recovery2.ross.dev.sidecar.ninja Open in urlscan Pro
2a09:8280:1::15:c7e0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://recovery2.ross.dev.sidecar.ninja/
Submission: On August 17 via automatic, source certstream-suspicious (August 17th 2024, 12:50:00 pm UTC) — Scanned from DE

Summary HTTP 13 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2a09:8280:1::15:c7e0, located in United States and belongs to FLY, US. The main domain is recovery2.ross.dev.sidecar.ninja.
TLS certificate: Issued by E6 on June 18th 2024. Valid for: 3 months.

This is the only time recovery2.ross.dev.sidecar.ninja was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
12	2a09:8280:1::... 2a09:8280:1::15:c7e0		40509 (FLY) (FLY)
13	2

12 2a09:8280:1::15:c7e0 (United States)

ASN40509 (FLY, US)

recovery2.ross.dev.sidecar.ninja	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us.static.ross.nametagdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ross.nametagdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	nametagdev.com us.static.ross.nametagdev.com ross.nametagdev.com	1 MB
2	sidecar.ninja recovery2.ross.dev.sidecar.ninja	48 KB
13	2

	Domain	Requested by
5	ross.nametagdev.com	us.static.ross.nametagdev.com
5	us.static.ross.nametagdev.com	recovery2.ross.dev.sidecar.ninja us.static.ross.nametagdev.com
2	recovery2.ross.dev.sidecar.ninja
13	3

This site contains links to these domains. Also see Links.

Domain
getnametag.com

Subject Issuer	Validity	Valid
recovery2.ross.dev.sidecar.ninja E6	`2024-06-18` - `2024-09-16`	3 months	crt.sh
us.static.ross.nametagdev.com E6	`2024-08-17` - `2024-11-15`	3 months	crt.sh
ross.nametagdev.com E6	`2024-08-17` - `2024-11-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://recovery2.ross.dev.sidecar.ninja/
Frame ID: 07FB6BA932829B812C67351BBC210309
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Not Found | Nametag

Page Statistics

13
Requests

92 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

1445 kB
Transfer

6160 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://getnametag.com/help
Title: Need help?

Search URL Search Domain Scan URL

URL: https://getnametag.com/about
Title: Company

Search URL Search Domain Scan URL

URL: https://getnametag.com/terms
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://getnametag.com/privacy
Title: Privacy policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
recovery2.ross.dev.sidecar.ninja/ 2 KB
1 KB 938ms
583ms Document
text/html 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://recovery2.ross.dev.sidecar.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

e65c758b1945b62d4503388d9740c294115f00eb2254124c01db6d1c0a38e4ca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; object-src 'none'; report-uri https://ross.nametagdev.com/_csp_report; script-src 'nonce-IiQ1gF7Vm08FIGEIF3fjvJ6nCUH_HBgN' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:; upgrade-insecure-requests
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 997
content-security-policy: base-uri 'none'; object-src 'none'; report-uri https://ross.nametagdev.com/_csp_report; script-src 'nonce-IiQ1gF7Vm08FIGEIF3fjvJ6nCUH_HBgN' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:; upgrade-insecure-requests
content-type: text/html
date: Sat, 17 Aug 2024 12:49:54 GMT
expires: -1
fly-request-id: 01J5G6674SF2Z03E9F5FXP503N-fra
referrer-policy: strict-origin-when-cross-origin
server: Fly/f8a8cc0dd (2024-08-15)
strict-transport-security: max-age=16070400; includeSubDomains
vary: Accept-Encoding
via: 2 fly.io
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-region: us
x-trace: ntbug.com/ntdevross/4333aac2be20c943fec2b3b6b23c0ea7

GET
H2 200 oauth-index-U6FKI37N.js Show response
us.static.ross.nametagdev.com/static/js/ 3 MB
549 KB 339ms
286ms Script
application/javascript 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://us.static.ross.nametagdev.com/static/js/oauth-index-U6FKI37N.js

Requested by

Host: recovery2.ross.dev.sidecar.ninja
URL: https://recovery2.ross.dev.sidecar.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

080ffcccec6c76d9d77119cefc21d002daee7ccff5ade93ca08ae8c2074b2bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://recovery2.ross.dev.sidecar.ninja/
Origin: https://recovery2.ross.dev.sidecar.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 12:49:54 GMT
content-encoding: gzip
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
x-region: us
last-modified: Sat, 17 Aug 2024 12:44:04 GMT
server: Fly/f8a8cc0dd (2024-08-15)
fly-request-id: 01J5G667RSWRGW6RJ8YF8W1BE8-fra
x-trace: ntbug.com/ntdevross/61ccd2699d9b826536bec717806989f1
etag: W/"2db93f-191605dc804"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 oauth-index-Q2Q43Z45.css
us.static.ross.nametagdev.com/static/css/ 3 MB
537 KB 333ms
280ms Stylesheet
text/css 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://us.static.ross.nametagdev.com/static/css/oauth-index-Q2Q43Z45.css

