Report - jbzone.cx

Report Overview

Visited public
2024-07-29 12:21:16
Tags
URL
jbzone.cx
Finishing URL
jbzone.cx/
IP / ASN
141.98.11.79
#209605 UAB Host Baltic
Title
JBzone Forum

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
t93.pixhost.to	unknown	unknown	2024-01-15 18:10:09	2024-02-27 08:07:29	881 B	19 kB	94.229.45.2
t98.pixhost.to	unknown	unknown	No data	No data	441 B	9.0 kB	94.229.45.2
imgpimp.xyz	unknown	2023-07-24	2023-07-27 18:36:33	2024-04-29 12:35:06	841 B	37 kB	104.21.9.30
i.imgur.com	5110	2009-01-09	2012-05-21 10:09:36	2024-07-29 08:11:28	1.2 kB	70 kB	199.232.196.193
s8d1.turboimg.net	unknown	2015-10-16	2020-08-01 21:07:26	2024-07-24 17:53:50	431 B	11 kB	104.26.13.244
t94.pixhost.to	unknown	unknown	2024-04-10 06:18:43	2024-04-17 18:33:54	878 B	17 kB	94.229.45.2
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-28 18:17:42	1.3 kB	3.6 kB	23.36.77.32
jbzone.cx	unknown	unknown	No data	No data	6.4 kB	186 kB	141.98.11.79

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-07-29 12:20:51	medium	141.98.11.79	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 22
2024-07-29 12:20:51	medium	141.98.11.79	Client IP	ET 3CORESec Poor Reputation IP group 3

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed
2024-07-29	medium	jbzone.cx	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	jbzone.cx/jscripts/jquery.js?ver=1823	ScriptElement	90 kB	2023-03-07	2025-04-28
Pretty URL jbzone.cx/jscripts/jquery.js?ver=1823 IP 141.98.11.79 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-28 05:06 Times Seen4666 Hash 12b69d0ae6c6f0c42942ae6da2896e84 d2cc8d43ce1c854b1172e42b1209502ad563db83 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f Loading...

	jbzone.cx/jscripts/jquery.plugins.min.js?ver=1821	ScriptElement	15 kB	2023-03-07	2025-04-22
Pretty URL jbzone.cx/jscripts/jquery.plugins.min.js?ver=1821 IP 141.98.11.79 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-22 13:21 Times Seen389 Hash cf1f71e20e14765d6d5ea640aa4f7fc7 d1f3a0e46dd50d3a4d1839cb821ad42802619def a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149 Loading...

	jbzone.cx/jscripts/general.js?ver=1827	ScriptElement	16 kB	2023-03-07	2025-04-21
Pretty URL jbzone.cx/jscripts/general.js?ver=1827 IP 141.98.11.79 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-21 18:39 Times Seen336 Hash 373ad0e5af45e8cd17b064aaa7c2d465 9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e 491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898 Loading...

	jbzone.cx/	ScriptElement	2.3 kB	2024-08-19	2024-08-19
Pretty URL jbzone.cx/ IP 141.98.11.79 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 15:22 Last Seen2024-08-19 15:22 Times Seen1 Hash 2248ad0cb13f63de17911de70544ff1e dfab66b85e6738a9d6e4c4bce3bf1de63653212f 5150dc1fbce65fe21ee9a03be270bceeec76485fc8fd66f8472057725c90fa5a Loading...

	jbzone.cx/	ScriptElement	125 B	2023-03-07	2025-04-18
Pretty URL jbzone.cx/ IP 141.98.11.79 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:37 Last Seen2025-04-18 05:17 Times Seen155 Hash 3e778a0599600893f6740e061f0db321 a9f01d1beac63e231a419894462ddf00adcd86ae 391dc11066c3b8e2f89bfe77f24d5ccb9f39c5ab3a499559caa7a4d5a8b175c6 Loading...

	jbzone.cx/	ScriptElement	77 B	2023-03-07	2025-04-19
Pretty URL jbzone.cx/ IP 141.98.11.79 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-04-19 06:33 Times Seen327 Hash e0e774c6eac4073121eb55b9e21d3511 5156ea2435d223d0519ddce05085a2510c7b1807 45a342390daafbd778ec29ac08c0cd3273410c225c6c1101306700c811b530b5 Loading...

HTTP Transactions (27)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b4e7d529107c1c5044860fb7b56942ca
dceacb49fd49caaa8aaa4e403f2516696467fe24
d5e5dfe382059e479448fbd9adc4d0130f6fa669a454173c6fbc377f23397312

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D5E5DFE382059E479448FBD9ADC4D0130F6FA669A454173C6FBC377F23397312"
Last-Modified: Sat, 27 Jul 2024 06:26:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3189
Expires: Mon, 29 Jul 2024 13:13:59 GMT
Date: Mon, 29 Jul 2024 12:20:50 GMT
Connection: keep-alive

jbzone.cx/

141.98.11.79

200 OK

23 kB

URL User Request GET HTTP/1.1
jbzone.cx/
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
HTML document, ASCII text, with very long lines (1310), with CRLF, LF line terminators
Size
23 kB (22712 bytes)
Hash
9225698f04400ed150699e4ff2cd8276
1a4ed6790fd3ecf8b49b857e390498845a0d1a50
edb68fa80bae62b8da22b8e6e8ac2d4b2587d043be5c3658a5cd90c94601ee79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/7.4.19
Cache-Control: no-cache, private
Set-Cookie: mybb[lastvisit]=1722255651; expires=Tue, 29-Jul-2025 12:20:51 GMT; path=/; domain=.jbzone.cx
mybb[lastactive]=1722255651; expires=Tue, 29-Jul-2025 12:20:51 GMT; path=/; domain=.jbzone.cx
sid=520dbaca8e418e4451de73eb661b7904; path=/; domain=.jbzone.cx; HttpOnly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

jbzone.cx/jscripts/jquery.js?ver=1823

141.98.11.79

200 OK

90 kB

URL GET HTTP/1.1
jbzone.cx/jscripts/jquery.js?ver=1823
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89475 bytes)
Hash
12b69d0ae6c6f0c42942ae6da2896e84
d2cc8d43ce1c854b1172e42b1209502ad563db83
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/jquery.js?ver=1823 HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.cx/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "15d83-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 89475
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

jbzone.cx/jscripts/jquery.plugins.min.js?ver=1821

141.98.11.79

200 OK

15 kB

URL GET HTTP/1.1
jbzone.cx/jscripts/jquery.plugins.min.js?ver=1821
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
JavaScript source, ASCII text, with very long lines (14798)
Size
15 kB (14799 bytes)
Hash
cf1f71e20e14765d6d5ea640aa4f7fc7
d1f3a0e46dd50d3a4d1839cb821ad42802619def
a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.cx/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "39cf-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 14799
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

jbzone.cx/jscripts/general.js?ver=1827

141.98.11.79

200 OK

16 kB

URL GET HTTP/1.1
jbzone.cx/jscripts/general.js?ver=1827
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
JavaScript source, ASCII text, with very long lines (322)
Size
16 kB (15709 bytes)
Hash
373ad0e5af45e8cd17b064aaa7c2d465
9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e
491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/general.js?ver=1827 HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.cx/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "3d5d-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 15709
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

jbzone.cx/cache/themes/theme1/global.css?t=1626019669

141.98.11.79

200 OK

31 kB

URL GET HTTP/1.1
jbzone.cx/cache/themes/theme1/global.css?t=1626019669
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
ASCII text
Size
31 kB (31277 bytes)
Hash
6dca31a92bd774f00e8513b3f141ca51
2f8b2c7d691ee232eb76b0c3e7c905419efe896c
969bc9ffb0d9ee825abb23a99e1f634f4cffe59df319d1afdcdf61e5733c2623

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/global.css?t=1626019669 HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.cx/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "7a2d-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 31277
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

jbzone.cx/cache/themes/theme1/css3.css?t=1626019669

141.98.11.79

200 OK

3.1 kB

URL GET HTTP/1.1
jbzone.cx/cache/themes/theme1/css3.css?t=1626019669
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
ASCII text
Size
3.1 kB (3114 bytes)
Hash
926db993b5ce157d2f8dc0a3ebbb198b
7b31fcb7d12af07bb714c01c03e13857a98a2bc3
ca63f43eff03f479ba21b135c7164d4ff0eef2d0cf3cea4767c1c52c14833f6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/css3.css?t=1626019669 HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.cx/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "c2a-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 3114
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

jbzone.cx/images/collapse.png

141.98.11.79

200 OK

369 B

URL GET HTTP/1.1
jbzone.cx/images/collapse.png
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
369 B (369 bytes)
Hash
6af553ac5e86504743b02f220405abdd
c07e8d586443c0ace4d91eea0d46476845b6baec
408e40949e493302b9fd79a82e68c13509ba6370f04be5088ccd7503a4d1f94c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/collapse.png HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.cx/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "171-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 369
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

t93.pixhost.to/thumbs/176/437411336_banner-kitty.jpg

94.229.45.2

200 OK

10 kB

URL GET HTTP/1.1
t93.pixhost.to/thumbs/176/437411336_banner-kitty.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintF8:40:AE:6E:4C:37:F8:D1:00:BB:C5:CA:4E:62:89:B2:AB:E1:3E:AF
ValidityMon, 15 Jul 2024 08:08:32 GMT - Sun, 13 Oct 2024 08:08:31 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
10 kB (10298 bytes)
Hash
bc9fb9880e155dbd754f553e682b6065
db4f1539e97bf6dceaa280085f3d6fea0443d54c
f70fdf74cdaadd8a25e1c04d76cd738cae1bd508ae321d99be38fd54432d2dc3

HTTP Headers

GET /thumbs/176/437411336_banner-kitty.jpg HTTP/1.1
Host: t93.pixhost.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 29 Jul 2024 12:20:51 GMT
Content-Type: image/jpeg
Content-Length: 10298
Last-Modified: Mon, 15 Jan 2024 04:07:29 GMT
Connection: keep-alive
ETag: "65a4af81-283a"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

jbzone.cx/images/headerlinks_sprite.png

141.98.11.79

200 OK

2.3 kB

URL GET HTTP/1.1
jbzone.cx/images/headerlinks_sprite.png
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
PNG image data, 16 x 196, 8-bit colormap, non-interlaced
Size
2.3 kB (2342 bytes)
Hash
e38f7f29cf3f740d7dc3651cb82098ec
65787e91831d3707a9ec747ab272c1fb5d52b2d8
bc8ea31d4d1a30effac6bed60a41d1ec64a7cd42a711c694a103e42da7aa4c0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/headerlinks_sprite.png HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/cache/themes/theme1/global.css?t=1626019669
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "926-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 2342
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

jbzone.cx/images/tcat.png

141.98.11.79

200 OK

131 B

URL GET HTTP/1.1
jbzone.cx/images/tcat.png
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
PNG image data, 2 x 60, 8-bit/color RGB, non-interlaced
Size
131 B (131 bytes)
Hash
10b96a318e186e39860a5945a9071b92
daa068efc07bb97ff0a2af218aedebbb28c9f1bb
91697e7d6cc941b2bff9f05520c0c22b95d460a655e65b480452ce60da209cdf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/tcat.png HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/cache/themes/theme1/global.css?t=1626019669
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "83-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 131
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

t98.pixhost.to/thumbs/152/492480803_banner-viper.jpg

94.229.45.2

200 OK

8.7 kB

URL GET HTTP/1.1
t98.pixhost.to/thumbs/152/492480803_banner-viper.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintF8:40:AE:6E:4C:37:F8:D1:00:BB:C5:CA:4E:62:89:B2:AB:E1:3E:AF
ValidityMon, 15 Jul 2024 08:08:32 GMT - Sun, 13 Oct 2024 08:08:31 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
8.7 kB (8719 bytes)
Hash
ddb84eb59177907f6f92785882379302
911879f542064f490e20acbd5dfbca03e027c192
aa51a1a72f35e8086dcbfc5f2dd8e5cda2fe2ad07d96107b32692c006bff38f0

