subs.sab.bz Open in urlscan Pro
82.101.74.58 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://subs.sab.bz/index.php?act=download&attach_id=106117
Submission: On April 06 via manual (April 6th 2024, 6:44:31 pm UTC) from BG — Scanned from DE

Summary HTTP 49 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 49 HTTP transactions. The main IP is 82.101.74.58, located in Bulgaria and belongs to IWET-AS, BG. The main domain is subs.sab.bz.

This is the only time subs.sab.bz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 10	82.101.74.58 82.101.74.58	29122 (IWET-AS) (IWET-AS)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	82.101.74.62 82.101.74.62	29122 (IWET-AS) (IWET-AS)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	172.67.184.77 172.67.184.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:a01b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.101.11 172.64.101.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	38.242.215.86 38.242.215.86	51167 (CONTABO) (CONTABO)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.204.62 172.67.204.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.188.110 172.67.188.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
49	16

10 82.101.74.58 (Bulgaria) 6 redirects

ASN29122 (IWET-AS, BG)
PTR: subs.sab.bz

subs.sab.bz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 82.101.74.62 (Bulgaria)

ASN29122 (IWET-AS, BG)
PTR: st.subs.sab.bz

st.subs.sab.bz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.184.77 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dexpredict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:a01b (United States)

ASN13335 (CLOUDFLARENET, US)

velocecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.101.11 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.242.215.86 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: ns2.w3open.com

counter.search.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.204.62 (United States)

ASN13335 (CLOUDFLARENET, US)

ctrtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.188.110 (United States)

ASN13335 (CLOUDFLARENET, US)

pubtrky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	sab.bz 6 redirects subs.sab.bz st.subs.sab.bz	296 KB
4	acscdn.com acscdn.com — Cisco Umbrella Rank: 73533	166 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 99
3	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 43864	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	94 KB
2	google.com apis.google.com — Cisco Umbrella Rank: 132	76 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	7 KB
2	velocecdn.com velocecdn.com — Cisco Umbrella Rank: 192840	87 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1126	78 KB
1	pubtrky.com pubtrky.com — Cisco Umbrella Rank: 44566	420 B
1	ctrtrk.com ctrtrk.com — Cisco Umbrella Rank: 48146
1	search.bg counter.search.bg	500 B
1	dexpredict.com 1 redirects dexpredict.com — Cisco Umbrella Rank: 278110	452 B
49	13

	Domain	Requested by
20	st.subs.sab.bz	subs.sab.bz
10	subs.sab.bz	6 redirects subs.sab.bz
4	acscdn.com	subs.sab.bz
3	www.facebook.com	connect.facebook.net
3	youradexchange.com	subs.sab.bz
3	connect.facebook.net	subs.sab.bz connect.facebook.net
2	apis.google.com	subs.sab.bz apis.google.com
2	www.google-analytics.com	subs.sab.bz
2	velocecdn.com	subs.sab.bz
2	maxcdn.bootstrapcdn.com	subs.sab.bz maxcdn.bootstrapcdn.com
1	pubtrky.com	subs.sab.bz
1	ctrtrk.com	acscdn.com
1	counter.search.bg	subs.sab.bz
1	dexpredict.com	1 redirects subs.sab.bz
49	14

This site contains links to these domains. Also see Links.

Domain
xen.headoff.com
www.facebook.com
www.imdb.com
www.youtube.com
paypal.me
counter.search.bg
youradexchange.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-15` - `2024-04-14`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
ctrtrk.com GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://subs.sab.bz/index.php?act=download&attach_id=106117
Frame ID: D7C484D65D3A97C60B164E4E8387DBFC
Requests: 45 HTTP requests in this frame

Frame: https://ctrtrk.com/ut/ctr.php
Frame ID: 0194DF05F15A82EF2351ED37892D5D32
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/like.php?action=recommend&app_id=120644621336595&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8e46c69c55e145af%26domain%3Dsubs.sab.bz%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsubs.sab.bz%252Ffb76aefd8688779be%26relation%3Dparent.parent&color_scheme=dark&container_width=0&font=tahoma&href=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26sid%3D93429%26attach_id%3D106117&locale=en_US&sdk=joey&show_faces=true&size=small&width=496
Frame ID: B3B46856234EA864FD21A01C5E58BD3C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/comments.php?app_id=120644621336595&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a0089ccb1134543%26domain%3Dsubs.sab.bz%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsubs.sab.bz%252Ffb76aefd8688779be%26relation%3Dparent.parent&color_scheme=dark&container_width=384&height=100&href=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Dcora%26sid%3D93429%26type%3Dcomment&locale=en_US&numposts=10&sdk=joey&version=v12.0&width=360
Frame ID: B6C39D7D402E5D07872AF2A1DD3E616A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/like.php?app_id=120644621336595&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbad517554f4a4ba4%26domain%3Dsubs.sab.bz%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsubs.sab.bz%252Ffb76aefd8688779be%26relation%3Dparent.parent&color_scheme=dark&container_width=0&font=tahoma&href=http%3A%2F%2Fwww.facebook.com%2Fsubs.sab.bz&layout=button_count&locale=en_US&sdk=joey&show_faces=false&width=10
Frame ID: D52E69099D79B9750255363CAE30CBC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Субтитри - Shogun - 01x01 (2024)

Page URL History Show full URLs

http://subs.sab.bz/index.php?act=download&attach_id=106117 HTTP 307
https://subs.sab.bz/index.php?act=download&attach_id=106117 HTTP 307
http://subs.sab.bz/index.php?act=download&attach_id=106117 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

18 %
HTTPS

44 %
IPv6

13
Domains

14
Subdomains

16
IPs

5
Countries

805 kB
Transfer

1715 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://xen.headoff.com/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/subs.sab.bz
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.imdb.com/title/tt2788316/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?embeds_referring_euri=http%3A%2F%2Fsubs.sab.bz%2F&source_ve_path=Mjg2NjQsMTY0NTAz&feature=emb_share&v=HIs9x49DK7I

Search URL Search Domain Scan URL

URL: https://paypal.me/alvm86

Search URL Search Domain Scan URL

URL: http://counter.search.bg/cgi-bin/s?_id=subssab
Title: <img width=70 height=15 border=0 alt="" src="http://counter.search.bg/cgi-bin/c?_id=subssab&_z=4">

Search URL Search Domain Scan URL

URL: http://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://subs.sab.bz/index.php?act=download&attach_id=106117 HTTP 307
https://subs.sab.bz/index.php?act=download&attach_id=106117 HTTP 307
http://subs.sab.bz/index.php?act=download&attach_id=106117 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://acscdn.com/script/aclib.js HTTP 307
https://acscdn.com/script/aclib.js

Request Chain 4

http://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css HTTP 307
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Request Chain 5

http://subs.sab.bz/js/jquery.min.js HTTP 301
http://st.subs.sab.bz/js/jquery.min.js

Request Chain 6

http://subs.sab.bz/js/jquery.boxy.js HTTP 301
http://st.subs.sab.bz/js/jquery.boxy.js

Request Chain 12

http://dexpredict.com/a/display.php?r=4540579 HTTP 307
https://dexpredict.com/a/display.php?r=4540579 HTTP 302
https://velocecdn.com/script/banner.js

Request Chain 18

http://subs.sab.bz/emoticons/smiley.gif HTTP 301
http://st.subs.sab.bz/emoticons/smiley.gif

Request Chain 19

http://subs.sab.bz/emoticons/drinks.gif HTTP 301
http://st.subs.sab.bz/emoticons/drinks.gif

Request Chain 20

http://subs.sab.bz/emoticons/good.gif HTTP 301
http://st.subs.sab.bz/emoticons/good.gif

Request Chain 21

http://connect.facebook.net/bg_BG/all.js HTTP 307
https://connect.facebook.net/bg_BG/all.js

Request Chain 23

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 25

http://velocecdn.com/script/suv4.js HTTP 307
https://velocecdn.com/script/suv4.js

Request Chain 26

http://dexpredict.com/script/suv4.js HTTP 307
https://dexpredict.com/script/suv4.js

Request Chain 30

http://acscdn.com/script/ut.js?cb=1712429067201 HTTP 307
https://acscdn.com/script/ut.js?cb=1712429067201

Request Chain 32

http://youradexchange.com/script/banner.php?r=4540579&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&srs=ecb076a134304444d9d84d677edba638&atv=45.5 HTTP 307
https://youradexchange.com/script/banner.php?r=4540579&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&srs=ecb076a134304444d9d84d677edba638&atv=45.5

Request Chain 33

http://acscdn.com/script/banner.js HTTP 307
https://acscdn.com/script/banner.js

Request Chain 35

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1594582062&utmcs=windows-1251&utmsr=800x600&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&utmhn=subs.sab.bz&utmhid=1374023458&utmr=-&utmp=/index.php?act=download&attach_id=106117&utmac=UA-2992044-1&utmcc=__utma%3D210296727.1594582062.1712429067.1712429067.1712429067.1%3B%2B__utmz%3D210296727.1712429067.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1594582062&utmcs=windows-1251&utmsr=800x600&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&utmhn=subs.sab.bz&utmhid=1374023458&utmr=-&utmp=/index.php?act=download&attach_id=106117&utmac=UA-2992044-1&utmcc=__utma%3D210296727.1594582062.1712429067.1712429067.1712429067.1%3B%2B__utmz%3D210296727.1712429067.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Request Chain 39

http://acscdn.com/script/suv5.js HTTP 307
https://acscdn.com/script/suv5.js

Request Chain 41

http://pubtrky.com/ut/hb.php?cb=0.2672282474722678&v=1 HTTP 307
https://pubtrky.com/ut/hb.php?cb=0.2672282474722678&v=1

Request Chain 42

http://youradexchange.com/script/banner.php?r=8194746&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&srs=ecb076a134304444d9d84d677edba638&atv=45.5 HTTP 307
https://youradexchange.com/script/banner.php?r=8194746&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&srs=ecb076a134304444d9d84d677edba638&atv=45.5

Request Chain 43

http://youradexchange.com/script/suurl5.php?r=1219157&cbur=0.9596350434424481&cbiframe=0&cbWidth=1600&cbHeight=1113&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ts=1712429067746&srs=ecb076a134304444d9d84d677edba638&atv=45.5-sw-suv5 HTTP 307
https://youradexchange.com/script/suurl5.php?r=1219157&cbur=0.9596350434424481&cbiframe=0&cbWidth=1600&cbHeight=1113&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ts=1712429067746&srs=ecb076a134304444d9d84d677edba638&atv=45.5-sw-suv5

Request Chain 47

http://subs.sab.bz/favicon.ico HTTP 301
http://st.subs.sab.bz/favicon.ico

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
subs.sab.bz/
Redirect Chain

http://subs.sab.bz/index.php?act=download&attach_id=106117
https://subs.sab.bz/index.php?act=download&attach_id=106117
http://subs.sab.bz/index.php?act=download&attach_id=106117

51 KB
52 KB

78ms
78ms

Document
text/html

82.101.74.58
IWET-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://subs.sab.bz/index.php?act=download&attach_id=106117

Protocol

HTTP/1.1

Server

82.101.74.58 , Bulgaria, ASN29122 (IWET-AS, BG),

Reverse DNS

subs.sab.bz

Software

Apache /

Resource Hash

1dc5b8ec69b2e657c33bf1ad08115f2843abce884b4fc94c088f5a4e96441516

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=windows-1251
Date: Sat, 06 Apr 2024 18:44:26 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

Redirect headers

Location: http://subs.sab.bz/index.php?act=download&attach_id=106117
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

200

aclib.js Show response
acscdn.com/script/
Redirect Chain

http://acscdn.com/script/aclib.js
https://acscdn.com/script/aclib.js

164 KB
51 KB

138ms
51ms

Script
text/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/aclib.js
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: H2
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbfd617d12e7870fed4945c90a9deb19b8e9a57e416e8690bc91f6ac06728184

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 649
x-guploader-uploadid: ABPtcPrSHv-icHtkaw9rq3ZxjFtQCeHkOKLha1-FjyCKpms3ClFWkfvAYfsS0AmYIH4z3cn9NK8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 Apr 2024 10:59:42 GMT
server: cloudflare
etag: W/"c90122c561e1e4b54f58af96dfbdcd5a"
vary: Accept-Encoding
x-goog-hash: crc32c=TSk09A==, md5=yQEixWHh5LVPWK+W373NWg==
x-goog-generation: 1712401182703344
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucL2LF7ITCZAFOE77czU3pwGbuVuG3Z7U%2B1kBF%2Bd72GQFQ5nUBFOcrcmhApjp%2BI%2FP1XHt%2F%2B8fFWsBrWsTOPA65XkhDhfMbRgm9mQQ%2B%2FAgTGA44nCD3VdKM1yC1BUUfyfHdoexNjheIWL"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 167713
cf-ray: 8703ede3dc8e9073-FRA
expires: Sat, 06 Apr 2024 18:37:12 GMT

Redirect headers

Location: https://acscdn.com/script/aclib.js
Non-Authoritative-Reason: DNS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK main.css
subs.sab.bz/css/ 15 KB
16 KB 128ms
64ms Stylesheet
text/css 82.101.74.58
IWET-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://subs.sab.bz/css/main.css

