISS
content-length: 568
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716393804&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=v2n%2F2TESBg8piGK21DvOfxiyMOsp1rGbrmj2foQsCPI%3D
x-request-id: 7438e190-2e66-48b9-9919-84b840828e44
x-served-by: cache-lga21983-LGA, cache-lga21968-LGA, cache-fra-etou8220125-FRA
x-runtime: 0.036389
server: Cowboy
x-timer: S1716396059.981327,VS0,VE150
etag: W/"7f99696fe3019fa8e32437145c1ef9fe"
access-control-max-age: 3600
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716393804&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=v2n%2F2TESBg8piGK21DvOfxiyMOsp1rGbrmj2foQsCPI%3D"}]}
access-control-expose-headers
cache-control: max-age=0, public, must-revalidate, s-maxage=600
vary: Accept, Origin, Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0, 0, 0

OPTIONS
H2 200 15fc8b08
ro-api.sorryapp.com/v1/pages/ 0
0 191ms
134ms Preflight 2a04:4e42:200::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; block-all-mixed-content; frame-ancestors 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; upgrade-insecure-requests; report-uri https://f08c81a681d074ab5fd23f897fe43f29.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-plugin-ping
Access-Control-Request-Method: GET
Origin: https://accounts.ecrsbackup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-plugin-ping
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 3600
content-security-policy: base-uri 'none'; block-all-mixed-content; frame-ancestors 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; upgrade-insecure-requests; report-uri https://f08c81a681d074ab5fd23f897fe43f29.report-uri.com/r/d/csp/enforce
date: Wed, 22 May 2024 16:40:58 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716396058&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=q4GrvfWvSIzlv27m5QCwnkQynRqZfBOaEB%2BmJcxOtNs%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716396058&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=q4GrvfWvSIzlv27m5QCwnkQynRqZfBOaEB%2BmJcxOtNs%3D
server: Cowboy
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-served-by: cache-lga21932-LGA, cache-lga21956-LGA, cache-fra-etou8220125-FRA
x-timer: S1716396059.845399,VS0,VE110
x-xss-protection: 1; mode=block

GET
H2 200 servosity-logo-sqare-64-23eaa09f.png
static.s7y.co/ 4 KB
4 KB 38ms
36ms Other
image/png 18.66.192.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.s7y.co/servosity-logo-sqare-64-23eaa09f.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-105.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23eaa09fc592d779b8a06e17d586b48e397f84f1a9518a9992c2f5cd216d281f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 20:44:43 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Thu, 12 Nov 2020 14:38:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 158176
etag: "9c33ad7bceb2d36172e528c0eca9d1b6"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3811
x-amz-cf-id: BkxT3NLbtF7Fdm5CCFCzVUpwKui1RWWviMy04EsAxn13xlYBsvnhaA==

GET
H2 200 status-bar.min.css
code.sorryapp.com/status-bar/4.latest/ 4 KB
2 KB 26ms
26ms Stylesheet
text/css 2600:9000:26db:2000:11:4a29:cbc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sorryapp.com/status-bar/4.latest/status-bar.min.css
Requested by: Host: code.sorryapp.com
URL: https://code.sorryapp.com/status-bar/4.latest/status-bar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:2000:11:4a29:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02076197fcf7ea69355ec16d78a5bfff0c0dfb08837f6f9fa4b7a580319ec6a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 00:49:58 GMT
content-encoding: gzip
via: 1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified: Mon, 18 Dec 2023 10:24:27 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 57394
x-amz-server-side-encryption: AES256
etag: W/"109ae7fad0ad247f082372398bae274f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: wTz78NFuuw-WaRmkAwHaq1z2G0mk83G9b-WMI1V0MYzKVzicYAjbdg==

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Vue object| vm object| sorryStatusBar

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ecrsbackup.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bofpfqmjt6nukjbkhl02m1a4ae
hydra.servosity.com/	1969-12-31 23:59:59	Name: oauth2_authentication_csrf Value: MTcxNjM5NjA1N3xEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJR0kwTTJKbE1EVTRZemczT1RSaVkySTRPRFkzTldRMll6TTBaR1psTVRKaXyZybJ5Vk1SoJyr1YCXWVmIxoRxXCbG7XsssVag7AZQTw==
accounts.servosity.com/	1970-01-20 21:06:45	Name: sessionid Value: y5bksmarwjtamv38xeou111oxh6mugv1
accounts.ecrsbackup.com/	1970-01-21 05:30:45	Name: csrftoken Value: kMQ5xVGT0GM9T9KbjcE2aHJsaPD3EZEb
accounts.ecrsbackup.com/	1970-01-20 21:06:45	Name: sessionid Value: c2d6ov334mvgo025g09ne086oiyhoho8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://accounts.ecrsbackup.com/o/login/?login_challenge=7b51e85e18c64848afc67de785db70e5 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.ecrsbackup.com
accounts.servosity.com
cdn.jsdelivr.net
code.sorryapp.com
ecrsbackup.com
hydra.servosity.com
ro-api.sorryapp.com
static.s7y.co
www.ecrsbackup.com
18.66.192.105
2600:9000:26db:2000:11:4a29:cbc0:93a1
2a04:4e42:200::347
2a04:4e42:600::485
34.202.65.44
96.45.83.201
1e05f66c9c471b0d8766bfb5086c2c116c2e72309e7c0a80997731de781fbb3a
23eaa09fc592d779b8a06e17d586b48e397f84f1a9518a9992c2f5cd216d281f
61fd5da72ebfe9ded8785ca0947b0a1a489712e941b646b82139cfa2ad9a6665
68f78afcdf081e91ecbcf0427f8f6254a31dbac7e86caa36a3117c951aee5898
8bbe6584b24e367a1c13b5d6f3f25f4f0178497e866d77d18b53d4c8e5c21bbf
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
b4917ed90be23dd358bc896cb187baedda23ad85a68ab4a28ed54028181b8c87
cec7898b53619e22a96d5c3f7d5a4595edb80f18f3a5e40b33ddc496a4895f62
f02076197fcf7ea69355ec16d78a5bfff0c0dfb08837f6f9fa4b7a580319ec6a

accounts.ecrsbackup.com Open in urlscan Pro 34.202.65.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

5 Domains

9 Subdomains

5 IPs

1 Countries

179 kBTransfer

595 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

5 Cookies

1 Console Messages

Security Headers

Indicators

accounts.ecrsbackup.com Open in urlscan Pro
34.202.65.44 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

9
Subdomains

5
IPs

1
Countries

179 kB
Transfer

595 kB
Size

5
Cookies

10 HTTP transactions
0 data transactions