HTTP Headers

GET /thumbs/152/492480803_banner-viper.jpg HTTP/1.1
Host: t98.pixhost.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 29 Jul 2024 12:20:51 GMT
Content-Type: image/jpeg
Content-Length: 8719
Last-Modified: Sun, 14 Jul 2024 17:11:44 GMT
Connection: keep-alive
ETag: "669406d0-220f"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

t93.pixhost.to/thumbs/176/437411189_banner-alcz.jpg

94.229.45.2

200 OK

8.3 kB

URL GET HTTP/1.1
t93.pixhost.to/thumbs/176/437411189_banner-alcz.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintF8:40:AE:6E:4C:37:F8:D1:00:BB:C5:CA:4E:62:89:B2:AB:E1:3E:AF
ValidityMon, 15 Jul 2024 08:08:32 GMT - Sun, 13 Oct 2024 08:08:31 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
8.3 kB (8288 bytes)
Hash
59dbdb3d007866b684844f1940d2142c
4294c9d5f91d9c4f216200adcef4b4855b6abfbd
fb9e210df4df836604802290267e94283b3d390ea97592542850cd536ef59e3a

HTTP Headers

GET /thumbs/176/437411189_banner-alcz.jpg HTTP/1.1
Host: t93.pixhost.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 29 Jul 2024 12:20:51 GMT
Content-Type: image/jpeg
Content-Length: 8288
Last-Modified: Mon, 15 Jan 2024 04:06:27 GMT
Connection: keep-alive
ETag: "65a4af43-2060"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

jbzone.cx/images/forum_icon_sprite.png

141.98.11.79

200 OK

1.1 kB

URL GET HTTP/1.1
jbzone.cx/images/forum_icon_sprite.png
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
PNG image data, 30 x 120, 8-bit colormap, non-interlaced
Size
1.1 kB (1130 bytes)
Hash
212f6e3895ee44bf54b31cf39a162611
7d1f15044536b4f243495c47b03b2334b5493b4f
b95e7d7fb4d9efd1e305194cd5ec83f0b16a02baad62b355c66f1af8688a528b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/forum_icon_sprite.png HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/cache/themes/theme1/global.css?t=1626019669
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "46a-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 1130
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

jbzone.cx/images/thead.png

141.98.11.79

200 OK

115 B

URL GET HTTP/1.1
jbzone.cx/images/thead.png
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
PNG image data, 1 x 40, 8-bit/color RGB, non-interlaced
Size
115 B (115 bytes)
Hash
96dfa0b7296d710946b220639f5a9d1c
40838eabc4f6384d72ec9adca7a773fc4db21c44
d2d9d86e65050d0197318b4478cff3931f3e7a071bdee4f12364c2c47d4d576f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/thead.png HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/cache/themes/theme1/global.css?t=1626019669
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:51 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "73-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 115
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

imgpimp.xyz/img/ovub34fjvm.png

104.21.9.30

200 OK

18 kB

URL GET HTTP/2
imgpimp.xyz/img/ovub34fjvm.png
IP
104.21.9.30:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jbzone.cx/
Certificate
IssuerGoogle Trust Services
Subjectimgpimp.xyz
Fingerprint12:16:F6:E9:E2:72:87:D3:DF:6F:32:8F:A0:5C:05:97:06:A1:69:F4
ValidityTue, 16 Jul 2024 06:45:40 GMT - Mon, 14 Oct 2024 06:45:39 GMT

File type
PNG image data, 486 x 60, 8-bit/color RGB, non-interlaced
Size
18 kB (17726 bytes)
Hash
94ecb7188397df11078a57783a5ab6ad
4391d9416d909e9336317facd0f9b4532ef9da39
ee8dbe886c01a1a594f23e14ab9dbcabedbdd5465d8b68f08bcab504e3bdd6f0

HTTP Headers

GET /img/ovub34fjvm.png HTTP/1.1
Host: imgpimp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 29 Jul 2024 12:20:51 GMT
content-type: image/png
content-length: 17726
last-modified: Thu, 27 Jul 2023 10:18:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UMTtc1%2BDk6rAz7182vVKoVfTi4nEgS4OxBzBjdNsXJmmdzkHqRQGYMFxkQmQKVnoN521pVKWxBn6%2FlWpNV6KlEypey8uRBnB3YKhE4aXxaqEAHvm%2B%2Fjais6M1gpARg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8aad10bf5aaa56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.imgur.com/bpTTXcC.png

199.232.196.193

200 OK

28 kB

URL GET HTTP/2
i.imgur.com/bpTTXcC.png
IP
199.232.196.193:443
ASN
#54113 FASTLY

Requested by
https://jbzone.cx/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced
Size
28 kB (28490 bytes)
Hash
0abbcbbe4ca058a167adcd14b6490b66
c385ee9dfea2fe58eec401a7948d4e11bc652b0c
6c5481e14d2ad353f913e1392b225dd323cc67b313670641998c9f91ccfdbe11

HTTP Headers

GET /bpTTXcC.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 12 Mar 2023 01:21:08 GMT
etag: "0abbcbbe4ca058a167adcd14b6490b66"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: WDqVfb6wGtkOmqsORiii0kAOkvtEu-mwwg4fZmYFSgiba-gC8Aa7Kw==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 2352614
date: Mon, 29 Jul 2024 12:20:51 GMT
x-served-by: cache-iad-kiad7000157-IAD, cache-hel1410029-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 15088, 0
x-timer: S1722255652.746563,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 28490
X-Firefox-Spdy: h2

imgpimp.xyz/img/pvj9h487g3df3.png

104.21.9.30

200 OK

18 kB

URL GET HTTP/2
imgpimp.xyz/img/pvj9h487g3df3.png
IP
104.21.9.30:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jbzone.cx/
Certificate
IssuerGoogle Trust Services
Subjectimgpimp.xyz
Fingerprint12:16:F6:E9:E2:72:87:D3:DF:6F:32:8F:A0:5C:05:97:06:A1:69:F4
ValidityTue, 16 Jul 2024 06:45:40 GMT - Mon, 14 Oct 2024 06:45:39 GMT

File type
PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced
Size
18 kB (17721 bytes)
Hash
a4a31871d324fc26a4bfbaf9f4c51f62
d91cd848ace1ee5a49ddd8740fc8f9c11c81dbf9
68b8a7e39986156701f50f930961b66170f8e2fe53a875758c70a8163e9eeca8

HTTP Headers

GET /img/pvj9h487g3df3.png HTTP/1.1
Host: imgpimp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 29 Jul 2024 12:20:51 GMT
content-type: image/png
content-length: 17721
last-modified: Thu, 05 Oct 2023 07:56:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4466
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKXVdvWRKXzLF27KuN3wQ9cfiHLfI4a60tIRi2COO7oDHgE5tZAS9fJIU4vaOKm3ZOz8IV6Nv9Pwlbgtof4ROHJ1vjETqcNbeK5n72x0wuMltvoQbOBWjLx%2F%2FDGEKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8aad10bf7adc56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

s8d1.turboimg.net/t1/102970598_05gf472.jpg

104.26.13.244

200 OK

10 kB

URL GET HTTP/2
s8d1.turboimg.net/t1/102970598_05gf472.jpg
IP
104.26.13.244:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jbzone.cx/
Certificate
IssuerGoogle Trust Services
Subjectturboimg.net
Fingerprint45:63:55:20:42:A2:AE:7D:9E:DD:4D:9A:0E:5B:48:A2:CF:05:D4:DC
ValidityTue, 23 Jul 2024 01:23:39 GMT - Mon, 21 Oct 2024 01:23:38 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 472x68, components 3
Size
10 kB (10325 bytes)
Hash
f03d23de48c399eca8fa9990cf853d1e
9ee8305265031506f7b1ee51feafad4332d260ad
ef1c86679db0867b58a208b6aea6e8a7d945c7b824460494317f8f9844cf3bcf

HTTP Headers

GET /t1/102970598_05gf472.jpg HTTP/1.1
Host: s8d1.turboimg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 29 Jul 2024 12:20:51 GMT
content-type: image/jpeg
content-length: 10325
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10578
etag: "668e955b-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 10 Jul 2024 14:06:19 GMT
pragma: public
cf-cache-status: HIT
age: 1583127
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwbkePjt%2F9iak4671ON0z5MGoD3S3jpO%2BAJaGlgty8AQ2X3aqYZldvd90LUUHZTIlUvevm7qL%2FOS36It40NvEGLPG%2FUCpey6%2Fds%2F7GURWsyx7Hal95THmAlTVtFW01p8yoIF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8aad10bf8b5356c4-OSL
X-Firefox-Spdy: h2

i.imgur.com/c85tVhe.jpg

199.232.196.193

200 OK

4.5 kB

URL GET HTTP/2
i.imgur.com/c85tVhe.jpg
IP
199.232.196.193:443
ASN
#54113 FASTLY

Requested by
https://jbzone.cx/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 468x60, components 3
Size
4.5 kB (4478 bytes)
Hash
892b0fc35965dacaefe2a70bb36eba02
996aba7a03aa368df0d2f2450928775a7ac22a29
d5920183bc8fbf027feb15ad8bccc860aa892fa8468f8bb0e51f8d9c4d16e21b

HTTP Headers

GET /c85tVhe.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 19 Oct 2023 12:09:32 GMT
etag: "892b0fc35965dacaefe2a70bb36eba02"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: agEtacKUEV582hDjknELzrrzGIShG7Zc4NNkxmYd4iTSeYbpsnIvXQ==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 29 Jul 2024 12:20:51 GMT
age: 603884
x-served-by: cache-iad-kjyo7100024-IAD, cache-hel1410029-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 50249, 39
x-timer: S1722255652.785262,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 4478
X-Firefox-Spdy: h2

i.imgur.com/KYB7SI6.png

199.232.196.193

200 OK

35 kB

URL GET HTTP/2
i.imgur.com/KYB7SI6.png
IP
199.232.196.193:443
ASN
#54113 FASTLY

Requested by
https://jbzone.cx/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced
Size
35 kB (34705 bytes)
Hash
6b0d552f8cc22088b762f6350c1d71bb
d8c2b4a8c2edaec452aecb4894efed2a7d5d143f
bd5bf61a24a70da89042d3db08e13dbe7bd4eafc9fd3390d7597d970f1a921fd

HTTP Headers

GET /KYB7SI6.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 01 Mar 2024 09:18:32 GMT
etag: "6b0d552f8cc22088b762f6350c1d71bb"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: ud9RlX17unjBaKwOdum2ZnCxLnUoyqVmVCdyDzrf3kKZdhIIdpB8Dw==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 29 Jul 2024 12:20:51 GMT
age: 1724257
x-served-by: cache-iad-kiad7000150-IAD, cache-hel1410029-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 419, 39
x-timer: S1722255652.787480,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 34705
X-Firefox-Spdy: h2

t94.pixhost.to/thumbs/79/449993792_banner-inno.jpg

94.229.45.2

200 OK

7.0 kB

URL GET HTTP/1.1
t94.pixhost.to/thumbs/79/449993792_banner-inno.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintF8:40:AE:6E:4C:37:F8:D1:00:BB:C5:CA:4E:62:89:B2:AB:E1:3E:AF
ValidityMon, 15 Jul 2024 08:08:32 GMT - Sun, 13 Oct 2024 08:08:31 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
7.0 kB (7013 bytes)
Hash
7bb18c47b0b82b169e7deb6da9b20174
e798a22e34ef93a85eabf368012058544139e95d
05530f11886c66ff9cf5a487ce5e2cfb9aceeca51dc19bce0cbfa8d0c32b63a5

HTTP Headers

GET /thumbs/79/449993792_banner-inno.jpg HTTP/1.1
Host: t94.pixhost.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 29 Jul 2024 12:20:51 GMT
Content-Type: image/jpeg
Content-Length: 7013
Last-Modified: Fri, 01 Mar 2024 04:46:41 GMT
Connection: keep-alive
ETag: "65e15db1-1b65"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

t94.pixhost.to/thumbs/80/450001247_banner-self.jpg

94.229.45.2

200 OK

9.5 kB

URL GET HTTP/1.1
t94.pixhost.to/thumbs/80/450001247_banner-self.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintF8:40:AE:6E:4C:37:F8:D1:00:BB:C5:CA:4E:62:89:B2:AB:E1:3E:AF
ValidityMon, 15 Jul 2024 08:08:32 GMT - Sun, 13 Oct 2024 08:08:31 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
9.5 kB (9523 bytes)
Hash
779098e25a84ef66d8469c63bca54a33
dc9a0f3e971b078f06ca81855f82a354c7f53ba0
b64508d16258c9eeaa3f7c84bcfe63b92b11fdff63e289cb4ec17bb255d94c57

HTTP Headers

GET /thumbs/80/450001247_banner-self.jpg HTTP/1.1
Host: t94.pixhost.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.cx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 29 Jul 2024 12:20:51 GMT
Content-Type: image/jpeg
Content-Length: 9523
Last-Modified: Fri, 01 Mar 2024 05:40:46 GMT
Connection: keep-alive
ETag: "65e16a5e-2533"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

jbzone.cx/images/favicon.png

141.98.11.79

200 OK

1.5 kB

URL GET HTTP/1.1
jbzone.cx/images/favicon.png
IP
141.98.11.79:443
ASN
#209605 UAB Host Baltic

Requested by
https://jbzone.cx/
Certificate
IssuerLet's Encrypt
Subjectjbzone.cx
Fingerprint35:0D:AC:98:E4:BF:28:D2:23:40:8D:22:06:16:F4:56:7F:1D:16:ED
ValidityFri, 26 Jul 2024 16:11:48 GMT - Thu, 24 Oct 2024 16:11:47 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1479 bytes)
Hash
5510a6001b159d863aa4c49383ef2ab8
ad7cb978a2cd4e1ac9e2c9e33a88cea06a8ecf21
fc5acc0358824045065f989b1675b2c6d8721d5b66dfdd7ece6a046c50e02d83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: jbzone.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.cx/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1722255651; mybb[lastactive]=1722255651; sid=520dbaca8e418e4451de73eb661b7904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 29 Jul 2024 12:20:52 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Thu, 04 Nov 2021 18:14:48 GMT
ETag: "5c7-5cffa807cf600"
Accept-Ranges: bytes
Content-Length: 1479
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fe86340c305817b173f7c0f3f59c795b
bae41a5fad9f6cf6e13281eb7d567d6103f292b3
310ca992570f568ed449d579727a026e44e75f4dd6a609897a3fba0bc7cbce57

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "310CA992570F568ED449D579727A026E44E75F4DD6A609897A3FBA0BC7CBCE57"
Last-Modified: Sat, 27 Jul 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11641
Expires: Mon, 29 Jul 2024 15:34:54 GMT
Date: Mon, 29 Jul 2024 12:20:53 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fe86340c305817b173f7c0f3f59c795b
bae41a5fad9f6cf6e13281eb7d567d6103f292b3
310ca992570f568ed449d579727a026e44e75f4dd6a609897a3fba0bc7cbce57

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "310CA992570F568ED449D579727A026E44E75F4DD6A609897A3FBA0BC7CBCE57"
Last-Modified: Sat, 27 Jul 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11641
Expires: Mon, 29 Jul 2024 15:34:54 GMT
Date: Mon, 29 Jul 2024 12:20:53 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fe86340c305817b173f7c0f3f59c795b
bae41a5fad9f6cf6e13281eb7d567d6103f292b3
310ca992570f568ed449d579727a026e44e75f4dd6a609897a3fba0bc7cbce57

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "310CA992570F568ED449D579727A026E44E75F4DD6A609897A3FBA0BC7CBCE57"
Last-Modified: Sat, 27 Jul 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11641
Expires: Mon, 29 Jul 2024 15:34:54 GMT
Date: Mon, 29 Jul 2024 12:20:53 GMT
Connection: keep-alive

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (27)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash