URL: https://subf2m.co/
Submission: On July 10 via manual from IR — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 28 HTTP transactions. The main IP is 185.143.234.122, located in Iran, Islamic Republic Of and belongs to ARVANCLOUD-CDN-, IR. The main domain is subf2m.co.
TLS certificate: Issued by R3 on April 20th 2023. Valid for: 3 months.
This is the only time subf2m.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 185.143.234.122 205585 (ARVANCLOU...)
2 185.143.232.200 205585 (ARVANCLOU...)
6 185.143.233.122 ()
2 2 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 185.147.178.24 ()
28 5
Apex Domain
Subdomains
Transfer
13 subf2m.co
subf2m.co
133 KB
4 najva.com
app.najva.com — Cisco Umbrella Rank: 100752
assets.najva.com
van.najva.com
48 KB
4 subcdn.shop
subcdn.shop
22 KB
2 sabavision.com
plus.sabavision.com
1 KB
2 arvancloud.ir
www.arvancloud.ir — Cisco Umbrella Rank: 253966
55 KB
1 yektanet.com
cdn.yektanet.com
native-scripts.yektanet.com Failed
24 KB
28 6
Domain Requested by
13 subf2m.co subf2m.co
4 subcdn.shop subf2m.co
2 plus.sabavision.com subf2m.co
2 app.najva.com 2 redirects
2 www.arvancloud.ir subf2m.co
www.arvancloud.ir
1 van.najva.com subf2m.co
app.najva.com
1 assets.najva.com subf2m.co
1 cdn.yektanet.com subf2m.co
cdn.yektanet.com
0 native-scripts.yektanet.com Failed cdn.yektanet.com
28 9

This site contains links to these domains. Also see Links.

Domain
www.imdb.com
Subject Issuer Validity Valid
subf2m.co
R3
2023-04-20 -
2023-07-19
3 months crt.sh
arvancloud.ir
R3
2023-05-05 -
2023-08-03
3 months crt.sh
subcdn.shop
R3
2023-05-23 -
2023-08-21
3 months crt.sh
yektanet.com
R3
2023-05-30 -
2023-08-28
3 months crt.sh
*.sabavision.com
Certum Domain Validation CA SHA2
2023-01-24 -
2024-01-24
a year crt.sh

This page contains 1 frames:

Primary Page: https://subf2m.co/
Frame ID: 8180CF2701161AC295CA35D00F5910A7
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Subf2m - Subtitle Database

Page URL History Show full URLs

  1. https://subf2m.co/ Page URL
  2. https://subf2m.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

79 %
HTTPS

20 %
IPv6

6
Domains

9
Subdomains

5
IPs

2
Countries

283 kB
Transfer

670 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://subf2m.co/ Page URL
  2. https://subf2m.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://app.najva.com/static/css/local-messaging.css?v=202306010015 HTTP 301
  • https://assets.najva.com/webpush/static/css/local-messaging.css?v=202306010015
Request Chain 20
  • https://app.najva.com/static/js/scripts/subf2m-1452-c504458e-50d3-4f50-a852-02e26f92602d.js?v=202306010015 HTTP 301
  • https://van.najva.com/static/js/scripts/subf2m-1452-c504458e-50d3-4f50-a852-02e26f92602d.js?v=202306010015

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
subf2m.co/
4 KB
2 KB
Document
General
Full URL
https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
569b8a8112184c3d6c47088c4499507b0b493c421c5eb7d0dd22213e973b0b4d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Mon, 10 Jul 2023 15:25:29 GMT
server
ArvanCloud
server-timing
total;dur=0
vary
Accept-Encoding
x-request-id
556aeb2c755a41f94a6ae359dae0c755
x-sid
2582
x-xss-protection
1; mode=block
static-pages-2.5.6.css
www.arvancloud.ir/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.arvancloud.ir/css/static-pages-2.5.6.css
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.232.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
74889d16969f0bc035390cd40ce13619f5bb0cbe68ff0930022f40df3ea400bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 10 Jul 2023 15:25:29 GMT
date
Mon, 10 Jul 2023 15:25:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Sat, 08 Apr 2023 13:09:54 GMT
server
ArvanCloud
etag
W/"14b0-5f8d2db8fac80"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
b641fb891768ab44bf06fa3452ce2346
x-sid
2580
Vazir-Regular-UI.woff
www.arvancloud.ir/fonts/Vazir/
53 KB
53 KB
Font
General
Full URL
https://www.arvancloud.ir/fonts/Vazir/Vazir-Regular-UI.woff
Requested by
Host: www.arvancloud.ir
URL: https://www.arvancloud.ir/css/static-pages-2.5.6.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.232.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
de6624c28617130d7db2e37cad8353289060c51b6a8efb5788f08ec594971718
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arvancloud.ir/css/static-pages-2.5.6.css
Origin
https://subf2m.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:25:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-cache
HIT
server-timing
total;dur=0
content-length
54212
x-xss-protection
1; mode=block
x-request-id
45904e0343d3498b23d50c337dffeb2c
x-sid
2582
last-modified
Sat, 08 Apr 2023 13:09:54 GMT
server
ArvanCloud
etag
"d3c4-5f8d2db8fac80"
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=0
accept-ranges
bytes
expires
Mon, 10 Jul 2023 15:25:30 GMT
Primary Request /
subf2m.co/
10 KB
3 KB
Document
General
Full URL
https://subf2m.co/
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
7fa52c37625f0203c2b4e0915caf095792e47758544fdf57325b16f2919f7238
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subf2m.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 15:25:33 GMT
server
ArvanCloud
server-timing
total;dur=356
vary
Accept-Encoding
x-cache
BYPASS
x-request-id
738d21314d6452dd5a8832b6f509ff9e
x-sid
2582
x-xss-protection
1; mode=block
abc.css
subf2m.co/assets/css/
56 KB
14 KB
Stylesheet
General
Full URL
https://subf2m.co/assets/css/abc.css
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
d581ffb5dbd51b01b7324133409144d607a2603fca0cc5b0f4575b1350c9f494
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sun, 26 Feb 2023 22:07:37 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Jul 2019 14:11:48 GMT
server
ArvanCloud
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
13627
x-xss-protection
1; mode=block
x-request-id
f5102a16c495269eeee66004da8a095b
x-sid
2582
jquery.scrollbar.css
subf2m.co/assets/css/
22 KB
3 KB
Stylesheet
General
Full URL
https://subf2m.co/assets/css/jquery.scrollbar.css
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
d472b920bc1ca19b4d5fc2733fdda81e5ae59c3ea7b2e9be332bf14ebc69835f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 14:36:26 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2016 15:41:40 GMT
server
ArvanCloud
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
2968
x-xss-protection
1; mode=block
x-request-id
3483a8faa9b9dacd0139913213b761c4
x-sid
2582
jquery-3.2.0.min.js
subf2m.co/assets/js/
85 KB
30 KB
Script
General
Full URL
https://subf2m.co/assets/js/jquery-3.2.0.min.js
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sun, 26 Feb 2023 22:07:37 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
content-encoding
gzip
last-modified
Sun, 26 Mar 2017 22:18:22 GMT
server
ArvanCloud
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
30207
x-xss-protection
1; mode=block
x-request-id
d80c4fc087345c8806ec9e1f24f18a52
x-sid
2582
jquery.scrollbar.min.js
subf2m.co/assets/js/
13 KB
5 KB
Script
General
Full URL
https://subf2m.co/assets/js/jquery.scrollbar.min.js
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
8aa68371f310d31bd036986bb97b2ca278339eeb86972c0c191f36f434eafd99
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 14:32:06 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2016 15:41:40 GMT
server
ArvanCloud
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
4356
x-xss-protection
1; mode=block
x-request-id
6b9eed7863f801a7b24866c3e3f69120
x-sid
2582
tog.js
subf2m.co/assets/js/
2 KB
959 B
Script
General
Full URL
https://subf2m.co/assets/js/tog.js
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
4851eeab3850edd13e9ccf8c846d28ea8c69d09a0fa22bf5fb59af4c9d6760ff
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 14:34:31 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
content-encoding
gzip
last-modified
Fri, 20 Oct 2017 19:48:36 GMT
server
ArvanCloud
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
620
x-xss-protection
1; mode=block
x-request-id
a121dfe2ec293ba5d674e0dfa9e87228
x-sid
2582
guardians-of-the-galaxy-volume-3.135-254447.jpg
subcdn.shop/i/
7 KB
8 KB
Image
General
Full URL
https://subcdn.shop/i/guardians-of-the-galaxy-volume-3.135-254447.jpg
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.122 -, , ASN (),
Reverse DNS
Software
ArvanCloud /
Resource Hash
28660d71a65ea6f8dc38da9ae81604ed304713c60ace0fe42e6f528c4a113e80
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 10 Jul 2023 18:25:33 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
server
ArvanCloud
x-cache
HIT
content-type
image/webp
cache-control
max-age=10800
server-timing
total;dur=5
accept-ranges
bytes
content-length
7540
x-xss-protection
1; mode=block
x-request-id
efeacfafc04f93f82f56ab08aeb5b5c8
x-sid
2583
the-roundup-no-way-out-bumjoedoshi-3-3.135-263776.jpg
subcdn.shop/i/
6 KB
6 KB
Image
General
Full URL
https://subcdn.shop/i/the-roundup-no-way-out-bumjoedoshi-3-3.135-263776.jpg
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.122 -, , ASN (),
Reverse DNS
Software
ArvanCloud /
Resource Hash
e8bd8dbd9ef801935c4c99e896c824d6d9013278e6aef7fe491b9dbe1e989ea0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-sid
2583
date
Mon, 10 Jul 2023 15:25:33 GMT
server
ArvanCloud
x-cache
HIT
content-type
image/webp
cache-control
max-age=10800
server-timing
total;dur=5
x-xss-protection
1; mode=block
x-request-id
ab9f492ea37fdc8eb491ef5144cffa76
expires
Mon, 10 Jul 2023 18:25:33 GMT
indiana-jones-and-the-dial-of-destiny.135-263830.jpg
subcdn.shop/i/
6 KB
6 KB
Image
General
Full URL
https://subcdn.shop/i/indiana-jones-and-the-dial-of-destiny.135-263830.jpg
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.122 -, , ASN (),
Reverse DNS
Software
ArvanCloud /
Resource Hash
932d4eef5156c6a6194d65b794dac20e88fce28beb7a89d11015ae9950972315
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 10 Jul 2023 18:25:33 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
server
ArvanCloud
x-cache
HIT
content-type
image/webp
cache-control
max-age=10800
server-timing
total;dur=5
accept-ranges
bytes
content-length
5706
x-xss-protection
1; mode=block
x-request-id
c4fcc2c8b20359cd50b9ec78a8ec044c
x-sid
2583
insidious-the-red-door.135-263761.jpg
subcdn.shop/i/
3 KB
3 KB
Image
General
Full URL
https://subcdn.shop/i/insidious-the-red-door.135-263761.jpg
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.122 -, , ASN (),
Reverse DNS
Software
ArvanCloud /
Resource Hash
62c4faf6c5c7bf2080cfd6dfa431bd623e9639d9fd2d212df3cb61ba82604aa7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 10 Jul 2023 18:25:33 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
server
ArvanCloud
x-cache
HIT
content-type
image/webp
cache-control
max-age=10800
server-timing
total;dur=5
accept-ranges
bytes
content-length
2866
x-xss-protection
1; mode=block
x-request-id
d069babf10b2342ee756387efc93fb27
x-sid
2583
app.js
subf2m.co/assets/
65 KB
19 KB
Script
General
Full URL
https://subf2m.co/assets/app.js?ver=3
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
bfa93f43ded6d45944d2173f9e64b49559a8ae9f6a1a20398a73f5773f0a5e6c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sun, 26 Feb 2023 22:07:38 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
content-encoding
gzip
last-modified
Wed, 15 Apr 2020 11:35:40 GMT
server
ArvanCloud
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
18826
x-xss-protection
1; mode=block
x-request-id
6fdceff5c59b65d817a3f0065005ba56
x-sid
2582
back.jpg
subf2m.co/assets/img/
19 KB
19 KB
Image
General
Full URL
https://subf2m.co/assets/img/back.jpg
Requested by
Host: subf2m.co
URL: https://subf2m.co/assets/css/abc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
1517a9b9d5476d484df7bb748b946f0c02ea7f9daae526e6ef3d0d9b7b27ae67
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/assets/css/abc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sun, 26 Feb 2023 22:06:26 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
last-modified
Sat, 23 Sep 2017 02:37:50 GMT
server
ArvanCloud
x-cache
HIT
content-type
image/jpeg
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
18999
x-xss-protection
1; mode=block
x-request-id
e48c4d84c49af909e6e56ac1357b1ee1
x-sid
2582
logo.png
subf2m.co/assets/img/
4 KB
4 KB
Image
General
Full URL
https://subf2m.co/assets/img/logo.png
Requested by
Host: subf2m.co
URL: https://subf2m.co/assets/css/abc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
726b7be377189af5055ff450274196f0d151ce21bee6601ab9cc6ae99a433207
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/assets/css/abc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sun, 26 Feb 2023 22:07:38 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
last-modified
Sat, 23 Sep 2017 02:37:48 GMT
server
ArvanCloud
x-cache
HIT
content-type
image/png
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
4149
x-xss-protection
1; mode=block
x-request-id
ecf61eb9b0d0dd7485caa5f14d370c13
x-sid
2582
icon-rating-positive.png
subf2m.co/assets/img/
988 B
1 KB
Image
General
Full URL
https://subf2m.co/assets/img/icon-rating-positive.png
Requested by
Host: subf2m.co
URL: https://subf2m.co/assets/css/abc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
42cd0dd1e97c5fd712ffffcc6a01a7a97647d8b0fc2507f463bb452742ac3bed
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/assets/css/abc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sun, 26 Feb 2023 22:09:59 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
last-modified
Sat, 23 Sep 2017 02:37:48 GMT
server
ArvanCloud
x-cache
HIT
content-type
image/png
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
988
x-xss-protection
1; mode=block
x-request-id
3c2fede875011e46d885d6050ea2fcb7
x-sid
2582
icon-rating-neutral.png
subf2m.co/assets/img/
1 KB
1 KB
Image
General
Full URL
https://subf2m.co/assets/img/icon-rating-neutral.png
Requested by
Host: subf2m.co
URL: https://subf2m.co/assets/css/abc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
4264bda87eae50c0c256d21ae3dbbc8e67482181b826ccd905072ac50ee571ad
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/assets/css/abc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sun, 26 Feb 2023 22:09:59 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
last-modified
Sat, 23 Sep 2017 02:37:52 GMT
server
ArvanCloud
x-cache
HIT
content-type
image/png
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
1056
x-xss-protection
1; mode=block
x-request-id
8ca2cba969ee796cce05cbe732667b16
x-sid
2582
IRANSansWeb_Light.woff2
subf2m.co/assets/fonts/
32 KB
32 KB
Font
General
Full URL
https://subf2m.co/assets/fonts/IRANSansWeb_Light.woff2
Requested by
Host: subf2m.co
URL: https://subf2m.co/assets/css/abc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
6a856ac58fc2da1724b7c3223a4d64e2f597b9a02b893797c2ec5ecba5ff30fa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subf2m.co/assets/css/abc.css
Origin
https://subf2m.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 14:34:32 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
last-modified
Tue, 22 Nov 2016 18:39:06 GMT
server
ArvanCloud
x-cache
HIT
content-type
font/woff2
cache-control
public, max-age=604800
server-timing
total;dur=0
accept-ranges
bytes
content-length
32496
x-xss-protection
1; mode=block
x-request-id
83ad92abd829d9eba9855e86758796f8
x-sid
2582
article.v2.min.js
cdn.yektanet.com/js/subf2m.co/
82 KB
24 KB
Script
General
Full URL
https://cdn.yektanet.com/js/subf2m.co/article.v2.min.js?v=202306010015
Requested by
Host: subf2m.co
URL: https://subf2m.co/assets/app.js?ver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.122 -, , ASN (),
Reverse DNS
Software
ArvanCloud /
Resource Hash
b25d70055e66cb4736bacdb8856bc411848d445ceda21f4ac1d199582e6e65ae
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:25:33 GMT
content-encoding
gzip
x-cache-status
MISS
x-cache
REVALIDATED
server-timing
total;dur=56
x-xss-protection
1; mode=block
x-request-id
1f7e55c5014c223753ff63b6e1567393
x-sid
2583
last-modified
Wed, 05 Jul 2023 08:50:04 GMT
server
ArvanCloud
etag
W/"ac871a4a3a8656cbd5461d00c2c4e021"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
cache-control
max-age=3600
access-control-max-age
1728000
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Mon, 10 Jul 2023 16:25:33 GMT
local-messaging.css
assets.najva.com/webpush/static/css/
Redirect Chain
  • https://app.najva.com/static/css/local-messaging.css?v=202306010015
  • https://assets.najva.com/webpush/static/css/local-messaging.css?v=202306010015
10 KB
2 KB
Stylesheet
General
Full URL
https://assets.najva.com/webpush/static/css/local-messaging.css?v=202306010015
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Server
185.143.233.122 -, , ASN (),
Reverse DNS
Software
ArvanCloud /
Resource Hash
5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 09 Jul 2024 15:25:33 GMT
date
Mon, 10 Jul 2023 15:25:33 GMT
content-encoding
br
x-amz-request-id
tx00000d414ff168c9daa08-0063f29d62-4eba6-ir-tbz-sh1
x-cache
HIT
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
445d639d2fb10f73871c9442dba3de47
x-sid
2582
last-modified
Mon, 13 Feb 2023 15:10:16 GMT
server
ArvanCloud
etag
W/"20685ae09d2ce2a080031240f15c7725"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-rgw-object-type
Normal
cache-control
max-age=31536000
x-amz-meta-mtime
1674484809.295193216

Redirect headers

date
Mon, 10 Jul 2023 15:25:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
327
server-timing
total;dur=0
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5b165f2789fd33e5f469a45087709a8c
x-sid
2583
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSEDGy6e%2FXGoX1CbJaaF7cUeKkehfPZCRvcBPwyxjfo9HSlg7dEgdq%2Fr67xyALlYyz%2FfNuHZd%2BAOTZ%2FFr%2FU92iE5Px5aT93ad0xnKKuI7sdA9m8tF5ZBxxb24%2BsiRkla9QccYDJ9DANjUai1"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://assets.najva.com/webpush/static/css/local-messaging.css?v=202306010015
access-control-allow-origin
*
cache-control
max-age=16070400
access-control-allow-credentials
true
cf-ray
7e49d1ec8eff9974-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
subf2m-1452-c504458e-50d3-4f50-a852-02e26f92602d.js
van.najva.com/static/js/scripts/
Redirect Chain
  • https://app.najva.com/static/js/scripts/subf2m-1452-c504458e-50d3-4f50-a852-02e26f92602d.js?v=202306010015
  • https://van.najva.com/static/js/scripts/subf2m-1452-c504458e-50d3-4f50-a852-02e26f92602d.js?v=202306010015
180 KB
45 KB
Script
General
Full URL
https://van.najva.com/static/js/scripts/subf2m-1452-c504458e-50d3-4f50-a852-02e26f92602d.js?v=202306010015
Requested by
Host: subf2m.co
URL: https://subf2m.co/
Protocol
H2
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
0725a939d950b5d68ff70a0175896951fb66a85a7ca49ab9e097b39dbfe43b92
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:25:33 GMT
content-encoding
br
x-cache-status
MISS
x-cache
HIT
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
fea586e31c10755c9267f76308fdfc51
x-sid
2582
last-modified
Thu, 04 May 2023 02:34:00 GMT
server
ArvanCloud
etag
W/"2a6c1cd075cb54d8cce6af5ae67b59a6"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-meta-mtime
1635345182

Redirect headers

date
Mon, 10 Jul 2023 15:25:33 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4HoTJ%2B1m0xymgC4orfLKFDggMdIt%2BB4hnJQUxYXLNWofhvcyB0U22Fl3boxdUJhRF7dRe50e1R%2BWIKcgGvdrx3aYzwlZQ0DNi%2F0nHCE4J4AM3FPGyKIG4IZciN%2FyPzQDrD530U5nHWnbQ4g"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://van.najva.com/static/js/scripts/subf2m-1452-c504458e-50d3-4f50-a852-02e26f92602d.js?v=202306010015
cache-control
max-age=16070400
cf-ray
7e49d1ec8f029974-FRA
alt-svc
h3=":443"; ma=86400
ALL
plus.sabavision.com/site/509a39fd-c9f2-4d1b-aca3-69ad11a4e48d/
0
0
Preflight
General
Full URL
https://plus.sabavision.com/site/509a39fd-c9f2-4d1b-aca3-69ad11a4e48d/ALL?zones=970-Z618
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.147.178.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-screen-height,x-screen-width
Access-Control-Request-Method
GET
Origin
https://subf2m.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Length,Content-Type,X-Screen-Height,X-Screen-Width,Authorization
access-control-allow-methods
GET,POST,PUT,HEAD
access-control-allow-origin
https://subf2m.co
access-control-max-age
43200
content-length
0
content-type
application/octet-stream
date
Mon, 10 Jul 2023 15:25:33 GMT
server
nginx
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-cache
O-
x-upstream
0
x-upstream-ct
0.000
x-upstream-ht
0.265
dox.min.css
plus.sabavision.com/dox/
5 KB
1 KB
Stylesheet
General
Full URL
https://plus.sabavision.com/dox/dox.min.css
Requested by
Host: subf2m.co
URL: https://subf2m.co/assets/app.js?ver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.147.178.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
55e5ac5554566829a880737d3cb4e259dc06998fbf9d9c22b733bd6b96e45bd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subf2m.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:25:33 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 12:01:13 GMT
server
nginx
etag
W/"6357d009-1449"
vary
Accept-Encoding
x-cache
O-HIT
content-type
text/css
x-upstream
0
cache-control
max-age=2592000
expires
Wed, 09 Aug 2023 15:25:33 GMT
ALL
plus.sabavision.com/site/509a39fd-c9f2-4d1b-aca3-69ad11a4e48d/
0
0

utils.1.0.8.js
native-scripts.yektanet.com/public/chunk/
0
0

publisher.js
cdn.yektanet.com/rg_woebegone/scripts_v3/LYjWMVW1/
0
0

subf2m-1452-c504458e-50d3-4f50-a852-02e26f92602d.json
van.najva.com/static/js/scripts/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
plus.sabavision.com
URL
https://plus.sabavision.com/site/509a39fd-c9f2-4d1b-aca3-69ad11a4e48d/ALL?zones=970-Z618
Domain
native-scripts.yektanet.com
URL
https://native-scripts.yektanet.com/public/chunk/utils.1.0.8.js
Domain
cdn.yektanet.com
URL
https://cdn.yektanet.com/rg_woebegone/scripts_v3/LYjWMVW1/publisher.js?v=202306010015
Domain
van.najva.com
URL
https://van.najva.com/static/js/scripts/subf2m-1452-c504458e-50d3-4f50-a852-02e26f92602d.json?v=2023-07-10T15

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| model string| downloadButtonText function| DownloadSubtitle function| CloseDownloading function| ToggleComments function| TogglePreview function| ToggleDetails function| Toggle function| isMob1 function| isMobileDevice string| sabaVisionWebsiteID string| sabaVisionWebsitePage object| _0x2a13 function| _0x32a1 object| SabavisionElement undefined| lightBoxAd undefined| scrollBoxAd undefined| mobileAd number| contentWidth number| screenHeight number| screenWidth object| unSeenAdsPosition boolean| notifiedScrollAd boolean| notifiedLightBoxAd boolean| notifiedMobileAd undefined| resizeTimeout object| totalAds string| baseUrl string| closeImage boolean| initialized number| logoRatio number| smallLogoRatio function| compareTop function| closeLightBox function| closeAd function| closeMobileAd function| closeScrollBox function| getLogoSize object| Dox object| head object| script string| script_address function| adImgEngine object| JSON2 function| Cookies function| ajax string| doxVersion object| now string| item

1 Cookies

Domain/Path Name / Value
.subf2m.co/ Name: __arcsjs
Value: 6fb1fb4eebe85fc4f80c9849408bd274

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.najva.com
assets.najva.com
cdn.yektanet.com
native-scripts.yektanet.com
plus.sabavision.com
subcdn.shop
subf2m.co
van.najva.com
www.arvancloud.ir
cdn.yektanet.com
native-scripts.yektanet.com
plus.sabavision.com
van.najva.com
185.143.232.200
185.143.233.122
185.143.234.122
185.147.178.24
2606:4700:e0::ac40:671f
0725a939d950b5d68ff70a0175896951fb66a85a7ca49ab9e097b39dbfe43b92
1517a9b9d5476d484df7bb748b946f0c02ea7f9daae526e6ef3d0d9b7b27ae67
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
28660d71a65ea6f8dc38da9ae81604ed304713c60ace0fe42e6f528c4a113e80
4264bda87eae50c0c256d21ae3dbbc8e67482181b826ccd905072ac50ee571ad
42cd0dd1e97c5fd712ffffcc6a01a7a97647d8b0fc2507f463bb452742ac3bed
4851eeab3850edd13e9ccf8c846d28ea8c69d09a0fa22bf5fb59af4c9d6760ff
5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71
55e5ac5554566829a880737d3cb4e259dc06998fbf9d9c22b733bd6b96e45bd2
569b8a8112184c3d6c47088c4499507b0b493c421c5eb7d0dd22213e973b0b4d
62c4faf6c5c7bf2080cfd6dfa431bd623e9639d9fd2d212df3cb61ba82604aa7
6a856ac58fc2da1724b7c3223a4d64e2f597b9a02b893797c2ec5ecba5ff30fa
726b7be377189af5055ff450274196f0d151ce21bee6601ab9cc6ae99a433207
74889d16969f0bc035390cd40ce13619f5bb0cbe68ff0930022f40df3ea400bd
7fa52c37625f0203c2b4e0915caf095792e47758544fdf57325b16f2919f7238
8aa68371f310d31bd036986bb97b2ca278339eeb86972c0c191f36f434eafd99
932d4eef5156c6a6194d65b794dac20e88fce28beb7a89d11015ae9950972315
b25d70055e66cb4736bacdb8856bc411848d445ceda21f4ac1d199582e6e65ae
bfa93f43ded6d45944d2173f9e64b49559a8ae9f6a1a20398a73f5773f0a5e6c
d472b920bc1ca19b4d5fc2733fdda81e5ae59c3ea7b2e9be332bf14ebc69835f
d581ffb5dbd51b01b7324133409144d607a2603fca0cc5b0f4575b1350c9f494
de6624c28617130d7db2e37cad8353289060c51b6a8efb5788f08ec594971718
e8bd8dbd9ef801935c4c99e896c824d6d9013278e6aef7fe491b9dbe1e989ea0