Requested by

Host: recovery2.ross.dev.sidecar.ninja
URL: https://recovery2.ross.dev.sidecar.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

ddb7f99382efb98bac76d8e613f2a67cb270c5891c7032c92039d74f8fd12544

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://recovery2.ross.dev.sidecar.ninja/
Origin: https://recovery2.ross.dev.sidecar.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 12:49:54 GMT
content-encoding: gzip
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
x-region: us
last-modified: Sat, 17 Aug 2024 12:44:04 GMT
server: Fly/f8a8cc0dd (2024-08-15)
fly-request-id: 01J5G667RS1KN7Z9GT85P95G5F-fra
x-trace: ntbug.com/ntdevross/a484fb6b1c59ef516bb9e68cd1b02567
etag: W/"28b647-191605dc805"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 browser-sync-client.js Show response
us.static.ross.nametagdev.com/browser-sync/ 184 KB
48 KB 207ms
166ms Script
text/javascript 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://us.static.ross.nametagdev.com/browser-sync/browser-sync-client.js?v=2.27.9

Requested by

Host: recovery2.ross.dev.sidecar.ninja
URL: https://recovery2.ross.dev.sidecar.ninja/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

1faf14b147478e97fcfc170a009e310358e82f4a53d0d3d84f43da329844caae

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://recovery2.ross.dev.sidecar.ninja/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 12:49:55 GMT
content-encoding: gzip
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
x-region: us
content-length: 48716
fly-request-id: 01J5G668Q3QC2XGQHQ33ENSW45-fra
server: Fly/f8a8cc0dd (2024-08-15)
x-trace: ntbug.com/ntdevross/2943b919b7dac8ace4477ad846b51150
etag: "2df54-Y8syb6tVLJvhDzGiSw/AGGe27CE"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 Nunito-VariableFont_wght-4GDJ7NBH.woff2
us.static.ross.nametagdev.com/static/woff2/ 99 KB
99 KB 153ms
152ms Font
application/font-woff2 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://us.static.ross.nametagdev.com/static/woff2/Nunito-VariableFont_wght-4GDJ7NBH.woff2

Requested by

Host: us.static.ross.nametagdev.com
URL: https://us.static.ross.nametagdev.com/static/css/oauth-index-Q2Q43Z45.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

7c2c9e9a5e9ae5b4685c79a5003816470b02505817284e897c8cc6bf01d67b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://us.static.ross.nametagdev.com/static/css/oauth-index-Q2Q43Z45.css
Origin: https://recovery2.ross.dev.sidecar.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 12:49:55 GMT
content-encoding: gzip
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
x-region: us
last-modified: Sat, 17 Aug 2024 12:44:04 GMT
server: Fly/f8a8cc0dd (2024-08-15)
fly-request-id: 01J5G668TM9JF7NDGRC92FJY6G-fra
x-trace: ntbug.com/ntdevross/3881fe7d6ea2849dbd5bbda928b7ffd4
etag: W/"18a6c-191605dc803"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 remixicon-6VMBZLM6.woff2
us.static.ross.nametagdev.com/static/woff2/ 162 KB
161 KB 151ms
151ms Font
application/font-woff2 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://us.static.ross.nametagdev.com/static/woff2/remixicon-6VMBZLM6.woff2?t=1718271040674

Requested by

Host: us.static.ross.nametagdev.com
URL: https://us.static.ross.nametagdev.com/static/css/oauth-index-Q2Q43Z45.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

00e20f1912b610fd476c271b80e2d76d107790539119482c9e90f207ddd606b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://us.static.ross.nametagdev.com/static/css/oauth-index-Q2Q43Z45.css
Origin: https://recovery2.ross.dev.sidecar.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 12:49:55 GMT
content-encoding: gzip
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
x-region: us
last-modified: Sat, 17 Aug 2024 12:44:04 GMT
server: Fly/f8a8cc0dd (2024-08-15)
fly-request-id: 01J5G668TMMTZX4QTKCSKV39MZ-fra
x-trace: ntbug.com/ntdevross/484711a39b7ef8f8f90750f8d0a2879b
etag: W/"28640-191605dc7fb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 / Show response
ross.nametagdev.com/browser-sync/socket.io/ 117 B
506 B 427ms
274ms XHR
text/plain 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ross.nametagdev.com/browser-sync/socket.io/?EIO=4&transport=polling&t=P5WOoEy

Requested by

Host: us.static.ross.nametagdev.com
URL: https://us.static.ross.nametagdev.com/browser-sync/browser-sync-client.js?v=2.27.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

314ebad5d0a9bdb9e09b0887b2b34d29c9fa7600533a4f94e00348c6a9b99849

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Referer: https://recovery2.ross.dev.sidecar.ninja/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 12:49:55 GMT
content-encoding: zstd
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
fly-request-id: 01J5G66931DEKS2RQ4KDH4PRGM-fra
server: Fly/f8a8cc0dd (2024-08-15)
x-trace: ntbug.com/ntdevross/1cd0e7c4b3b25417741a0435a58a13c0
access-control-max-age: 90
access-control-allow-methods: Get
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://recovery2.ross.dev.sidecar.ninja
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
x-region: us
access-control-allow-headers: X-User-Agent

GET
H2 200 favicon.ico
recovery2.ross.dev.sidecar.ninja/ 176 KB
47 KB 404ms
403ms Other
image/x-icon 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://recovery2.ross.dev.sidecar.ninja/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

9911ae2ff15a952c099fd1b121314f1c3d967d5afb38ed4905291fb61310d3a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://recovery2.ross.dev.sidecar.ninja/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 12:49:56 GMT
content-encoding: gzip
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Sat, 17 Aug 2024 12:44:03 GMT
server: Fly/f8a8cc0dd (2024-08-15)
fly-request-id: 01J5G6692586QHQB0QA2XJGHP8-fra
x-trace: ntbug.com/ntdevross/8752448e97691a70cd6ee452df58f7fb
etag: sha256-mRGuL_FalSwJn9GxITFPHD2WfVr7OO1JBSkfthMQ06Y=
vary: Accept-Encoding
content-type: image/x-icon
x-region: us
accept-ranges: bytes

POST
H2 200 / Show response
ross.nametagdev.com/browser-sync/socket.io/ 2 B
158 B 161ms
160ms XHR
text/html 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ross.nametagdev.com/browser-sync/socket.io/?EIO=4&transport=polling&t=P5WOoLh&sid=pevUx0E8DmiP87NkAAAA

Requested by

Host: us.static.ross.nametagdev.com
URL: https://us.static.ross.nametagdev.com/browser-sync/browser-sync-client.js?v=2.27.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Referer: https://recovery2.ross.dev.sidecar.ninja/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Aug 2024 12:49:56 GMT
content-encoding: zstd
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
fly-request-id: 01J5G669BPP19YV17G3RPK4ARS-fra
server: Fly/f8a8cc0dd (2024-08-15)
x-trace: ntbug.com/ntdevross/acf808c672447ab97faaf8dff0bc23c4
access-control-max-age: 90
access-control-allow-methods: Get
content-type: text/html
access-control-allow-origin: https://recovery2.ross.dev.sidecar.ninja
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
x-region: us
access-control-allow-headers: X-User-Agent

GET
H2 200 / Show response
ross.nametagdev.com/browser-sync/socket.io/ 5 KB
2 KB 163ms
163ms XHR
application/octet-stream 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ross.nametagdev.com/browser-sync/socket.io/?EIO=4&transport=polling&t=P5WOoLi&sid=pevUx0E8DmiP87NkAAAA

Requested by

Host: us.static.ross.nametagdev.com
URL: https://us.static.ross.nametagdev.com/browser-sync/browser-sync-client.js?v=2.27.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

33bd9988caddca45560e1cca712b3b1fb72f89282fd8a028b9ede2f2d022bd8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Referer: https://recovery2.ross.dev.sidecar.ninja/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 12:49:56 GMT
content-encoding: gzip
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
x-region: us
content-length: 2072
fly-request-id: 01J5G669BQQJMZ36FWKN96G9PQ-fra
server: Fly/f8a8cc0dd (2024-08-15)
x-trace: ntbug.com/ntdevross/2510f615f1fd24128f68f31bb6d4da88
access-control-max-age: 90
access-control-allow-methods: Get
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://recovery2.ross.dev.sidecar.ninja
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
access-control-allow-headers: X-User-Agent

GET /
ross.nametagdev.com/browser-sync/socket.io/ 0
0

POST
H2 200 / Show response
ross.nametagdev.com/browser-sync/socket.io/ 2 B
127 B 193ms
191ms XHR
text/html 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ross.nametagdev.com/browser-sync/socket.io/?EIO=4&transport=polling&t=P5WOoOJ&sid=pevUx0E8DmiP87NkAAAA

Requested by

Host: us.static.ross.nametagdev.com
URL: https://us.static.ross.nametagdev.com/browser-sync/browser-sync-client.js?v=2.27.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Referer: https://recovery2.ross.dev.sidecar.ninja/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Aug 2024 12:49:56 GMT
content-encoding: zstd
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
fly-request-id: 01J5G669GYXH60KHKQ08KKGM3B-fra
server: Fly/f8a8cc0dd (2024-08-15)
x-trace: ntbug.com/ntdevross/5d7061306c71c6baff8317ca64c377d5
access-control-max-age: 90
access-control-allow-methods: Get
content-type: text/html
access-control-allow-origin: https://recovery2.ross.dev.sidecar.ninja
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
x-region: us
access-control-allow-headers: X-User-Agent

POST
H2 400 / Show response
ross.nametagdev.com/browser-sync/socket.io/ 41 B
202 B 163ms
161ms XHR
application/json 2a09:8280:1::15:c7e0
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ross.nametagdev.com/browser-sync/socket.io/?EIO=4&transport=polling&t=P5WOpTo&sid=pevUx0E8DmiP87NkAAAA

Requested by

Host: us.static.ross.nametagdev.com
URL: https://us.static.ross.nametagdev.com/browser-sync/browser-sync-client.js?v=2.27.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::15:c7e0 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/f8a8cc0dd (2024-08-15) /

Resource Hash

8acac48bc106c4eae580c08071597f9dafab96d959deff65bec44514da907b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Referer: https://recovery2.ross.dev.sidecar.ninja/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Aug 2024 12:50:00 GMT
content-encoding: zstd
via: 2 fly.io
strict-transport-security: max-age=16070400; includeSubDomains
fly-request-id: 01J5G66DVX9G5Y2ZB3F3JQ8YSE-fra
server: Fly/f8a8cc0dd (2024-08-15)
x-trace: ntbug.com/ntdevross/30f51766cc5fbc35b2c97459fe7b702a
access-control-max-age: 90
access-control-allow-methods: Get
content-type: application/json
access-control-allow-origin: https://recovery2.ross.dev.sidecar.ninja
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
x-region: us
access-control-allow-headers: X-User-Agent

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ross.nametagdev.com
URL: https://ross.nametagdev.com/browser-sync/socket.io/?EIO=4&transport=polling&t=P5WOoOH&sid=pevUx0E8DmiP87NkAAAA

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion object| ___browserSync___

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	warning	URL: https://us.static.ross.nametagdev.com/browser-sync/browser-sync-client.js?v=2.27.9(Line 8) Message: WebSocket connection to 'wss://ross.nametagdev.com/browser-sync/socket.io/?EIO=4&transport=websocket&sid=pevUx0E8DmiP87NkAAAA' failed: WebSocket is closed before the connection is established.
network	error	URL: https://ross.nametagdev.com/browser-sync/socket.io/?EIO=4&transport=polling&t=P5WOpTo&sid=pevUx0E8DmiP87NkAAAA Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'none'; object-src 'none'; report-uri https://ross.nametagdev.com/_csp_report; script-src 'nonce-IiQ1gF7Vm08FIGEIF3fjvJ6nCUH_HBgN' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:; upgrade-insecure-requests
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

recovery2.ross.dev.sidecar.ninja
ross.nametagdev.com
us.static.ross.nametagdev.com
ross.nametagdev.com
2a09:8280:1::15:c7e0
00e20f1912b610fd476c271b80e2d76d107790539119482c9e90f207ddd606b6
080ffcccec6c76d9d77119cefc21d002daee7ccff5ade93ca08ae8c2074b2bf5
1faf14b147478e97fcfc170a009e310358e82f4a53d0d3d84f43da329844caae
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
314ebad5d0a9bdb9e09b0887b2b34d29c9fa7600533a4f94e00348c6a9b99849
33bd9988caddca45560e1cca712b3b1fb72f89282fd8a028b9ede2f2d022bd8e
7c2c9e9a5e9ae5b4685c79a5003816470b02505817284e897c8cc6bf01d67b3f
8acac48bc106c4eae580c08071597f9dafab96d959deff65bec44514da907b1d
9911ae2ff15a952c099fd1b121314f1c3d967d5afb38ed4905291fb61310d3a6
ddb7f99382efb98bac76d8e613f2a67cb270c5891c7032c92039d74f8fd12544
e65c758b1945b62d4503388d9740c294115f00eb2254124c01db6d1c0a38e4ca

recovery2.ross.dev.sidecar.ninja Open in urlscan Pro 2a09:8280:1::15:c7e0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

92 %HTTPS

100 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

1445 kBTransfer

6160 kBSize

0 Cookies

4 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

recovery2.ross.dev.sidecar.ninja Open in urlscan Pro
2a09:8280:1::15:c7e0 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

1445 kB
Transfer

6160 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions