urlscan.io logo urlscan.io
SecurityTrails logo

recovery.sidecar.ninja Open in urlscan Pro
2a09:8280:1::69:ca6e  Public Scan

Go To Rescan Add Verdict Report
URL: https://recovery.sidecar.ninja/
Submission: On March 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 2a09:8280:1::69:ca6e, located in United States and belongs to FLY, US. The main domain is recovery.sidecar.ninja.
TLS certificate: Issued by R3 on March 4th 2024. Valid for: 3 months.
This is the only time recovery.sidecar.ninja was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2a09:8280:1::... 40509 (FLY)
5 1
Apex Domain
Subdomains		 Transfer
4 nametag.co
eu.static.nametag.co
nametag.co
966 KB
1 sidecar.ninja
recovery.sidecar.ninja
2 KB
5 2
Domain Requested by
3 eu.static.nametag.co recovery.sidecar.ninja
eu.static.nametag.co
1 nametag.co recovery.sidecar.ninja
1 recovery.sidecar.ninja
5 3

This site contains links to these domains. Also see Links.

Domain
getnametag.com
Subject Issuer Validity Valid
recovery.sidecar.ninja
R3		 2024-03-04 -
2024-06-02		 3 months crt.sh
eu.static.nametag.co
R3		 2024-02-20 -
2024-05-20		 3 months crt.sh
nametag.co
R3		 2024-02-20 -
2024-05-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://recovery.sidecar.ninja/
Frame ID: BF9E79CFC333032D7DE03AF2F0335117
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nametag

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

968 kB
Transfer

3478 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
recovery.sidecar.ninja/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://recovery.sidecar.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::69:ca6e , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/17ce28b7 (2024-03-02) /
Resource Hash
e5f44a8aceaaa53a10ee97468e1e34361e5988222630c67ad681f5a44c0de206
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; object-src 'none'; report-uri https://nametag.co/_csp_report; script-src 'nonce-qJiyiRMVxXhTWnMP9NZBHORrEeXmAPbY' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
br
content-security-policy
base-uri 'none'; object-src 'none'; report-uri https://nametag.co/_csp_report; script-src 'nonce-qJiyiRMVxXhTWnMP9NZBHORrEeXmAPbY' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:; upgrade-insecure-requests
content-type
text/html
date
Mon, 04 Mar 2024 19:56:28 GMT
expires
-1
fly-request-id
01HR5GM01BFB89X14HSFJQK51T-ams
referrer-policy
strict-origin-when-cross-origin
server
Fly/17ce28b7 (2024-03-02)
via
2 fly.io
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-trace
ntbug.com/eb261b3db72e69e61ae310ccfbab168b ntbug.com/eb261b3db72e69e61ae310ccfbab168b
recovery-index-FRGSQYLR.js
eu.static.nametag.co/static/js/ 		837 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.static.nametag.co/static/js/recovery-index-FRGSQYLR.js
Requested by
Host: recovery.sidecar.ninja
URL: https://recovery.sidecar.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::69:ca6e , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/17ce28b7 (2024-03-02) /
Resource Hash
69ed281e5add53b79051c3e009553141baf80fdb520c53cf85fb9d638f63643c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://recovery.sidecar.ninja/
Origin
https://recovery.sidecar.ninja
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-encoding
gzip
via
2 fly.io
date
Mon, 04 Mar 2024 19:56:28 GMT
x-nametag-origin
static
x-region
eu
fly-request-id
01HR5GM0BJ900KK4DSN7WHNKT8-ams
server
Fly/17ce28b7 (2024-03-02)
x-trace
ntbug.com/2b629bf3cb9ac115cc2711b69b72c6ff
access-control-max-age
90
access-control-allow-methods
Get
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://recovery.sidecar.ninja
cache-control
max-age=31536000
vary
Origin, Accept, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
X-User-Agent
recovery-index-WGQ2B7QK.css
eu.static.nametag.co/static/css/ 		2 MB
506 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu.static.nametag.co/static/css/recovery-index-WGQ2B7QK.css
Requested by
Host: recovery.sidecar.ninja
URL: https://recovery.sidecar.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::69:ca6e , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/17ce28b7 (2024-03-02) /
Resource Hash
e0a7d42c40b71a759437cd15db60c6c2a05a1dd4dcc491cf729d4309d179deb3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://recovery.sidecar.ninja/
Origin
https://recovery.sidecar.ninja
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-encoding
gzip
via
2 fly.io
date
Mon, 04 Mar 2024 19:56:28 GMT
x-nametag-origin
static
x-region
eu
fly-request-id
01HR5GM0BJG62XC4SQZXPMNBM6-ams
server
Fly/17ce28b7 (2024-03-02)
x-trace
ntbug.com/b9ed95be554cb694758cedd9af1d30a1
access-control-max-age
90
access-control-allow-methods
Get
content-type
text/css; charset=utf-8
access-control-allow-origin
https://recovery.sidecar.ninja
cache-control
max-age=31536000
vary
Origin, Accept, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
X-User-Agent
Nunito-VariableFont_wght-4GDJ7NBH.woff2
eu.static.nametag.co/static/woff2/ 		99 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eu.static.nametag.co/static/woff2/Nunito-VariableFont_wght-4GDJ7NBH.woff2
Requested by
Host: eu.static.nametag.co
URL: https://eu.static.nametag.co/static/css/recovery-index-WGQ2B7QK.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::69:ca6e , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/17ce28b7 (2024-03-02) /
Resource Hash
7c2c9e9a5e9ae5b4685c79a5003816470b02505817284e897c8cc6bf01d67b3f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://eu.static.nametag.co/static/css/recovery-index-WGQ2B7QK.css
Origin
https://recovery.sidecar.ninja
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-encoding
gzip
via
2 fly.io
date
Mon, 04 Mar 2024 19:56:29 GMT
x-nametag-origin
static
x-region
eu
fly-request-id
01HR5GM0MC1S0VBW6K7CVAVNP6-ams
server
Fly/17ce28b7 (2024-03-02)
x-trace
ntbug.com/d67427ed1bc1f814ec674177bc906c92
access-control-max-age
90
access-control-allow-methods
Get
content-type
font/woff2
access-control-allow-origin
https://recovery.sidecar.ninja
cache-control
max-age=31536000
vary
Origin, Accept, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
X-User-Agent
acme.png
nametag.co/logos/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nametag.co/logos/acme.png
Requested by
Host: recovery.sidecar.ninja
URL: https://recovery.sidecar.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::69:ca6e , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/17ce28b7 (2024-03-02) /
Resource Hash
f4bbcbe04a628ce62065d6811fc81a3ef84b30f2efc7af2868f4aad6360f02b8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recovery.sidecar.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-encoding
gzip
via
2 fly.io
date
Mon, 04 Mar 2024 19:56:29 GMT
fly-request-id
01HR5GM0NR5PV6ZDTJVNV877Z3-ams
server
Fly/17ce28b7 (2024-03-02)
x-trace
ntbug.com/d4abf81f406e4df176ae8b0343c2c0c4
etag
sha256-9LvL4EpijOYgZdaBH8gaPvhLMPLvx68oaPSq1jYPArg=
vary
Accept-Encoding
content-type
image/png
x-region
eu
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'none'; object-src 'none'; report-uri https://nametag.co/_csp_report; script-src 'nonce-qJiyiRMVxXhTWnMP9NZBHORrEeXmAPbY' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN