return.co.de
Open in
urlscan Pro
95.143.172.224
Public Scan
Submitted URL: https://jwedel.uber.space/
Effective URL: http://return.co.de/
Submission: On December 30 via automatic, source certstream-suspicious
Effective URL: http://return.co.de/
Submission: On December 30 via automatic, source certstream-suspicious
Summary
This website contacted 6 IPs
in 3 countries
across 6 domains to perform 18 HTTP transactions.
The main IP is 95.143.172.224, located in
Germany and
belongs to RHTEC-AS rh-tec IP Backbone, DE.
The main domain is return.co.de.
This is the only time return.co.de was scanned on urlscan.io!
This is the only time return.co.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2a00:d0c0:200... 2a00:d0c0:200:0:b9:1a:9c:95 | 58010 (UVENSYS) (UVENSYS) | |
| 9 | 95.143.172.224 95.143.172.224 | 25560 (RHTEC-AS ...) (RHTEC-AS rh-tec IP Backbone) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 3 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2600:9000:214... 2600:9000:214f:f000:14:14d6:5ec0:21 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:817::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 18 | 6 |
9
95.143.172.224
(Germany)
ASN25560 (RHTEC-AS rh-tec IP Backbone, DE)
PTR: hercules.uberspace.de
ASN25560 (RHTEC-AS rh-tec IP Backbone, DE)
PTR: hercules.uberspace.de
| return.co.de |
1
2a00:1450:4001:819::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| ajax.googleapis.com |
3
2001:4de0:ac19::1:b:1a
(Netherlands)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
| stackpath.bootstrapcdn.com |
2
2a00:1450:4001:809::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.googleapis.com |
1
2600:9000:214f:f000:14:14d6:5ec0:21
(United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
| d2fltix0v2e0sb.cloudfront.net |
2
2a00:1450:4001:817::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.gstatic.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
co.de
return.co.de |
160 KB |
| 3 |
bootstrapcdn.com
stackpath.bootstrapcdn.com |
48 KB |
| 3 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
30 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
25 KB |
| 1 |
cloudfront.net
d2fltix0v2e0sb.cloudfront.net |
1 KB |
| 1 |
uber.space
1 redirects
jwedel.uber.space |
241 B |
| 18 | 6 |
| Domain | Requested by | |
|---|---|---|
| 9 | return.co.de |
return.co.de
|
| 3 | stackpath.bootstrapcdn.com |
return.co.de
ajax.googleapis.com |
| 2 | fonts.gstatic.com |
return.co.de
|
| 2 | fonts.googleapis.com |
return.co.de
|
| 1 | d2fltix0v2e0sb.cloudfront.net |
return.co.de
|
| 1 | ajax.googleapis.com |
return.co.de
|
| 1 | jwedel.uber.space | 1 redirects |
| 18 | 7 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| twitter.com |
| uberspace.de |
| dev.to |
| www.python.org |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.storage.googleapis.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
| *.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
| *.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
| *.google.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://return.co.de/
Frame ID: 30BE3F297A5C3D86E966C83AFA1D73D9
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://jwedel.uber.space/
HTTP 301
http://return.co.de/ Page URL
Detected technologies
Python
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i
- headers server /gunicorn(?:\/([\d.]+))?/i
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Django
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i
gunicorn
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /gunicorn(?:\/([\d.]+))?/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://twitter.com/stealthmusic
Title: Jan Wedel
Title: Jan Wedel
Search URL Search Domain Scan URL
URL: https://uberspace.de/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://dev.to/stealthmusic
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www.python.org/
Title:
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://jwedel.uber.space/
HTTP 301
http://return.co.de/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
/
return.co.de/ Redirect Chain
|
11 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/ |
119 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/ |
39 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 550 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 554 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
return.co.de/static/core/styles/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
monokai.css
return.co.de/static/core/styles/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
feed-icon-28x28.png
return.co.de/static/core/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Screen_Shot_2019-11-17_at_21.27.30.png.200x120_q85_box-82%2C0%2C855%2C468_crop_detail.png
return.co.de/media/images/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
olverbrauch-display.jpg.200x120_q85_box-16%2C0%2C486%2C284_crop_detail.jpg
return.co.de/media/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ubernaut-badge-white.png
return.co.de/static/core/img/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dev-badge.svg
d2fltix0v2e0sb.cloudfront.net/ |
798 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
python-powered-w-200x80.png
return.co.de/static/core/img/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
glyphicons-halflings-regular.woff2
stackpath.bootstrapcdn.com/bootstrap/3.4.1/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
header-background.jpg
return.co.de/static/core/img/ |
81 KB 81 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
neILzCirqoswsqX9zoKmM4MwWJU.woff2
fonts.gstatic.com/s/lobster/v22/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| return.co.de/ | Name: csrftoken Value: NGWVV5eS4aTedlRMoq1yW6gttqKGezaSsxd21387G7MDvmb3t5ldtj9GpChOHRIx |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
d2fltix0v2e0sb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
jwedel.uber.space
return.co.de
stackpath.bootstrapcdn.com
2001:4de0:ac19::1:b:1a
2600:9000:214f:f000:14:14d6:5ec0:21
2a00:1450:4001:809::200a
2a00:1450:4001:817::2003
2a00:1450:4001:819::200a
2a00:d0c0:200:0:b9:1a:9c:95
95.143.172.224
2877f94e91cf9654c17da5c848599e3422e57337037c804d0dc8b9d119156d31
328847d4f25df415f251481c355a5f9d582bf0ce4cc38c9e420c102d3ba165ad
473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5
49c74084f318a1390e1b8a3f6581d237384e235faa69386bf046c66aa01f80ef
4ed13028bb76b19d2e2ba43972c3b64405f0e58d0034ed17239df80e43abff46
5537ec74b20f9275a837dd58c0481412314659c2a49e61630c24e0df13652ffe
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
670241b0d8edff4e50f0590499b8e5db7af62168bcc41bfa9580665f04f4bde7
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
787fc3c6537ce48dad1d20c60ed1bdcb68d05970d0115700e37db51f168630bd
79db4bf7f7d5d47ca9013951a729862ac1707831a712eccae236b4e4a7a67280
9182a546655c16d5acb6103b1158a47c87ac239c03386e9200277c937a0ee6a7
9851208d37cf60294bc4dbdb38e05c2bf5cff5b0b2a27b720736b239cca3c663
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
b9a8206bca91334bf1aed3dbfb7a75bbab1737fee66c6157347628f816ef8d74
dcf4cf078153f01682aa5c63bfa59aaaa32979e7e04945ca03849d8708e3e803
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c