Requested by

Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117

Protocol

HTTP/1.1

Server

82.101.74.58 , Bulgaria, ASN29122 (IWET-AS, BG),

Reverse DNS

subs.sab.bz

Software

Apache /

Resource Hash

625c8e99cdb329b4864c880d6eab325f8f7dba0129cd5a72a326cdc713305827

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/index.php?act=download&attach_id=106117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:26 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Wed, 25 Nov 2020 11:33:42 GMT
Server: Apache
ETag: "3d33-5b4eccca1f180"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15667

GET
H/1.1 200
OK boxy.css
subs.sab.bz/css/ 3 KB
3 KB 129ms
65ms Stylesheet
text/css 82.101.74.58
IWET-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://subs.sab.bz/css/boxy.css

Requested by

Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117

Protocol

HTTP/1.1

Server

82.101.74.58 , Bulgaria, ASN29122 (IWET-AS, BG),

Reverse DNS

subs.sab.bz

Software

Apache /

Resource Hash

889c3ffe353c747be67ffa020cf499197971121e2f14aad7de7066bf9094fda9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/index.php?act=download&attach_id=106117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:26 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 18 Aug 2011 08:17:49 GMT
Server: Apache
ETag: "bc0-4aac33f964540"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3008

GET
H/1.1 200
OK css-star-rating.css
subs.sab.bz/css/ 3 KB
3 KB 130ms
64ms Stylesheet
text/css 82.101.74.58
IWET-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://subs.sab.bz/css/css-star-rating.css

Requested by

Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117

Protocol

HTTP/1.1

Server

82.101.74.58 , Bulgaria, ASN29122 (IWET-AS, BG),

Reverse DNS

subs.sab.bz

Software

Apache /

Resource Hash

79d5c5877e42cd41a19ff00dc3bf4649cde87504b6143e4944a65a71b5720ac5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/index.php?act=download&attach_id=106117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:26 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Sat, 21 Nov 2020 19:17:47 GMT
Server: Apache
ETag: "c40-5b4a2d0f56cc0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3136

GET
H2

200

font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/
Redirect Chain

http://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

28 KB
7 KB

137ms
50ms

Stylesheet
text/css

2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117

Protocol

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1047
age: 2077846
cdn-cachedat: 11/11/2022 02:14:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4083f5d376eb849a458cc790b53ba080"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7bb5bfebd315554cd6dff2f2b91b143e
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8703ede3d9323657-FRA
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Non-Authoritative-Reason: DNS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

200
OK

jquery.min.js Show response
st.subs.sab.bz/js/
Redirect Chain

http://subs.sab.bz/js/jquery.min.js
http://st.subs.sab.bz/js/jquery.min.js

95 KB
95 KB

98ms
62ms

Script
application/octet-stream

82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://st.subs.sab.bz/js/jquery.min.js
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:26 GMT
Last-Modified: Sun, 25 Jun 2023 12:07:17 GMT
Server: Mathopd/1.6b15
Content-Length: 97163
Content-Type: application/octet-stream

Redirect headers

Location: http://st.subs.sab.bz/js/jquery.min.js
Date: Sat, 06 Apr 2024 18:44:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 246
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

jquery.boxy.js Show response
st.subs.sab.bz/js/
Redirect Chain

http://subs.sab.bz/js/jquery.boxy.js
http://st.subs.sab.bz/js/jquery.boxy.js

20 KB
20 KB

97ms
63ms

Script
application/octet-stream

82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://st.subs.sab.bz/js/jquery.boxy.js
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 5caf1479af2dfcb2e70deec980395d4dc59e8be38734ab0b4e184ca08c7f9402

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:26 GMT
Last-Modified: Wed, 17 Aug 2011 17:19:20 GMT
Server: Mathopd/1.6b15
Content-Length: 20644
Content-Type: application/octet-stream

Redirect headers

Location: http://st.subs.sab.bz/js/jquery.boxy.js
Date: Sat, 06 Apr 2024 18:44:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 247
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 130ms
41ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd3264a8990af235fc2ee4368fbc5e55f7a249904448da52ab3e6aba21314638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: http://subs.sab.bz/
Origin: http://subs.sab.bz
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Apr 2024 18:44:27 GMT
content-md5: GF9LXi2w56aSyS7Hlq3xNw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1294, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: 50MKrD1M30d+YpERm6WalCaOLrd1leQu5fJ73B9gjkCu92n0rhDpz2TI6EcB6v95Wdk+NUiMRhIUzFaVPBaboQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1b9590ced2419fa97407972a54ba5540
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "34415caaeed6f0a0ea670fb32b479aec"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 06 Apr 2024 18:57:39 GMT

GET
H/1.1 200
OK langline.gif
st.subs.sab.bz/images/ 197 B
369 B 198ms
63ms Image
image/gif 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/langline.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 526e91987deefaceaf1af6e132ae2178d470dfdd35fa05c872a007543a9fddc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:26 GMT
Last-Modified: Thu, 13 Sep 2007 21:24:43 GMT
Server: Mathopd/1.6b15
Content-Length: 197
Content-Type: image/gif

GET
H/1.1 200
OK Translator.gif
st.subs.sab.bz/images/ 3 KB
3 KB 63ms
63ms Image
image/gif 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/Translator.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: e8004a8cc5a050641f6005b44f4a40f63b7efec5855e79fdf66da263b90ca212

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Thu, 24 Jan 2008 17:22:34 GMT
Server: Mathopd/1.6b15
Content-Length: 2700
Content-Type: image/gif

GET
H/1.1 200
OK HeadoffXen15Head.gif
st.subs.sab.bz/images/ 545 B
717 B 63ms
62ms Image
image/gif 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/HeadoffXen15Head.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: f2052d203721fbdf5687f362049abf14c85dd5a40bad0a75c874889b95b52b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Thu, 13 Sep 2007 21:24:43 GMT
Server: Mathopd/1.6b15
Content-Length: 545
Content-Type: image/gif

GET
H/1.1 200
OK new.gif
st.subs.sab.bz/images/ 854 B
1 KB 197ms
62ms Image
image/gif 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/new.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 2c70a8cf21483a075458f59cfe97f17edeafef95b29c830c938b8dea16d22b50

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:26 GMT
Last-Modified: Fri, 17 Dec 2010 17:36:07 GMT
Server: Mathopd/1.6b15
Content-Length: 854
Content-Type: image/gif

GET
H2

200

banner.js Show response
velocecdn.com/script/
Redirect Chain

http://dexpredict.com/a/display.php?r=4540579
https://dexpredict.com/a/display.php?r=4540579
https://velocecdn.com/script/banner.js

110 KB
36 KB

57ms
51ms

Script
text/javascript

2606:4700::6813:a01b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://velocecdn.com/script/banner.js
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: H2
Server: 2606:4700::6813:a01b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586bfe6cd6d441224a96f7a3d384b917b3e3e4417c968c4f073ecf98b9af748a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2410
x-guploader-uploadid: ABPtcPrtIfvaZBDwsnxnBfHBQ50cjssQV1dP_Q-AX5sl4fztb5zNUdqVMCzl1b0cKXpzkhYMjBk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Sat, 06 Apr 2024 11:01:56 GMT
server: cloudflare
etag: W/"c4b261899f8cd16adf64fc8d4bff9279"
vary: Accept-Encoding
x-goog-hash: crc32c=n3oiKA==, md5=xLJhiZ+M0WrfZPyNS/+SeQ==
x-goog-generation: 1712401316032636
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 113017
cf-ray: 8703ede68e671c2c-FRA
expires: Sat, 06 Apr 2024 22:44:27 GMT

Redirect headers

date: Sat, 06 Apr 2024 18:44:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
location: https://velocecdn.com/script/banner.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iDOgxg%2BtJiE4P8IYPvL9GFYf7HY34bXpeyfxgRDfflNuv%2BHF%2FEzvZ5oul18MVoNaLU4f0AL6ak3DjAZ0hdJY52OYXDHYw0fPfPBN4iSQv8eOwyzNgO7XZskQrclSTVIpLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8703ede56f4fa05e-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK imdb1.png
st.subs.sab.bz/images/ 3 KB
4 KB 64ms
64ms Image
image/png 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/imdb1.png
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 249ab066aa1ebcedd7b9bb10634bb2ffd5c3f8a2ee0765a5c80a2116717012f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Wed, 02 Dec 2020 11:55:21 GMT
Server: Mathopd/1.6b15
Content-Length: 3503
Content-Type: image/png

GET
H/1.1 200
OK rating_9.png
st.subs.sab.bz/images/ 2 KB
2 KB 63ms
63ms Image
image/png 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/rating_9.png
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 249f8d6f0191b401af4bf4029e8e78a704acce02d64dd89d632022269afe4773

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Fri, 19 Sep 2008 17:58:33 GMT
Server: Mathopd/1.6b15
Content-Length: 2124
Content-Type: image/png

GET
H/1.1 200
OK trailer_icon1.png
st.subs.sab.bz/images/ 6 KB
6 KB 64ms
63ms Image
image/png 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/trailer_icon1.png
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: fda6b7fe199b7ed7e185e19400079d99c7f8dfcec6a58b06d4c3399e107549dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Thu, 03 Dec 2020 10:30:16 GMT
Server: Mathopd/1.6b15
Content-Length: 6191
Content-Type: image/png

GET
H/1.1 200
OK tt2788316.jpg
st.subs.sab.bz/cache/imdbcovers/big/ 27 KB
27 KB 123ms
63ms Image
image/jpeg 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/cache/imdbcovers/big/tt2788316.jpg
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: bc45ca2bc86ce33b238473c4e7f84aeb362f05a6007d61a47124de01914ed27f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Wed, 28 Feb 2024 21:07:49 GMT
Server: Mathopd/1.6b15
Content-Length: 27970
Content-Type: image/jpeg

GET
H/1.1 200
OK btn_donate_SM.gif
st.subs.sab.bz/images/ 1 KB
2 KB 64ms
64ms Image
image/gif 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/btn_donate_SM.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 2d7176d20b34731e917cccf10da6f980eb5d70130ba5c374d7ec7a9f6f086835

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Sat, 14 Nov 2020 16:12:48 GMT
Server: Mathopd/1.6b15
Content-Length: 1442
Content-Type: image/gif

GET
H/1.1

200
OK

smiley.gif
st.subs.sab.bz/emoticons/
Redirect Chain

http://subs.sab.bz/emoticons/smiley.gif
http://st.subs.sab.bz/emoticons/smiley.gif

814 B
986 B

63ms
63ms

Image
image/gif

82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/emoticons/smiley.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 88c0d47e446a0ac5483cf3c28dbdec36df729d1b5cc81ce56d2f5bb6c4296566

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Tue, 24 Nov 2020 12:02:15 GMT
Server: Mathopd/1.6b15
Content-Length: 814
Content-Type: image/gif

Redirect headers

Location: http://st.subs.sab.bz/emoticons/smiley.gif
Date: Sat, 06 Apr 2024 18:44:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 250
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

drinks.gif
st.subs.sab.bz/emoticons/
Redirect Chain

http://subs.sab.bz/emoticons/drinks.gif
http://st.subs.sab.bz/emoticons/drinks.gif

15 KB
15 KB

64ms
63ms

Image
image/gif

82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/emoticons/drinks.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: ba563e55abd73de6f6ca55f8f197475e5cab9f290c6f46bbdd43138d5283dbbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Sat, 05 Dec 2009 19:16:44 GMT
Server: Mathopd/1.6b15
Content-Length: 15539
Content-Type: image/gif

Redirect headers

Location: http://st.subs.sab.bz/emoticons/drinks.gif
Date: Sat, 06 Apr 2024 18:44:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 250
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

good.gif
st.subs.sab.bz/emoticons/
Redirect Chain

http://subs.sab.bz/emoticons/good.gif
http://st.subs.sab.bz/emoticons/good.gif

3 KB
3 KB

64ms
64ms

Image
image/gif

82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/emoticons/good.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 657f7cbb66b759cf0e014581ff2e0841aa29928e370fcf60e67b66255e67be02

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Sat, 05 Dec 2009 19:16:48 GMT
Server: Mathopd/1.6b15
Content-Length: 3168
Content-Type: image/gif

Redirect headers

Location: http://st.subs.sab.bz/emoticons/good.gif
Date: Sat, 06 Apr 2024 18:44:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 248
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

all.js Show response
connect.facebook.net/bg_BG/
Redirect Chain

http://connect.facebook.net/bg_BG/all.js
https://connect.facebook.net/bg_BG/all.js

3 KB
3 KB

124ms
40ms

Script
application/x-javascript

2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/all.js

Requested by

Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117

Protocol

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d426c68cf0d86541bb789b62cec66351ca97c8da86e381f766eb6d97b5b6a518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Apr 2024 18:44:27 GMT
content-md5: kmnBoCCWUBOifqHcK0aMgQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1294, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: +lMuhpp9igaipXxUvhC2V/p0xeY/R2Z3TUPgBXG38CGPzA7nFXed6Fh1tT1CsU3R6PM2rxvxNzFcYnJRWbU3LQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 3ac033c0f69e55a066d080cd7d5f6f34
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "6b24886f93750c1b2dcc5b4e95f64fb2"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 06 Apr 2024 18:53:57 GMT

Redirect headers

Location: https://connect.facebook.net/bg_BG/all.js#xfbml=1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK rss.png
st.subs.sab.bz/forum/style_images/phcdl/ 930 B
1 KB 63ms
62ms Image
image/png 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/forum/style_images/phcdl/rss.png
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: f792a018c1ddd9d5ae48ee5bd3e1d89df4f6968f0827ee85eff139014ddf3657

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Thu, 13 Sep 2007 21:20:05 GMT
Server: Mathopd/1.6b15
Content-Length: 930
Content-Type: image/png

GET
H2

200

urchin.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

132ms
40ms

Script
text/javascript

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 19:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 85001
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6847
expires: Fri, 19 Apr 2024 19:07:46 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 plusone.js Show response
apis.google.com/js/ 55 KB
21 KB 140ms
47ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e8d19e50e8d7b203d4344dab0ad428acdbf68f9df93d6ba0f391e7c4ebfd0a7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: http://subs.sab.bz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Apr 2024 18:44:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21302
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "98b5f735af25e9ee"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Apr 2024 18:44:27 GMT

GET
H2

200

suv4.js Show response
velocecdn.com/script/
Redirect Chain

http://velocecdn.com/script/suv4.js
https://velocecdn.com/script/suv4.js

168 KB
51 KB

145ms
53ms

Script
text/javascript

2606:4700::6813:a01b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://velocecdn.com/script/suv4.js
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: H2
Server: 2606:4700::6813:a01b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fbc7d323afc24f1ec759c85bd3148a274b32e7e41134c87b9ba66f35292bfef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2945
x-guploader-uploadid: ABPtcPp_AZJut8e4gRbmD_cUvPVx795LqYMOix6jo7Z9bZT8J5VP02R_M8794PPkNRBUmkfwb7hQOAvtNQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Sat, 06 Apr 2024 11:10:24 GMT
server: cloudflare
etag: W/"0cae7e6af67527ec630e954b4d2f8fa8"
vary: Accept-Encoding
x-goog-hash: crc32c=EKHD7Q==, md5=DK5+avZ1J+xjDpVLTS+PqA==
x-goog-generation: 1712401824469344
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 172012
cf-ray: 8703ede68e681c2c-FRA
expires: Sat, 06 Apr 2024 22:44:27 GMT

Redirect headers

Location: https://velocecdn.com/script/suv4.js
Non-Authoritative-Reason: DNS
Cross-Origin-Resource-Policy: Cross-Origin

GET

suv4.js
dexpredict.com/script/
Redirect Chain

http://dexpredict.com/script/suv4.js
https://dexpredict.com/script/suv4.js

0
0

GET
H/1.1 200
OK header_center.jpg
st.subs.sab.bz/images/ 5 KB
5 KB 63ms
63ms Image
image/jpeg 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/header_center.jpg
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/css/main.css
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 22ea285d8ab389c7cd875bab8f60344ead30a57447fc721ceb3eec0a12b7f75d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Mon, 14 Jan 2008 18:22:19 GMT
Server: Mathopd/1.6b15
Content-Length: 4803
Content-Type: image/jpeg

GET
H/1.1 200
OK menuback.gif
st.subs.sab.bz/images/ 537 B
709 B 87ms
63ms Image
image/gif 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/menuback.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/css/main.css
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 2f1d27f2413585f12098d827155312ac1810f447053349bc777842695d41c94c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Thu, 13 Sep 2007 21:24:43 GMT
Server: Mathopd/1.6b15
Content-Length: 537
Content-Type: image/gif

GET
H/1.1 200
OK header_left.gif
st.subs.sab.bz/images/ 28 KB
28 KB 112ms
62ms Image
image/gif 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/header_left.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: b8e2c73ad86e403f49843dc63d5b56db082997467fd6019b34e84d87298df521

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Tue, 14 Dec 2010 08:27:16 GMT
Server: Mathopd/1.6b15
Content-Length: 28378
Content-Type: image/gif

GET
H3

200

ut.js Show response
acscdn.com/script/
Redirect Chain

http://acscdn.com/script/ut.js?cb=1712429067201
https://acscdn.com/script/ut.js?cb=1712429067201

108 KB
37 KB

59ms
59ms

Script
text/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/ut.js?cb=1712429067201
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: H3
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eba1845a8906335ac08f42450d7fdaff1514e66a73143a836a557f81e5802781

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2433
x-guploader-uploadid: ABPtcPpUWa2x6xp1MC-5FgUFzFk3xkYwi6O-QW5Gco0KMCThZuP8WeoJtcNdXqHc7hI1wTXPwac
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Mar 2024 14:20:01 GMT
server: cloudflare
etag: W/"03f9193f8ff0e93b5e00ff84e38a6acc"
vary: Accept-Encoding
x-goog-hash: crc32c=iNCt1A==, md5=A/kZP4/w6TteAP+E44pqzA==
x-goog-generation: 1709821201050042
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QHGvOHMiHhMJz7xDRsstgTeEII3JK5ot0Vyym74Z8z8uxhVvXtpTnvDQ%2BXJayh2BossLnAIQd8fXMNlS%2BrWHpDkmdWYFF1QOECmCmJVstKjfBW%2F7NXpiuHpw134y"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110498
cf-ray: 8703ede63b4a0a75-AMS
expires: Sat, 06 Apr 2024 18:18:34 GMT

Redirect headers

Location: https://acscdn.com/script/ut.js?cb=1712429067201
Non-Authoritative-Reason: DNS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
87 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8934ecbe19f85653c3d389ef7396359e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67ce8e35bde9adfcdc531c179a39bdc951b972925dc3e648a0d8cc788dd2b7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: http://subs.sab.bz/
Origin: http://subs.sab.bz
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Apr 2024 18:44:27 GMT
content-md5: 99PhPdVUHHlK8ESPYAamHg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88694
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=20, mss=1294, tbw=6394, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: 0L6zZSivzzjmIKUv4ifz5UtpQB8OM7gt7x9bQjSZdYxzF/19u9+YaPyo/suepMa0KrLl1+nrgTQhqWIu+mbqaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f2aa70c2eea031adb5933e4a77c79f7f
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "ee785060db687d17522084f57db9a10a"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 06 Apr 2025 16:17:18 GMT

GET
H3

204

banner.php
youradexchange.com/script/
Redirect Chain

http://youradexchange.com/script/banner.php?r=4540579&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1%...
https://youradexchange.com/script/banner.php?r=4540579&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1...

0
0

256ms
173ms

Fetch

172.64.101.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/banner.php?r=4540579&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&srs=ecb076a134304444d9d84d677edba638&atv=45.5
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: H3
Server: 172.64.101.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xsJUK6p%2FSbjRgOubxdYBRDS33iiZnL2hPAJOvLimwS4g7Yjhg1p5i1tk%2BOV1W%2FdSfexFVXytaOzDEDfEC1i9UwtPDytGGuLEuDeV%2F%2Bqsqpnhyk%2F1XzraVsJFhh6iP12C2fAywGI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8703ede7adf735f7-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://youradexchange.com/script/banner.php?r=4540579&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&srs=ecb076a134304444d9d84d677edba638&atv=45.5
Non-Authoritative-Reason: DNS
Access-Control-Allow-Origin: http://subs.sab.bz
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

banner.js Show response
acscdn.com/script/
Redirect Chain

http://acscdn.com/script/banner.js
https://acscdn.com/script/banner.js

110 KB
37 KB

126ms
126ms

Script
text/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/banner.js
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: H3
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586bfe6cd6d441224a96f7a3d384b917b3e3e4417c968c4f073ecf98b9af748a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 904
x-guploader-uploadid: ABPtcPolwh8OxnU8FUsj9GtcDiEKHBysC_n0PHX_r6XSKqjNb-klo1Rj5WcXQsHBd94elgLj7G8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 Apr 2024 11:01:56 GMT
server: cloudflare
etag: W/"c4b261899f8cd16adf64fc8d4bff9279"
vary: Accept-Encoding
x-goog-hash: crc32c=n3oiKA==, md5=xLJhiZ+M0WrfZPyNS/+SeQ==
x-goog-generation: 1712401316032636
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEIe6syjySrXTbgyTDdLDJn9zt0t9D4QpJ%2B3dGLoKO%2BuO0ghWO5jZeFc4GSG0vJF%2FM1hoDor3nq%2BzF3kZtiSK9tlJd87TQPdaFYiV18ocI8D4umGfDakvZBdELsO"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 113017
cf-ray: 8703ede72cac0a75-AMS
expires: Sat, 06 Apr 2024 19:29:23 GMT

Redirect headers

Location: https://acscdn.com/script/banner.js
Non-Authoritative-Reason: DNS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK c
counter.search.bg/cgi-bin/ 192 B
500 B 122ms
41ms Image
image/gif 38.242.215.86
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.search.bg/cgi-bin/c?_id=subssab&_z=4&_r=800&_c=24&_j=N&_t=-120&_k=Y&_l=
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: HTTP/1.1
Server: 38.242.215.86 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: ns2.w3open.com
Software: logger /
Resource Hash: 08c1ca736d49ce82c821c9d14fa4d4a8a0b84048c1c44bef20b70ad9b9b98e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Server: logger
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-cache, no-store, must-revalidate
Connection: close
Accept-Ranges: bytes
Content-Length: 192
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1594582062&utmcs=windows-1251&utmsr=800x600&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%8...
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1594582062&utmcs=windows-1251&utmsr=800x600&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%...

35 B
194 B

39ms
39ms

Image
image/gif

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1594582062&utmcs=windows-1251&utmsr=800x600&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&utmhn=subs.sab.bz&utmhid=1374023458&utmr=-&utmp=/index.php?act=download&attach_id=106117&utmac=UA-2992044-1&utmcc=__utma%3D210296727.1594582062.1712429067.1712429067.1712429067.1%3B%2B__utmz%3D210296727.1712429067.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Apr 2024 01:25:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62360
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1594582062&utmcs=windows-1251&utmsr=800x600&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&utmhn=subs.sab.bz&utmhid=1374023458&utmr=-&utmp=/index.php?act=download&attach_id=106117&utmac=UA-2992044-1&utmcc=__utma%3D210296727.1594582062.1712429067.1712429067.1712429067.1%3B%2B__utmz%3D210296727.1712429067.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK footer.gif
st.subs.sab.bz/images/ 666 B
838 B 64ms
63ms Image
image/gif 82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.subs.sab.bz/images/footer.gif
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/css/main.css
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 630b2865abf28b686dd73cd4784239e327bb952b107710931615d96dd6d4921e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:27 GMT
Last-Modified: Thu, 13 Sep 2007 21:24:43 GMT
Server: Mathopd/1.6b15
Content-Length: 666
Content-Type: image/gif

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 151ms
55ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin: http://subs.sab.bz
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 18:44:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1076
age: 11145168
cdn-cachedat: 10/31/2023 18:59:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 901c32520c8e853ef778cea9b979425a
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8703ede79c8c165b-WAW
cdn-requestpullsuccess: True

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DmKSjbfBf88.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo-1sKxGL8sRzWrtmJiushZXqdt0HA/ 157 KB
55 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DmKSjbfBf88.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo-1sKxGL8sRzWrtmJiushZXqdt0HA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

531ccee18d7d7a6e258beb8b9710dbcccb2dffa9f2a15a1413e79c358a17773c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: http://subs.sab.bz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 07:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55463
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 15:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Apr 2025 07:48:52 GMT

GET
H3

200

suv5.js Show response
acscdn.com/script/
Redirect Chain

http://acscdn.com/script/suv5.js
https://acscdn.com/script/suv5.js

123 KB
40 KB

325ms
325ms

Script
text/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/suv5.js
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: H3
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eeaf13f746746d730b46b4dd6e2b1cbd286e34d20ba7493e65137848eb3381e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2003
x-guploader-uploadid: ABPtcPosnT4KXVht-Y25tRblTvURKc6474Y9Se4Blbqv6sG41I8POMpE0gL9u4GsLy6aOXSG2iE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 Apr 2024 11:10:37 GMT
server: cloudflare
etag: W/"493aca1a320a261aa84e0464c88f141d"
vary: Accept-Encoding
x-goog-hash: crc32c=RIKTog==, md5=STrKGjIKJhqoTgRkyI8UHQ==
x-goog-generation: 1712401837598077
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jl%2Bv5xUul2V6silpoD24bq8kwC4r98APi0%2F8FH9%2B9gKsXhz6hGPGDt6qNvafI9%2BWz7Ou5%2FykwYlMxqkW%2F4UMTbmZrPOqqOwasOEnl%2FDaLMbxqhbyq87ZuhndsvGu"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 125718
cf-ray: 8703ede90f230a75-AMS
expires: Sat, 06 Apr 2024 18:47:06 GMT

Redirect headers

Location: https://acscdn.com/script/suv5.js
Non-Authoritative-Reason: DNS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 ctr.php
ctrtrk.com/ut/ Frame 0194 0
0 286ms
195ms Document
text/html 172.67.204.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrtrk.com/ut/ctr.php
Requested by: Host: acscdn.com
URL: http://acscdn.com/script/ut.js?cb=1712429067201
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://subs.sab.bz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8703ede89ec918c5-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 06 Apr 2024 18:44:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JAaWjdQIBHhJZGa9GiB3iCCXZXaVCliMW%2FBZpuwTCJ124fky1rMUFaWKmRPrNPAlTHwyghNhnwJixz2Yu0tW2Cvex7%2FMDvOqjRYUCLWOJBwcXJ%2FAen1wvacT2HH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

POST
H3

204

hb.php
pubtrky.com/ut/
Redirect Chain

http://pubtrky.com/ut/hb.php?cb=0.2672282474722678&v=1
https://pubtrky.com/ut/hb.php?cb=0.2672282474722678&v=1

0
420 B

258ms
163ms

Ping
text/plain

172.67.188.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pubtrky.com/ut/hb.php?cb=0.2672282474722678&v=1
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: H3
Server: 172.67.188.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3noYtNovIKGHEMYxUIR26hCyFPGYG4c93yMkik2U3m%2FrWEIKoQDOehCEMoQBTBB7N56d5BcD6F2v%2B18MgAUutcMnZS96rKTjLEX3Uoqq5sPJbHzLLFjq29BjSEcutw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8703ede8ab669f93-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://pubtrky.com/ut/hb.php?cb=0.2672282474722678&v=1
Non-Authoritative-Reason: DNS
Access-Control-Allow-Origin: http://subs.sab.bz
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

204

banner.php
youradexchange.com/script/
Redirect Chain

http://youradexchange.com/script/banner.php?r=8194746&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1%...
https://youradexchange.com/script/banner.php?r=8194746&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1...

0
0

171ms
170ms

Fetch

172.64.101.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/banner.php?r=8194746&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&srs=ecb076a134304444d9d84d677edba638&atv=45.5
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: H3
Server: 172.64.101.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=shSBA%2BidGUsipuKyafMr4NMhv0uHDlB%2BybeU%2BXCTFuVAxQzYX1qp4QCTTAuw2n%2B7Q0BIiF7kL1PXDV7Bar1TgjMbskN9jCeygwQ5WbC5BpUrgu4%2FwdyZQSKZKEUPM1CN4f4pb5Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8703ede88eea35f7-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://youradexchange.com/script/banner.php?r=8194746&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&srs=ecb076a134304444d9d84d677edba638&atv=45.5
Non-Authoritative-Reason: DNS
Access-Control-Allow-Origin: http://subs.sab.bz
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

suurl5.php Show response
youradexchange.com/script/
Redirect Chain

http://youradexchange.com/script/suurl5.php?r=1219157&cbur=0.9596350434424481&cbiframe=0&cbWidth=1600&cbHeight=1113&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01...
https://youradexchange.com/script/suurl5.php?r=1219157&cbur=0.9596350434424481&cbiframe=0&cbWidth=1600&cbHeight=1113&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x0...

1 KB
1 KB

244ms
244ms

Fetch
application/json

172.64.101.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl5.php?r=1219157&cbur=0.9596350434424481&cbiframe=0&cbWidth=1600&cbHeight=1113&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ts=1712429067746&srs=ecb076a134304444d9d84d677edba638&atv=45.5-sw-suv5
Requested by: Host: subs.sab.bz
URL: http://subs.sab.bz/index.php?act=download&attach_id=106117
Protocol: H3
Server: 172.64.101.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7918954a024c64f33eb83b23abe28e7380754bd7dce20305bff84d4c3b4ebabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 18:44:27 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1otJ%2FiXW9oFBlIowrNENYUPG8ypqtStmc5a5zAGnK2Eox9oAJ8WoMKLlWE3EjpxZWsiCJyS2VQmEjzRq54yJu%2Foh6u7%2B8bZ3A95zr2bzdXPIsPExFXxleP5HUGizCa76Mb4mxEE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cf-ray: 8703ede99fe635f7-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://youradexchange.com/script/suurl5.php?r=1219157&cbur=0.9596350434424481&cbiframe=0&cbWidth=1600&cbHeight=1113&cbtitle=%D0%A1%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B8%20-%20Shogun%20-%2001x01%20(2024)&cbpage=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26attach_id%3D106117&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ts=1712429067746&srs=ecb076a134304444d9d84d677edba638&atv=45.5-sw-suv5
Non-Authoritative-Reason: DNS
Access-Control-Allow-Origin: http://subs.sab.bz
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 like.php
www.facebook.com/v12.0/plugins/ Frame B3B4 0
0 189ms
102ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/like.php?action=recommend&app_id=120644621336595&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8e46c69c55e145af%26domain%3Dsubs.sab.bz%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsubs.sab.bz%252Ffb76aefd8688779be%26relation%3Dparent.parent&color_scheme=dark&container_width=0&font=tahoma&href=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Ddownload%26sid%3D93429%26attach_id%3D106117&locale=en_US&sdk=joey&show_faces=true&size=small&width=496

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8934ecbe19f85653c3d389ef7396359e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data: https://.google-analytics.com .google.com;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://subs.sab.bz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Sat, 06 Apr 2024 18:44:27 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=5607, tp=-1, tpl=-1, uplat=31, ullat=0
x-fb-debug: HNWdhmIh8ao38PjhY8KGJoUlHXY/KiqE0oIwpWACzIndhhMo9AysP7VsJ2b5RUx/NEAM9Hd7d3LEOrnpAb5LRQ==
x-xss-protection: 0

GET
H2 200 comments.php
www.facebook.com/v12.0/plugins/ Frame B6C3 0
0 183ms
102ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/comments.php?app_id=120644621336595&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a0089ccb1134543%26domain%3Dsubs.sab.bz%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsubs.sab.bz%252Ffb76aefd8688779be%26relation%3Dparent.parent&color_scheme=dark&container_width=384&height=100&href=http%3A%2F%2Fsubs.sab.bz%2Findex.php%3Fact%3Dcora%26sid%3D93429%26type%3Dcomment&locale=en_US&numposts=10&sdk=joey&version=v12.0&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8934ecbe19f85653c3d389ef7396359e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data: https://.google-analytics.com .google.com;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://subs.sab.bz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Sat, 06 Apr 2024 18:44:27 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=5375, tp=-1, tpl=-1, uplat=31, ullat=0
x-fb-debug: w7R/9ZcxkV65hptNgW3dTQJCZeU0FKCTrmxI5n+VlPoMPdj0mg3naTfpLgL9a30RuxH32YTm7Tm5rGV2sBcYwg==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 like.php
www.facebook.com/v12.0/plugins/ Frame D52E 0
0 176ms
101ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/like.php?app_id=120644621336595&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbad517554f4a4ba4%26domain%3Dsubs.sab.bz%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsubs.sab.bz%252Ffb76aefd8688779be%26relation%3Dparent.parent&color_scheme=dark&container_width=0&font=tahoma&href=http%3A%2F%2Fwww.facebook.com%2Fsubs.sab.bz&layout=button_count&locale=en_US&sdk=joey&show_faces=false&width=10

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8934ecbe19f85653c3d389ef7396359e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data: https://.google-analytics.com .google.com;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://subs.sab.bz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Sat, 06 Apr 2024 18:44:27 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=2794, tp=-1, tpl=-1, uplat=27, ullat=0
x-fb-debug: tOOyZ0Fn7T5DHcY6PDyGBKDH410X/anrua9s5EaYciJFe3bppP4pgyVxXXDkl8WE5DGP7XPj5MdSCT3humszEw==
x-xss-protection: 0

GET
H/1.1

200
OK

favicon.ico
st.subs.sab.bz/
Redirect Chain

http://subs.sab.bz/favicon.ico
http://st.subs.sab.bz/favicon.ico

4 KB
4 KB

67ms
67ms

Other
image/vnd.microsoft.icon

82.101.74.62
IWET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://st.subs.sab.bz/favicon.ico
Protocol: HTTP/1.1
Server: 82.101.74.62 , Bulgaria, ASN29122 (IWET-AS, BG),
Reverse DNS: st.subs.sab.bz
Software: Mathopd/1.6b15 /
Resource Hash: 8740ed15ac90d9611b781ad554857ace63006d7a65fe92aff4f24810efd25901

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://subs.sab.bz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Sat, 06 Apr 2024 18:44:28 GMT
Last-Modified: Thu, 13 Sep 2007 21:24:53 GMT
Server: Mathopd/1.6b15
Content-Length: 3638
Content-Type: image/vnd.microsoft.icon

Redirect headers

Location: http://st.subs.sab.bz/favicon.ico
Date: Sat, 06 Apr 2024 18:44:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 241
Content-Type: text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dexpredict.com
URL: https://dexpredict.com/script/suv4.js

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
subs.sab.bz/	1969-12-31 23:59:59	Name: session_id Value: a3d69ab9e927dc322218987a5485a57b
subs.sab.bz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4jncr9hrvs4ssd6d2954gnsudv
subs.sab.bz/	1969-12-31 23:59:59	Name: _c Value: y
.subs.sab.bz/	1970-01-21 05:16:29	Name: __utma Value: 210296727.1594582062.1712429067.1712429067.1712429067.1
.subs.sab.bz/	1970-01-20 19:40:30	Name: __utmb Value: 210296727
.subs.sab.bz/	1969-12-31 23:59:59	Name: __utmc Value: 210296727
.subs.sab.bz/	1970-01-21 00:03:17	Name: __utmz Value: 210296727.1712429067.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
ctrtrk.com/	1970-01-21 05:16:29	Name: uniqid Value: 96ec9ac5-d641-44cd-9d2d-5b8d2c8d9fe0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://subs.sab.bz/index.php?act=download&attach_id=106117 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acscdn.com
apis.google.com
connect.facebook.net
counter.search.bg
ctrtrk.com
dexpredict.com
maxcdn.bootstrapcdn.com
pubtrky.com
st.subs.sab.bz
subs.sab.bz
velocecdn.com
www.facebook.com
www.google-analytics.com
youradexchange.com
dexpredict.com
104.18.11.207
172.64.101.11
172.67.184.77
172.67.188.110
172.67.204.62
188.114.96.3
2606:4700::6812:acf
2606:4700::6813:a01b
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
38.242.215.86
82.101.74.58
82.101.74.62
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
08c1ca736d49ce82c821c9d14fa4d4a8a0b84048c1c44bef20b70ad9b9b98e53
1dc5b8ec69b2e657c33bf1ad08115f2843abce884b4fc94c088f5a4e96441516
22ea285d8ab389c7cd875bab8f60344ead30a57447fc721ceb3eec0a12b7f75d
249ab066aa1ebcedd7b9bb10634bb2ffd5c3f8a2ee0765a5c80a2116717012f9
249f8d6f0191b401af4bf4029e8e78a704acce02d64dd89d632022269afe4773
2c70a8cf21483a075458f59cfe97f17edeafef95b29c830c938b8dea16d22b50
2d7176d20b34731e917cccf10da6f980eb5d70130ba5c374d7ec7a9f6f086835
2f1d27f2413585f12098d827155312ac1810f447053349bc777842695d41c94c
2fbc7d323afc24f1ec759c85bd3148a274b32e7e41134c87b9ba66f35292bfef
526e91987deefaceaf1af6e132ae2178d470dfdd35fa05c872a007543a9fddc1
531ccee18d7d7a6e258beb8b9710dbcccb2dffa9f2a15a1413e79c358a17773c
586bfe6cd6d441224a96f7a3d384b917b3e3e4417c968c4f073ecf98b9af748a
5caf1479af2dfcb2e70deec980395d4dc59e8be38734ab0b4e184ca08c7f9402
625c8e99cdb329b4864c880d6eab325f8f7dba0129cd5a72a326cdc713305827
630b2865abf28b686dd73cd4784239e327bb952b107710931615d96dd6d4921e
657f7cbb66b759cf0e014581ff2e0841aa29928e370fcf60e67b66255e67be02
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67ce8e35bde9adfcdc531c179a39bdc951b972925dc3e648a0d8cc788dd2b7a1
7918954a024c64f33eb83b23abe28e7380754bd7dce20305bff84d4c3b4ebabb
79d5c5877e42cd41a19ff00dc3bf4649cde87504b6143e4944a65a71b5720ac5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8740ed15ac90d9611b781ad554857ace63006d7a65fe92aff4f24810efd25901
889c3ffe353c747be67ffa020cf499197971121e2f14aad7de7066bf9094fda9
88c0d47e446a0ac5483cf3c28dbdec36df729d1b5cc81ce56d2f5bb6c4296566
8eeaf13f746746d730b46b4dd6e2b1cbd286e34d20ba7493e65137848eb3381e
9e8d19e50e8d7b203d4344dab0ad428acdbf68f9df93d6ba0f391e7c4ebfd0a7
b8e2c73ad86e403f49843dc63d5b56db082997467fd6019b34e84d87298df521
ba563e55abd73de6f6ca55f8f197475e5cab9f290c6f46bbdd43138d5283dbbd
bc45ca2bc86ce33b238473c4e7f84aeb362f05a6007d61a47124de01914ed27f
bd3264a8990af235fc2ee4368fbc5e55f7a249904448da52ab3e6aba21314638
d426c68cf0d86541bb789b62cec66351ca97c8da86e381f766eb6d97b5b6a518
dbfd617d12e7870fed4945c90a9deb19b8e9a57e416e8690bc91f6ac06728184
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8004a8cc5a050641f6005b44f4a40f63b7efec5855e79fdf66da263b90ca212
eba1845a8906335ac08f42450d7fdaff1514e66a73143a836a557f81e5802781
f2052d203721fbdf5687f362049abf14c85dd5a40bad0a75c874889b95b52b74
f792a018c1ddd9d5ae48ee5bd3e1d89df4f6968f0827ee85eff139014ddf3657
fda6b7fe199b7ed7e185e19400079d99c7f8dfcec6a58b06d4c3399e107549dc

subs.sab.bz Open in urlscan Pro 82.101.74.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

18 %HTTPS

44 %IPv6

13 Domains

14 Subdomains

16 IPs

5 Countries

805 kBTransfer

1715 kBSize

8 Cookies

7 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

subs.sab.bz Open in urlscan Pro
82.101.74.58 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

18 %
HTTPS

44 %
IPv6

13
Domains

14
Subdomains

16
IPs

5
Countries

805 kB
Transfer

1715 kB
Size

8
Cookies

49 HTTP transactions
0 data transactions