Submitted URL: https://redr.me/s25igt
Effective URL: https://0bin.org/paste/5PYDlc7M
Submission: On December 18 via manual from US — Scanned from DE

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is 0bin.org.
TLS certificate: Issued by WE1 on October 20th 2024. Valid for: 3 months.
This is the only time 0bin.org was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.174.59 13335 (CLOUDFLAR...)
4 188.114.96.3 13335 (CLOUDFLAR...)
4 1
Apex Domain
Subdomains
Transfer
4 0bin.org
0bin.org
150 KB
1 redr.me
redr.me
748 B
4 2
Domain Requested by
4 0bin.org 0bin.org
1 redr.me 1 redirects
4 2

This site contains links to these domains. Also see Links.

Domain
www.binance.com
github.com
www.0bin.net
Subject Issuer Validity Valid
0bin.org
WE1
2024-10-20 -
2025-01-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://0bin.org/paste/5PYDlc7M
Frame ID: 4F24EC5F8B46DB42896A603A38A063CD
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

0bin - encrypted pastebin

Page URL History Show full URLs

  1. https://redr.me/s25igt HTTP 302
    https://0bin.org/paste/5PYDlc7M Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

150 kB
Transfer

525 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://redr.me/s25igt HTTP 302
    https://0bin.org/paste/5PYDlc7M Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 5PYDlc7M
0bin.org/paste/
Redirect Chain
  • https://redr.me/s25igt
  • https://0bin.org/paste/5PYDlc7M
47 KB
29 KB
Document
General
Full URL
https://0bin.org/paste/5PYDlc7M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b09d63f2e4e0752671d99379fa2da5014ba810180077ae53ac142808d877e34

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3b2e02be834d31-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 00:54:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fn%2BmWr1k9968AaRBFTrc75h6%2BP93rgyacMIkO%2BXqB31fRBOgPSWCzA3XJ51eYgNKkJk12XOietwJWBN65z0VNtEHaa7Fnkx0NAoD0ec8h03AfQZAggG8ctcQMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6511&min_rtt=6260&rtt_var=1198&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4492&delivery_rate=890&cwnd=12000&unsent_bytes=0&cid=9179595e5ec5255c&ts=54&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3b2e00cbc14da4-FRA
content-type
text/html; charset=utf-8
date
Wed, 18 Dec 2024 00:54:06 GMT
location
https://0bin.org/paste/5PYDlc7M#ztbFp2q5e71yOPl6MHN6KoOw8ifa15stYClfuony+GJ
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MWr3sQkKUjeO2nMzb3ZJf0Z0LJc2mUXFWti9xOq5qhfJH9%2FyJNPRixa9uJLaNJE6KqZm2E9x3fsFk5rQIXsJ6l%2BznSSPA9kMiUbwRykPnbsgBZKWBRY%2F0K3T"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=9517&min_rtt=6454&rtt_var=3758&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4194&recv_bytes=4484&delivery_rate=719&cwnd=12000&unsent_bytes=0&cid=769f604474fd2ef9&ts=284&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
style.min.css
0bin.org/static/css/
187 KB
30 KB
Stylesheet
General
Full URL
https://0bin.org/static/css/style.min.css?1.0.4
Requested by
Host: 0bin.org
URL: https://0bin.org/paste/5PYDlc7M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f34f157831635f569f38099f3a2791c323f24275ac58e2a7fd43d1745f03aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://0bin.org/paste/5PYDlc7M

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
4260
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxGlqCFovyqTlQeRGg8dv6rykgnLOHseCSuetF07JrhM3ZbKN9wjGeWb8QTalbyt3nZCQ6r5k%2F6JhgHnSuxBhnpa3DFb94OL%2FewMxA3ImAy4unOTcZb5zaT21Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3b2e032eaf4d31-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6851&min_rtt=6260&rtt_var=270&sent=42&recv=26&lost=0&retrans=0&sent_bytes=34411&recv_bytes=5718&delivery_rate=1376386&cwnd=18000&unsent_bytes=0&cid=9179595e5ec5255c&ts=85&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 00:54:06 GMT
content-type
text/css; charset=UTF-8
last-modified
Sun, 20 Oct 2024 09:32:00 GMT
vary
Accept-Encoding
priority
u=0,i=?0
main.min.js
0bin.org/static/js/
275 KB
88 KB
Script
General
Full URL
https://0bin.org/static/js/main.min.js?1.0.4
Requested by
Host: 0bin.org
URL: https://0bin.org/paste/5PYDlc7M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f2a99af90f5561c05b3624b4a60f739d8f51f17c91367050dca8941b57100c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://0bin.org/paste/5PYDlc7M

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
4259
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8HkG2gYtIcD7Gpi%2B24Dr9NnNZT6pHb42JEi5eZF5HCRPNPQri8phFe5QpydpdDpRCzEB%2F5sGC%2FSUAg8%2B6Z2RJWFncv8jeSBwFj7CKvn1vyEgQq9fNpW2GSmnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3b2e032eba4d31-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6803&min_rtt=6260&rtt_var=299&sent=62&recv=27&lost=0&retrans=0&sent_bytes=56702&recv_bytes=5761&delivery_rate=185930&cwnd=20400&unsent_bytes=0&cid=9179595e5ec5255c&ts=92&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 00:54:06 GMT
content-type
application/javascript
last-modified
Sun, 20 Oct 2024 09:32:01 GMT
vary
Accept-Encoding
priority
u=1,i=?0
favicon.ico
0bin.org/static/img/
15 KB
3 KB
Other
General
Full URL
https://0bin.org/static/img/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654986a03c82a881128d899727be79a082fe9d4159686894e3df4862ebac2721

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://0bin.org/paste/5PYDlc7M

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
4259
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXBm%2BRAjzfLLFOd8BTY8QNkxi1mM7U5YSCaqEI1zf4uvFQdKOCz9Pm%2BWPv1iwCMR%2BYYkBuhIKUYtLX7zKEhBXjhHmrEe6CuA24isNuDR%2BktF2BO8BMVrOsi%2BvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3b2e039f054d31-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7569&min_rtt=6260&rtt_var=349&sent=150&recv=64&lost=0&retrans=0&sent_bytes=157634&recv_bytes=7696&delivery_rate=9007310&cwnd=70800&unsent_bytes=0&cid=9179595e5ec5255c&ts=161&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 00:54:06 GMT
content-type
image/x-icon
last-modified
Sun, 20 Oct 2024 09:32:01 GMT
vary
Accept-Encoding
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| sjcl object| s object| app object| pasteContent object| content string| key object| form object| bar object| tx function| OnInput function| Vue object| zerobin boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrint object| PR

0 Cookies