bin.re Open in urlscan Pro
2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.johannesbader.ch/2016/02/the-dga-of-qakbot/
Effective URL:
https://bin.re/blog/the-dga-of-qakbot/
Submission: On June 10 via api (June 10th 2022, 8:08:36 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 2a05:d014:275:cb01:8d93:e14c:3058:b0f4, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is bin.re.
TLS certificate: Issued by R3 on May 8th 2022. Valid for: 3 months.

This is the only time bin.re was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d24:2001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
14	2a05:d014:275... 2a05:d014:275:cb01:8d93:e14c:3058:b0f4	16509 (AMAZON-02) (AMAZON-02)
1 1	2a03:b0c0:3:d... 2a03:b0c0:3:d0::1793:b001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
14	2

1 2a03:b0c0:3:d0::d24:2001 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.johannesbader.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a05:d014:275:cb01:8d93:e14c:3058:b0f4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

bin.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:3:d0::1793:b001 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

johannesbader.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	bin.re bin.re	181 KB
2	johannesbader.ch 2 redirects www.johannesbader.ch johannesbader.ch	1 KB
14	2

	Domain	Requested by
14	bin.re	bin.re
1	johannesbader.ch	1 redirects
1	www.johannesbader.ch	1 redirects
14	3

This site contains links to these domains. Also see Links.

Domain
johannesbader.ch
malpedia.caad.fkie.fraunhofer.de
www.symantec.com
www.malware-traffic-analysis.net
en.wikipedia.org
malwr.com
www.virustotal.com
www.amazon.com
www.johannesbader.ch
www.microsoft.com
blog.fortinet.com
github.com
disqus.com
mega.nz
www.twitter.com
www.github.com
keybase.io

Subject Issuer	Validity	Valid
bin.re R3	`2022-05-08` - `2022-08-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bin.re/blog/the-dga-of-qakbot/
Frame ID: EB81AD3E58029B13606DFA2F5BB50C47
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The DGA of Qakbot.T

Page URL History Show full URLs

https://www.johannesbader.ch/2016/02/the-dga-of-qakbot/ HTTP 301
https://bin.re/2016/02/the-dga-of-qakbot/ Page URL
https://johannesbader.ch/blog/the-dga-of-qakbot/ HTTP 301
https://bin.re/blog/the-dga-of-qakbot/ Page URL

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

181 kB
Transfer

265 kB
Size

0
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://johannesbader.ch/2016/02
Title: February 24, 2016

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/details/win.qakbot
Title: Malpedia entry on Qakbot

Search URL Search Domain Scan URL

URL: https://www.symantec.com/security_response/writeup.jsp?docid=2016-011409-4221-99
Title: Generation 10

Search URL Search Domain Scan URL

URL: http://www.malware-traffic-analysis.net/2016/01/11/index.html
Title: malware-traffic-analysis.net

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Mersenne_Twister
Title: Mersenne Twister

Search URL Search Domain Scan URL

URL: https://malwr.com/analysis/MDg2N2M2YTNmZjFiNDZlNDhlNGIxZjc3MDFhZTYyODQ/
Title: link

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/ce557aec10bbe7705e4632003a6b4b0ecba63cafa6f2b2c330ab58f129882d4d/analysis/
Title: this executable

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/41ff3307655ea6e6e0d0874deba24f56ada50e765c3e2d83214d354b92b5e3df/analysis/
Title: Qakbot dll

Search URL Search Domain Scan URL

URL: http://www.amazon.com/Introduction-Algorithms-3rd-Thomas-Cormen/dp/0262033844/ref=sr_1_1?s=books&ie=UTF8&qid=1424430552&sr=1-1&keywords=introduction%20to%20algorithms%20third%20edition&tag=viglink123228-20
Title: Introduction to Algorithms, 3rd Edition

Search URL Search Domain Scan URL

URL: http://www.johannesbader.ch/2015/02/the-dgas-of-necurs/
Title: Necurs

Search URL Search Domain Scan URL

URL: http://johannesbader.ch/2014/12/the-dga-of-ramnit/
Title: Ramnit

Search URL Search Domain Scan URL

URL: http://www.johannesbader.ch/2015/05/the-dga-of-ranbyus/
Title: Ranbyus

Search URL Search Domain Scan URL

URL: http://johannesbader.ch/2015/04/new-top-level-domains-for-tinbas-dga/
Title: Tinba

Search URL Search Domain Scan URL

URL: http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Trojan:Win32/Emotet.C
Title: Geodo/Emotet

Search URL Search Domain Scan URL

URL: https://blog.fortinet.com/post/a-closer-look-at-cryptolocker-s-dga
Title: Cryptolocker

Search URL Search Domain Scan URL

URL: http://www.johannesbader.ch/2015/09/the-dga-of-corebot/
Title: Corebot

Search URL Search Domain Scan URL

URL: https://github.com/baderj/domain_generation_algorithms/tree/master/qakbot
Title: GitHub

Search URL Search Domain Scan URL

URL: https://disqus.com/by/disqus_8AT0czK4eJ/
Title: Jawad Ahmed

Search URL Search Domain Scan URL

URL: https://disqus.com/by/baderj/
Title: Johannes Bader

Search URL Search Domain Scan URL

URL: https://mega.nz/#!ObwxnAgJ!1ZqqSHNYrTZLUMBVTjbqVBfzqS3bP-d0EYbMu4MlDkI
Title: https://mega.nz/#!ObwxnAgJ!...

Search URL Search Domain Scan URL

URL: http://www.twitter.com/viql
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.github.com/baderj
Title: GitHub

Search URL Search Domain Scan URL

URL: https://keybase.io/baderj
Title: Keybase

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.johannesbader.ch/2016/02/the-dga-of-qakbot/ HTTP 301
https://bin.re/2016/02/the-dga-of-qakbot/ Page URL
https://johannesbader.ch/blog/the-dga-of-qakbot/ HTTP 301
https://bin.re/blog/the-dga-of-qakbot/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.johannesbader.ch/2016/02/the-dga-of-qakbot/ HTTP 301
https://bin.re/2016/02/the-dga-of-qakbot/

14 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
bin.re/2016/02/the-dga-of-qakbot/
Redirect Chain

https://www.johannesbader.ch/2016/02/the-dga-of-qakbot/
https://bin.re/2016/02/the-dga-of-qakbot/

348 B
875 B

53ms
9ms

Document
text/html

2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/2016/02/the-dga-of-qakbot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ce09ab0df5f076c84fbe313da684309cc4611667d580d885dd6c121fbff22772

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 87925
cache-control: public, max-age=0, must-revalidate
content-length: 348
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
content-type: text/html; charset=UTF-8
date: Thu, 09 Jun 2022 19:43:07 GMT
etag: "4b697e9a6551d6a8c904ad55a0ff6fe4-ssl"
permissions-policy: camera=(), fullscreen=(), microphone=()
referrer-policy: no-referrer
server: Netlify
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01G57KQ2JE3CQR7QV0ENSQKCMR
x-xss-protection: 1; mode=block

Redirect headers

age: 2
cache-control: public, max-age=0, must-revalidate
content-length: 56
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
content-type: text/plain; charset=utf-8
date: Fri, 10 Jun 2022 20:08:30 GMT
location: https://bin.re/2016/02/the-dga-of-qakbot/
permissions-policy: camera=(), fullscreen=(), microphone=()
referrer-policy: no-referrer
server: Netlify
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01G57KQ2D7WAG1SJ31AM6SQVH6
x-xss-protection: 1; mode=block

GET
H2

200

Primary Request / Show response
bin.re/blog/the-dga-of-qakbot/
Redirect Chain

https://johannesbader.ch/blog/the-dga-of-qakbot/
https://bin.re/blog/the-dga-of-qakbot/

93 KB
34 KB

420ms
419ms

Document
text/html

2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/blog/the-dga-of-qakbot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

48b8145a8492abf3db915332a18b876a2f0983fa421a89950299c12755773f4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bin.re/2016/02/the-dga-of-qakbot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
content-type: text/html; charset=UTF-8
date: Fri, 10 Jun 2022 20:08:31 GMT
etag: "840fdedd1e26064e62523512bd08d049-ssl-df"
permissions-policy: camera=(), fullscreen=(), microphone=()
referrer-policy: no-referrer
server: Netlify
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01G57KQ2WNTE9731KK68NQ42TQ
x-xss-protection: 1; mode=block

Redirect headers

age: 0
cache-control: public, max-age=0, must-revalidate
content-length: 53
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
content-type: text/plain; charset=utf-8
date: Fri, 10 Jun 2022 20:08:31 GMT
location: https://bin.re/blog/the-dga-of-qakbot/
permissions-policy: camera=(), fullscreen=(), microphone=()
referrer-policy: no-referrer
server: Netlify
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01G57KQ2QTSDFTNVPN96QGVWV0
x-xss-protection: 1; mode=block

GET
H2 200 nunito-sans-v12-latin-300.woff2
bin.re/assets/fonts/ 17 KB
17 KB 26ms
25ms Font
font/woff2 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/assets/fonts/nunito-sans-v12-latin-300.woff2

Requested by

Host: bin.re
URL: https://bin.re/blog/the-dga-of-qakbot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://bin.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3G93DDGTJXKWJGT0MVS
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
x-content-type-options: nosniff
age: 40225
content-length: 16920
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Fri, 10 Jun 2022 08:58:07 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
etag: "39e5d5221b9750ed4acd95f57584942a-ssl"
accept-ranges: bytes

GET
H2 200 nunito-sans-v12-latin-800.woff2
bin.re/assets/fonts/ 17 KB
17 KB 9ms
9ms Font
font/woff2 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/assets/fonts/nunito-sans-v12-latin-800.woff2

Requested by

Host: bin.re
URL: https://bin.re/blog/the-dga-of-qakbot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://bin.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3G928C1DZ4T7WKEJTC8
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
x-content-type-options: nosniff
age: 74998
content-length: 17324
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Thu, 09 Jun 2022 23:18:34 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
etag: "4b864a9c8e63569aeee63ae8aac4ad5e-ssl"
accept-ranges: bytes

GET
H2 200 common.css
bin.re/assets/css/ 7 KB
2 KB 8ms
8ms Stylesheet
text/css 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/assets/css/common.css

Requested by

Host: bin.re
URL: https://bin.re/blog/the-dga-of-qakbot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

1180c20e2c2ba8a73c13ac6d505a34dcb46b02681e528815539b462200d26c41

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3G9DKG94XGYTFA4DC5P
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
content-encoding: br
etag: "6ca98bf76e050a388178f42e4c1931da-ssl-df"
age: 74998
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-length: 1594
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Thu, 09 Jun 2022 23:18:34 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 blog.css
bin.re/assets/css/ 9 KB
2 KB 9ms
9ms Stylesheet
text/css 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/assets/css/blog.css

Requested by

Host: bin.re
URL: https://bin.re/blog/the-dga-of-qakbot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

3a4ee7dca68af10798a8bcbebe03757fa82ce74e024d02b0072722db646f5352

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3G9P5QD3YJYQQ2AWYVY
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
content-encoding: br
etag: "b841195958b74578fb455fe819e4efbf-ssl-df"
age: 40225
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-length: 1920
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Fri, 10 Jun 2022 08:58:07 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 all.min.js Show response
bin.re/assets/js/ 772 B
891 B 9ms
9ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/assets/js/all.min.js

Requested by

Host: bin.re
URL: https://bin.re/blog/the-dga-of-qakbot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

0af5fb33778b594401677cece0aa8ab55136e75f45a9b5f829dd830e5c9c5044

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3GAE3ANQP4ZD71BWX8P
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
x-content-type-options: nosniff
age: 74998
content-length: 772
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Thu, 09 Jun 2022 23:18:34 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
etag: "912c69165c2a2f2e0beb1c22df843dc0-ssl"
accept-ranges: bytes

GET
H2 200 icons.svg
bin.re/assets/svg/ 18 KB
5 KB 9ms
9ms Other
image/svg+xml 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/assets/svg/icons.svg

Requested by

Host: bin.re
URL: https://bin.re/blog/the-dga-of-qakbot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

c37e0d45ff53cd8fa8a1cbe1e0c90887aefaf765b15ee19d39464b6fa5172bab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3GB2RSFBE87K5JS1DC5
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
content-encoding: br
etag: "a7e1a627146f1d5dbd1ec60a5693dae4-ssl-df"
age: 74998
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-length: 5236
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Thu, 09 Jun 2022 23:18:34 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
accept-ranges: bytes
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83ddc07685e2f81816a5e121548b5b0b3096b7ce8e1ccc06da1f44c6488fcecc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1464c25b5ed72e253a349863bc6e2b22af666afeb2de0a07dd267a3b68368f41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 103 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f05da8c268024a405f84d81c2f879b81fd3c82894607cbbc31e894ee31057386

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86bc9aba0f8c7b6db24a6cc9cf00245b3c90c425ea0d9c875fb16d8adef6a910

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 105 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d342693c0e8f14d97184c36df49b577c757d44f9343b7295933386187a707ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a35ecbe1c4434557f126b56572861e768b542893e538fd253d050bb488f65b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 103 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69e310ca32436d31c4e4b55002bad36bc5484127a6ca1f7195ac779639540c44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd9cc58a66bb903e6d76f3479a3444383fd98553e31423fd1644caf7936be98f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15df2854372413eaf0fa3c4d08756f307deb641f8413d2312ec909e90cc169ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e060c428e7fcb9f6223795d8a5ab10fdef26c34339a543715f8cabe1b2089ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 103 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9c100ed2d02c0437bfbd0fda80bf9e6af1aa40868546bff45e71071123f5af4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b4112752b944b1efdbe47389ddad36cb509ab374f12812fdb5087f64469e321

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a63729cb2f1c6ecf2747ea60748246f8130695cc75c66ff168baaf9e94bbb6bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca53ec689d5b5d78e71a1e248e3fccf0eab880d721f2fb78cfd9c903671e89b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 105 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 131821a5dba354f0f23565643875c863f61c2edb13dcf6b41cec3b526ccd8a86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 nunito-sans-v12-latin-600.woff2
bin.re/assets/fonts/ 17 KB
17 KB 8ms
8ms Font
font/woff2 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/assets/fonts/nunito-sans-v12-latin-600.woff2

Requested by

Host: bin.re
URL: https://bin.re/assets/css/common.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://bin.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3HCBWKANBKTB63V5DGP
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
x-content-type-options: nosniff
age: 40225
content-length: 17156
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Fri, 10 Jun 2022 08:58:07 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
etag: "3a943dd6d7f7a12378746ee39059e94a-ssl"
accept-ranges: bytes

GET
H2 200 nunito-sans-v12-latin-300italic.woff2
bin.re/assets/fonts/ 17 KB
17 KB 9ms
9ms Font
font/woff2 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/assets/fonts/nunito-sans-v12-latin-300italic.woff2

Requested by

Host: bin.re
URL: https://bin.re/assets/css/common.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

bf22fea881f28a602afbd158f8c9d06a8bcc84e17b9b6dd9a3224992cce2a9e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://bin.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3HC5N3TBJ4HWWVSDPVV
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
x-content-type-options: nosniff
age: 1692
content-length: 17676
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Fri, 10 Jun 2022 19:40:20 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
etag: "5f560389ac9bb9be8602a04e6cd6b73e-ssl"
accept-ranges: bytes

GET
H2 200 inconsolata-v30-latin-regular.woff2
bin.re/assets/fonts/ 16 KB
16 KB 9ms
9ms Font
font/woff2 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/assets/fonts/inconsolata-v30-latin-regular.woff2

Requested by

Host: bin.re
URL: https://bin.re/assets/css/common.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a7dff53994c3554eed5a9cc2eb066ee098890240e2dd040537370167888f0160

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://bin.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3HDKMNV3EBSX2A0F2V5
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
x-content-type-options: nosniff
age: 39234
content-length: 16164
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Fri, 10 Jun 2022 09:14:38 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
etag: "f82f6f04f38a2e168ad24a9cbbabef7c-ssl"
accept-ranges: bytes

GET
H2 200 logo.png
bin.re/assets/img/site/ 1 KB
1 KB 8ms
8ms Image
image/png 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bin.re/assets/img/site/logo.png

Requested by

Host: bin.re
URL: https://bin.re/blog/the-dga-of-qakbot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9e3264f22dcc5b40b4ffdd34a68ec9c9455a430d0402ab7b0174202754f880ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3JXJB721DTNZHX3JRA7
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
x-content-type-options: nosniff
age: 40225
content-length: 1270
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Fri, 10 Jun 2022 08:58:07 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-type: image/png
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
etag: "2296970c660f57aba356dfce4a642397-ssl"
accept-ranges: bytes

GET
H2 200 nunito-sans-v12-latin-600italic.woff2
bin.re/assets/fonts/ 18 KB
18 KB 8ms
8ms Font
font/woff2 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bin.re/assets/fonts/nunito-sans-v12-latin-600italic.woff2

Requested by

Host: bin.re
URL: https://bin.re/assets/css/common.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

726d83a336f21985803e3e183360257d891f252b37964434e67d40bfbc3c9bc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://bin.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3M0W9J2EWPR83NJ15RB
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
x-content-type-options: nosniff
age: 1692
content-length: 17956
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Fri, 10 Jun 2022 19:40:20 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
etag: "effac94265f9225737f4c7faf17d828d-ssl"
accept-ranges: bytes

GET
H2 200 letters1-640.webp
bin.re/assets/img/header/ 32 KB
33 KB 199ms
198ms Image
image/webp 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bin.re/assets/img/header/letters1-640.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

b374f4dc57b97a69634562e02a9d7fee09cf551a81a88e76d944ea6491ed8f33

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G57KQ3N1YSFZNVXES8GHGJM6
content-security-policy: default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
x-content-type-options: nosniff
age: 0
content-length: 33132
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Netlify
x-frame-options: DENY
date: Fri, 10 Jun 2022 20:08:32 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(), microphone=()
etag: "6264c51c7e5788a30b2cfef950ae6950-ssl"
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; script-src 'self'
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bin.re
johannesbader.ch
www.johannesbader.ch
2a03:b0c0:3:d0::1793:b001
2a03:b0c0:3:d0::d24:2001
2a05:d014:275:cb01:8d93:e14c:3058:b0f4
0af5fb33778b594401677cece0aa8ab55136e75f45a9b5f829dd830e5c9c5044
1180c20e2c2ba8a73c13ac6d505a34dcb46b02681e528815539b462200d26c41
131821a5dba354f0f23565643875c863f61c2edb13dcf6b41cec3b526ccd8a86
1464c25b5ed72e253a349863bc6e2b22af666afeb2de0a07dd267a3b68368f41
15df2854372413eaf0fa3c4d08756f307deb641f8413d2312ec909e90cc169ef
1b4112752b944b1efdbe47389ddad36cb509ab374f12812fdb5087f64469e321
1e060c428e7fcb9f6223795d8a5ab10fdef26c34339a543715f8cabe1b2089ff
3a4ee7dca68af10798a8bcbebe03757fa82ce74e024d02b0072722db646f5352
48b8145a8492abf3db915332a18b876a2f0983fa421a89950299c12755773f4a
4d342693c0e8f14d97184c36df49b577c757d44f9343b7295933386187a707ab
69e310ca32436d31c4e4b55002bad36bc5484127a6ca1f7195ac779639540c44
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
726d83a336f21985803e3e183360257d891f252b37964434e67d40bfbc3c9bc6
83ddc07685e2f81816a5e121548b5b0b3096b7ce8e1ccc06da1f44c6488fcecc
86bc9aba0f8c7b6db24a6cc9cf00245b3c90c425ea0d9c875fb16d8adef6a910
8a35ecbe1c4434557f126b56572861e768b542893e538fd253d050bb488f65b1
976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
9e3264f22dcc5b40b4ffdd34a68ec9c9455a430d0402ab7b0174202754f880ff
a63729cb2f1c6ecf2747ea60748246f8130695cc75c66ff168baaf9e94bbb6bd
a7dff53994c3554eed5a9cc2eb066ee098890240e2dd040537370167888f0160
a9c100ed2d02c0437bfbd0fda80bf9e6af1aa40868546bff45e71071123f5af4
b374f4dc57b97a69634562e02a9d7fee09cf551a81a88e76d944ea6491ed8f33
bd9cc58a66bb903e6d76f3479a3444383fd98553e31423fd1644caf7936be98f
bf22fea881f28a602afbd158f8c9d06a8bcc84e17b9b6dd9a3224992cce2a9e2
c37e0d45ff53cd8fa8a1cbe1e0c90887aefaf765b15ee19d39464b6fa5172bab
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
ca53ec689d5b5d78e71a1e248e3fccf0eab880d721f2fb78cfd9c903671e89b3
ce09ab0df5f076c84fbe313da684309cc4611667d580d885dd6c121fbff22772
f05da8c268024a405f84d81c2f879b81fd3c82894607cbbc31e894ee31057386

bin.re Open in urlscan Pro 2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

181 kBTransfer

265 kBSize

0 Cookies

23 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bin.re Open in urlscan Pro
2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

181 kB
Transfer

265 kB
Size

0
Cookies

14 HTTP transactions
15 data transactions