bin.re
Open in
urlscan Pro
2a05:d014:275:cb01:8d93:e14c:3058:b0f4
Public Scan
Effective URL: https://bin.re/blog/the-dga-of-qakbot/
Submission: On June 10 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 8th 2022. Valid for: 3 months.
This is the only time bin.re was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a03:b0c0:3:d... 2a03:b0c0:3:d0::d24:2001 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
14 | 2a05:d014:275... 2a05:d014:275:cb01:8d93:e14c:3058:b0f4 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 2a03:b0c0:3:d... 2a03:b0c0:3:d0::1793:b001 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
14 | 2 |
ASN14061 (DIGITALOCEAN-ASN, US)
www.johannesbader.ch |
ASN16509 (AMAZON-02, US)
bin.re |
ASN14061 (DIGITALOCEAN-ASN, US)
johannesbader.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
bin.re
bin.re |
181 KB |
2 |
johannesbader.ch
2 redirects
www.johannesbader.ch johannesbader.ch |
1 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
14 | bin.re |
bin.re
|
1 | johannesbader.ch | 1 redirects |
1 | www.johannesbader.ch | 1 redirects |
14 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bin.re R3 |
2022-05-08 - 2022-08-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bin.re/blog/the-dga-of-qakbot/
Frame ID: EB81AD3E58029B13606DFA2F5BB50C47
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
The DGA of Qakbot.TPage URL History Show full URLs
-
https://www.johannesbader.ch/2016/02/the-dga-of-qakbot/
HTTP 301
https://bin.re/2016/02/the-dga-of-qakbot/ Page URL
-
https://johannesbader.ch/blog/the-dga-of-qakbot/
HTTP 301
https://bin.re/blog/the-dga-of-qakbot/ Page URL
Page Statistics
23 Outgoing links
These are links going to different origins than the main page.
Title: February 24, 2016
Search URL Search Domain Scan URL
Title: Malpedia entry on Qakbot
Search URL Search Domain Scan URL
Title: Generation 10
Search URL Search Domain Scan URL
Title: malware-traffic-analysis.net
Search URL Search Domain Scan URL
Title: Mersenne Twister
Search URL Search Domain Scan URL
Title: link
Search URL Search Domain Scan URL
Title: this executable
Search URL Search Domain Scan URL
Title: Qakbot dll
Search URL Search Domain Scan URL
Title: Introduction to Algorithms, 3rd Edition
Search URL Search Domain Scan URL
Title: Necurs
Search URL Search Domain Scan URL
Title: Ramnit
Search URL Search Domain Scan URL
Title: Ranbyus
Search URL Search Domain Scan URL
Title: Tinba
Search URL Search Domain Scan URL
Title: Geodo/Emotet
Search URL Search Domain Scan URL
Title: Cryptolocker
Search URL Search Domain Scan URL
Title: Corebot
Search URL Search Domain Scan URL
Title: GitHub
Search URL Search Domain Scan URL
Title: Jawad Ahmed
Search URL Search Domain Scan URL
Title: Johannes Bader
Search URL Search Domain Scan URL
Title: https://mega.nz/#!ObwxnAgJ!...
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: GitHub
Search URL Search Domain Scan URL
Title: Keybase
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.johannesbader.ch/2016/02/the-dga-of-qakbot/
HTTP 301
https://bin.re/2016/02/the-dga-of-qakbot/ Page URL
-
https://johannesbader.ch/blog/the-dga-of-qakbot/
HTTP 301
https://bin.re/blog/the-dga-of-qakbot/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.johannesbader.ch/2016/02/the-dga-of-qakbot/ HTTP 301
- https://bin.re/2016/02/the-dga-of-qakbot/
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
bin.re/2016/02/the-dga-of-qakbot/ Redirect Chain
|
348 B 875 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
bin.re/blog/the-dga-of-qakbot/ Redirect Chain
|
93 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nunito-sans-v12-latin-300.woff2
bin.re/assets/fonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nunito-sans-v12-latin-800.woff2
bin.re/assets/fonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.css
bin.re/assets/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blog.css
bin.re/assets/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.js
bin.re/assets/js/ |
772 B 891 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.svg
bin.re/assets/svg/ |
18 KB 5 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
104 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
103 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
104 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
105 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
104 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
103 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
104 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
104 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
104 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
103 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
104 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
104 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
104 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
105 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nunito-sans-v12-latin-600.woff2
bin.re/assets/fonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nunito-sans-v12-latin-300italic.woff2
bin.re/assets/fonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inconsolata-v30-latin-regular.woff2
bin.re/assets/fonts/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
bin.re/assets/img/site/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nunito-sans-v12-latin-600italic.woff2
bin.re/assets/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
letters1-640.webp
bin.re/assets/img/header/ |
32 KB 33 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| showImage function| tc object| t0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self' |
Strict-Transport-Security | max-age=10886400; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bin.re
johannesbader.ch
www.johannesbader.ch
2a03:b0c0:3:d0::1793:b001
2a03:b0c0:3:d0::d24:2001
2a05:d014:275:cb01:8d93:e14c:3058:b0f4
0af5fb33778b594401677cece0aa8ab55136e75f45a9b5f829dd830e5c9c5044
1180c20e2c2ba8a73c13ac6d505a34dcb46b02681e528815539b462200d26c41
131821a5dba354f0f23565643875c863f61c2edb13dcf6b41cec3b526ccd8a86
1464c25b5ed72e253a349863bc6e2b22af666afeb2de0a07dd267a3b68368f41
15df2854372413eaf0fa3c4d08756f307deb641f8413d2312ec909e90cc169ef
1b4112752b944b1efdbe47389ddad36cb509ab374f12812fdb5087f64469e321
1e060c428e7fcb9f6223795d8a5ab10fdef26c34339a543715f8cabe1b2089ff
3a4ee7dca68af10798a8bcbebe03757fa82ce74e024d02b0072722db646f5352
48b8145a8492abf3db915332a18b876a2f0983fa421a89950299c12755773f4a
4d342693c0e8f14d97184c36df49b577c757d44f9343b7295933386187a707ab
69e310ca32436d31c4e4b55002bad36bc5484127a6ca1f7195ac779639540c44
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
726d83a336f21985803e3e183360257d891f252b37964434e67d40bfbc3c9bc6
83ddc07685e2f81816a5e121548b5b0b3096b7ce8e1ccc06da1f44c6488fcecc
86bc9aba0f8c7b6db24a6cc9cf00245b3c90c425ea0d9c875fb16d8adef6a910
8a35ecbe1c4434557f126b56572861e768b542893e538fd253d050bb488f65b1
976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
9e3264f22dcc5b40b4ffdd34a68ec9c9455a430d0402ab7b0174202754f880ff
a63729cb2f1c6ecf2747ea60748246f8130695cc75c66ff168baaf9e94bbb6bd
a7dff53994c3554eed5a9cc2eb066ee098890240e2dd040537370167888f0160
a9c100ed2d02c0437bfbd0fda80bf9e6af1aa40868546bff45e71071123f5af4
b374f4dc57b97a69634562e02a9d7fee09cf551a81a88e76d944ea6491ed8f33
bd9cc58a66bb903e6d76f3479a3444383fd98553e31423fd1644caf7936be98f
bf22fea881f28a602afbd158f8c9d06a8bcc84e17b9b6dd9a3224992cce2a9e2
c37e0d45ff53cd8fa8a1cbe1e0c90887aefaf765b15ee19d39464b6fa5172bab
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
ca53ec689d5b5d78e71a1e248e3fccf0eab880d721f2fb78cfd9c903671e89b3
ce09ab0df5f076c84fbe313da684309cc4611667d580d885dd6c121fbff22772
f05da8c268024a405f84d81c2f879b81fd3c82894607cbbc31e894ee31057386