Report - jbzone.sh

Report Overview

Visited public
2025-02-23 03:02:43
Tags
URL
jbzone.sh
Finishing URL
jbzone.sh/
IP / ASN
83.222.191.215
#212283 Roza Holidays Eood
Title
JBzone Forum

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
t98.pixhost.to	unknown	unknown	2024-07-10	2025-02-21	453 B	9.0 kB	94.229.45.2
jbzone.sh	unknown	2025-02-20	2025-02-21	2025-02-21	6.5 kB	62 kB	83.222.191.215
t93.pixhost.to	unknown	unknown	2024-01-15	2025-02-22	905 B	19 kB	94.229.45.2
imgpimp.xyz	unknown	2023-07-24	2023-07-27	2025-02-20	865 B	37 kB	188.114.97.1
s8d1.turboimg.net	unknown	2015-10-16	2020-08-01	2025-02-20	443 B	11 kB	104.26.13.244
i.imgur.com	5110	2009-01-09	2012-05-21	2025-02-20	1.2 kB	70 kB	199.232.192.193
t94.pixhost.to	unknown	unknown	2024-03-04	2025-02-16	902 B	17 kB	94.229.45.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-02-23 03:02:12	medium	83.222.191.215	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 9
2025-02-23 03:02:12	medium	83.222.191.215	Client IP	ET DROP Dshield Block Listed Source group 1

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed
2025-02-23	medium	jbzone.sh	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	jbzone.sh/	ScriptElement	2.3 kB	2025-02-23	2025-02-23
Pretty URL jbzone.sh/ IP 83.222.191.215 ASN #212283 Roza Holidays Eood Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-23 03:02 Last Seen2025-02-23 03:02 Times Seen1 Hash f1fc44bdb60d4399888254c9d7e4009a f9183f7e4b04caa22445733785d24dea1bdd3bcb 2a963dabd73a6e1da61d65b0b33c2ada90b787e2c6ac35fabe7297292b421f13 Loading...

	jbzone.sh/jscripts/jquery.js?ver=1823	ScriptElement	90 kB	2023-03-07	2025-04-28
Pretty URL jbzone.sh/jscripts/jquery.js?ver=1823 IP 83.222.191.215 ASN #212283 Roza Holidays Eood Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-28 05:06 Times Seen4666 Hash 12b69d0ae6c6f0c42942ae6da2896e84 d2cc8d43ce1c854b1172e42b1209502ad563db83 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f Loading...

	jbzone.sh/jscripts/jquery.plugins.min.js?ver=1821	ScriptElement	15 kB	2023-03-07	2025-04-22
Pretty URL jbzone.sh/jscripts/jquery.plugins.min.js?ver=1821 IP 83.222.191.215 ASN #212283 Roza Holidays Eood Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-22 13:21 Times Seen389 Hash cf1f71e20e14765d6d5ea640aa4f7fc7 d1f3a0e46dd50d3a4d1839cb821ad42802619def a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149 Loading...

	jbzone.sh/jscripts/general.js?ver=1827	ScriptElement	16 kB	2023-03-07	2025-04-21
Pretty URL jbzone.sh/jscripts/general.js?ver=1827 IP 83.222.191.215 ASN #212283 Roza Holidays Eood Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-21 18:39 Times Seen336 Hash 373ad0e5af45e8cd17b064aaa7c2d465 9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e 491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898 Loading...

	jbzone.sh/	ScriptElement	125 B	2023-03-07	2025-04-18
Pretty URL jbzone.sh/ IP 83.222.191.215 ASN #212283 Roza Holidays Eood Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:37 Last Seen2025-04-18 05:17 Times Seen155 Hash 3e778a0599600893f6740e061f0db321 a9f01d1beac63e231a419894462ddf00adcd86ae 391dc11066c3b8e2f89bfe77f24d5ccb9f39c5ab3a499559caa7a4d5a8b175c6 Loading...

	jbzone.sh/	ScriptElement	77 B	2023-03-07	2025-04-19
Pretty URL jbzone.sh/ IP 83.222.191.215 ASN #212283 Roza Holidays Eood Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-04-19 06:33 Times Seen327 Hash e0e774c6eac4073121eb55b9e21d3511 5156ea2435d223d0519ddce05085a2510c7b1807 45a342390daafbd778ec29ac08c0cd3273410c225c6c1101306700c811b530b5 Loading...

HTTP Transactions (23)

URL IP Response Size

jbzone.sh/

83.222.191.215

200 OK

5.9 kB

URL User Request GET HTTP/1.1
jbzone.sh/
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2117), with CRLF, LF line terminators
Size
5.9 kB (5851 bytes)
Hash
65bb5087da909888349fad571c10ec43
8911ce9905bfba33e22e55e0e8b95a4a124d9b7a
6f791d526bb5204154b113947a92cc26f9ff516fd1b4cc842f6a50c326ee9804

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Cache-Control: no-cache, private
Set-Cookie: mybb[lastvisit]=1740279733; expires=Mon, 23-Feb-2026 03:02:13 GMT; path=/; domain=.jbzone.sh
mybb[lastactive]=1740279733; expires=Mon, 23-Feb-2026 03:02:13 GMT; path=/; domain=.jbzone.sh
sid=6100895d26d39e4689c64841e6aef391; path=/; domain=.jbzone.sh; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5851
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

jbzone.sh/jscripts/jquery.js?ver=1823

83.222.191.215

200 OK

31 kB

URL GET HTTP/1.1
jbzone.sh/jscripts/jquery.js?ver=1823
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30908 bytes)
Hash
12b69d0ae6c6f0c42942ae6da2896e84
d2cc8d43ce1c854b1172e42b1209502ad563db83
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/jquery.js?ver=1823 HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.sh/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "15d83-5c6db34c4bf40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30908
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

jbzone.sh/jscripts/jquery.plugins.min.js?ver=1821

83.222.191.215

200 OK

4.3 kB

URL GET HTTP/1.1
jbzone.sh/jscripts/jquery.plugins.min.js?ver=1821
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
JavaScript source, ASCII text, with very long lines (14798)
Size
4.3 kB (4326 bytes)
Hash
cf1f71e20e14765d6d5ea640aa4f7fc7
d1f3a0e46dd50d3a4d1839cb821ad42802619def
a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.sh/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "39cf-5c6db34c4bf40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4326
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

jbzone.sh/jscripts/general.js?ver=1827

83.222.191.215

200 OK

4.6 kB

URL GET HTTP/1.1
jbzone.sh/jscripts/general.js?ver=1827
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
JavaScript source, ASCII text, with very long lines (322)
Size
4.6 kB (4596 bytes)
Hash
373ad0e5af45e8cd17b064aaa7c2d465
9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e
491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/general.js?ver=1827 HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.sh/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "3d5d-5c6db34c4bf40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4596
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

jbzone.sh/cache/themes/theme1/global.css?t=1626019669

83.222.191.215

200 OK

6.2 kB

URL GET HTTP/1.1
jbzone.sh/cache/themes/theme1/global.css?t=1626019669
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
ASCII text
Size
6.2 kB (6184 bytes)
Hash
6dca31a92bd774f00e8513b3f141ca51
2f8b2c7d691ee232eb76b0c3e7c905419efe896c
969bc9ffb0d9ee825abb23a99e1f634f4cffe59df319d1afdcdf61e5733c2623

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/global.css?t=1626019669 HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.sh/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "7a2d-5c6db34c4bf40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6184
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

jbzone.sh/cache/themes/theme1/css3.css?t=1626019669

83.222.191.215

200 OK

582 B

URL GET HTTP/1.1
jbzone.sh/cache/themes/theme1/css3.css?t=1626019669
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
ASCII text
Size
582 B (582 bytes)
Hash
926db993b5ce157d2f8dc0a3ebbb198b
7b31fcb7d12af07bb714c01c03e13857a98a2bc3
ca63f43eff03f479ba21b135c7164d4ff0eef2d0cf3cea4767c1c52c14833f6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/css3.css?t=1626019669 HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.sh/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "c2a-5c6db34c4bf40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 582
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

t93.pixhost.to/thumbs/176/437411189_banner-alcz.jpg

94.229.45.2

200 OK

8.3 kB

URL GET HTTP/1.1
t93.pixhost.to/thumbs/176/437411189_banner-alcz.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintEF:67:08:20:EE:C7:91:56:E9:CA:04:62:E8:40:A2:42:07:73:F4:3B
ValiditySun, 12 Jan 2025 04:36:26 GMT - Sat, 12 Apr 2025 04:36:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
8.3 kB (8288 bytes)
Hash
59dbdb3d007866b684844f1940d2142c
4294c9d5f91d9c4f216200adcef4b4855b6abfbd
fb9e210df4df836604802290267e94283b3d390ea97592542850cd536ef59e3a

HTTP Headers

GET /thumbs/176/437411189_banner-alcz.jpg HTTP/1.1
Host: t93.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)
Date: Sun, 23 Feb 2025 03:02:13 GMT
Content-Type: image/jpeg
Content-Length: 8288
Last-Modified: Mon, 15 Jan 2024 04:06:27 GMT
Connection: keep-alive
ETag: "65a4af43-2060"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

jbzone.sh/images/collapse.png

83.222.191.215

200 OK

369 B

URL GET HTTP/1.1
jbzone.sh/images/collapse.png
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
369 B (369 bytes)
Hash
6af553ac5e86504743b02f220405abdd
c07e8d586443c0ace4d91eea0d46476845b6baec
408e40949e493302b9fd79a82e68c13509ba6370f04be5088ccd7503a4d1f94c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/collapse.png HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.sh/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "171-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 369
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

jbzone.sh/images/headerlinks_sprite.png

83.222.191.215

200 OK

2.3 kB

URL GET HTTP/1.1
jbzone.sh/images/headerlinks_sprite.png
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
PNG image data, 16 x 196, 8-bit colormap, non-interlaced
Size
2.3 kB (2342 bytes)
Hash
e38f7f29cf3f740d7dc3651cb82098ec
65787e91831d3707a9ec747ab272c1fb5d52b2d8
bc8ea31d4d1a30effac6bed60a41d1ec64a7cd42a711c694a103e42da7aa4c0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/headerlinks_sprite.png HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/cache/themes/theme1/global.css?t=1626019669
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "926-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 2342
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

t93.pixhost.to/thumbs/176/437411336_banner-kitty.jpg

94.229.45.2

200 OK

10 kB

URL GET HTTP/1.1
t93.pixhost.to/thumbs/176/437411336_banner-kitty.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintEF:67:08:20:EE:C7:91:56:E9:CA:04:62:E8:40:A2:42:07:73:F4:3B
ValiditySun, 12 Jan 2025 04:36:26 GMT - Sat, 12 Apr 2025 04:36:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
10 kB (10298 bytes)
Hash
bc9fb9880e155dbd754f553e682b6065
db4f1539e97bf6dceaa280085f3d6fea0443d54c
f70fdf74cdaadd8a25e1c04d76cd738cae1bd508ae321d99be38fd54432d2dc3

HTTP Headers

GET /thumbs/176/437411336_banner-kitty.jpg HTTP/1.1
Host: t93.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)
Date: Sun, 23 Feb 2025 03:02:13 GMT
Content-Type: image/jpeg
Content-Length: 10298
Last-Modified: Mon, 15 Jan 2024 04:07:29 GMT
Connection: keep-alive
ETag: "65a4af81-283a"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

jbzone.sh/images/tcat.png

83.222.191.215

200 OK

131 B

URL GET HTTP/1.1
jbzone.sh/images/tcat.png
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
PNG image data, 2 x 60, 8-bit/color RGB, non-interlaced
Size
131 B (131 bytes)
Hash
10b96a318e186e39860a5945a9071b92
daa068efc07bb97ff0a2af218aedebbb28c9f1bb
91697e7d6cc941b2bff9f05520c0c22b95d460a655e65b480452ce60da209cdf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/tcat.png HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/cache/themes/theme1/global.css?t=1626019669
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "83-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 131
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

jbzone.sh/images/thead.png

83.222.191.215

200 OK

115 B

URL GET HTTP/1.1
jbzone.sh/images/thead.png
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
PNG image data, 1 x 40, 8-bit/color RGB, non-interlaced
Size
115 B (115 bytes)
Hash
96dfa0b7296d710946b220639f5a9d1c
40838eabc4f6384d72ec9adca7a773fc4db21c44
d2d9d86e65050d0197318b4478cff3931f3e7a071bdee4f12364c2c47d4d576f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/thead.png HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/cache/themes/theme1/global.css?t=1626019669
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "73-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 115
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

jbzone.sh/images/forum_icon_sprite.png

83.222.191.215

200 OK

1.1 kB

URL GET HTTP/1.1
jbzone.sh/images/forum_icon_sprite.png
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
PNG image data, 30 x 120, 8-bit colormap, non-interlaced
Size
1.1 kB (1130 bytes)
Hash
212f6e3895ee44bf54b31cf39a162611
7d1f15044536b4f243495c47b03b2334b5493b4f
b95e7d7fb4d9efd1e305194cd5ec83f0b16a02baad62b355c66f1af8688a528b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/forum_icon_sprite.png HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/cache/themes/theme1/global.css?t=1626019669
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Sun, 11 Jul 2021 16:07:49 GMT
ETag: "46a-5c6db34c4bf40"
Accept-Ranges: bytes
Content-Length: 1130
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

imgpimp.xyz/img/ovub34fjvm.png

188.114.97.1

200 OK

18 kB

URL GET HTTP/2
imgpimp.xyz/img/ovub34fjvm.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jbzone.sh/
Certificate
IssuerGoogle Trust Services
Subjectimgpimp.xyz
Fingerprint9E:96:40:79:E3:CF:A0:D0:91:6A:E2:C4:FA:A6:49:43:D0:5A:F4:C7
ValidityThu, 09 Jan 2025 12:58:37 GMT - Wed, 09 Apr 2025 13:56:30 GMT

File type
PNG image data, 486 x 60, 8-bit/color RGB, non-interlaced
Size
18 kB (17726 bytes)
Hash
94ecb7188397df11078a57783a5ab6ad
4391d9416d909e9336317facd0f9b4532ef9da39
ee8dbe886c01a1a594f23e14ab9dbcabedbdd5465d8b68f08bcab504e3bdd6f0

HTTP Headers

GET /img/ovub34fjvm.png HTTP/1.1
Host: imgpimp.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Feb 2025 03:02:13 GMT
content-type: image/png
content-length: 17726
last-modified: Sun, 11 Aug 2024 13:17:07 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1936
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9gRsYMg6pUpLHTP726nwMkKpEBP4uw9zUgyVCfr9SzH1Po2ib2bIelni5wKe6GUaVImXSJiLIlm3c57sUTzbJdcLvvDcC2kakImihP1fQnr0UTRavcoei3iXnO0wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9163f9cfea7556ab-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1016&min_rtt=364&rtt_var=1301&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3199&recv_bytes=1166&delivery_rate=8074349&cwnd=252&unsent_bytes=0&cid=6c663c44d97b0051&ts=95&x=0"
X-Firefox-Spdy: h2

s8d1.turboimg.net/t1/102970598_05gf472.jpg

104.26.13.244

200 OK

10 kB

URL GET HTTP/2
s8d1.turboimg.net/t1/102970598_05gf472.jpg
IP
104.26.13.244:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jbzone.sh/
Certificate
IssuerGoogle Trust Services
Subjectturboimg.net
Fingerprint19:BA:BA:B4:0B:C0:E4:CC:43:F7:12:E7:16:F3:A6:3C:DC:53:16:CB
ValidityWed, 15 Jan 2025 23:22:42 GMT - Wed, 16 Apr 2025 00:22:38 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 472x68, components 3
Size
10 kB (10325 bytes)
Hash
f03d23de48c399eca8fa9990cf853d1e
9ee8305265031506f7b1ee51feafad4332d260ad
ef1c86679db0867b58a208b6aea6e8a7d945c7b824460494317f8f9844cf3bcf

HTTP Headers

GET /t1/102970598_05gf472.jpg HTTP/1.1
Host: s8d1.turboimg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Feb 2025 03:02:13 GMT
content-type: image/jpeg
content-length: 10325
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10578
etag: "668e955b-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 10 Jul 2024 14:06:19 GMT
pragma: public
cf-cache-status: HIT
age: 13677323
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hj9AIDHHP1eAdWpeI6HyNUl5sP99ep4Q%2BRvELTW4imlzPTbChKZ3nd1FsCg2wuyBDLGqg1bbZO1yXjQaB22fqmWYGCdrAriNFfBmpFiywXFZRI16sQBVGVirSpOBx%2F9%2FWFAk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9163f9cfe9e5569c-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1078&min_rtt=397&rtt_var=1340&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3278&recv_bytes=1219&delivery_rate=8688000&cwnd=254&unsent_bytes=0&cid=071a2002fa70bb29&ts=102&x=0"
X-Firefox-Spdy: h2

imgpimp.xyz/img/pvj9h487g3df3.png

188.114.97.1

200 OK

18 kB

URL GET HTTP/2
imgpimp.xyz/img/pvj9h487g3df3.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jbzone.sh/
Certificate
IssuerGoogle Trust Services
Subjectimgpimp.xyz
Fingerprint9E:96:40:79:E3:CF:A0:D0:91:6A:E2:C4:FA:A6:49:43:D0:5A:F4:C7
ValidityThu, 09 Jan 2025 12:58:37 GMT - Wed, 09 Apr 2025 13:56:30 GMT

File type
PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced
Size
18 kB (17721 bytes)
Hash
a4a31871d324fc26a4bfbaf9f4c51f62
d91cd848ace1ee5a49ddd8740fc8f9c11c81dbf9
68b8a7e39986156701f50f930961b66170f8e2fe53a875758c70a8163e9eeca8

HTTP Headers

GET /img/pvj9h487g3df3.png HTTP/1.1
Host: imgpimp.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Feb 2025 03:02:13 GMT
content-type: image/png
content-length: 17721
last-modified: Sun, 11 Aug 2024 13:10:55 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjikLl9%2BW08b0dfD22mQfOUsUPkVwluGr0ysZnjtNweHn%2F9KxsL2hqoZ8zk8ZBQ1gQB5fiLfZbtTudY81TuknmUylpTbvDI1bEAHBXGaZUm72d9afbsSBgy9Fv9drg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9163f9cffa7b56ab-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1079&min_rtt=364&rtt_var=1102&sent=22&recv=13&lost=0&retrans=0&sent_bytes=21901&recv_bytes=1166&delivery_rate=13336842&cwnd=252&unsent_bytes=0&cid=6c663c44d97b0051&ts=101&x=0"
X-Firefox-Spdy: h2

i.imgur.com/bpTTXcC.png

199.232.192.193

200 OK

28 kB

URL GET HTTP/2
i.imgur.com/bpTTXcC.png
IP
199.232.192.193:443
ASN
#54113 FASTLY

Requested by
https://jbzone.sh/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT

File type
PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced
Size
28 kB (28490 bytes)
Hash
0abbcbbe4ca058a167adcd14b6490b66
c385ee9dfea2fe58eec401a7948d4e11bc652b0c
6c5481e14d2ad353f913e1392b225dd323cc67b313670641998c9f91ccfdbe11

HTTP Headers

GET /bpTTXcC.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 12 Mar 2023 01:21:08 GMT
etag: "0abbcbbe4ca058a167adcd14b6490b66"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: WDqVfb6wGtkOmqsORiii0kAOkvtEu-mwwg4fZmYFSgiba-gC8Aa7Kw==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 23 Feb 2025 03:02:13 GMT
age: 2781240
x-served-by: cache-iad-kiad7000157-IAD, cache-hel1410034-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 9353, 38
x-timer: S1740279734.760031,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 28490
X-Firefox-Spdy: h2

i.imgur.com/c85tVhe.jpg

199.232.192.193

200 OK

4.5 kB

URL GET HTTP/2
i.imgur.com/c85tVhe.jpg
IP
199.232.192.193:443
ASN
#54113 FASTLY

Requested by
https://jbzone.sh/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 468x60, components 3
Size
4.5 kB (4478 bytes)
Hash
892b0fc35965dacaefe2a70bb36eba02
996aba7a03aa368df0d2f2450928775a7ac22a29
d5920183bc8fbf027feb15ad8bccc860aa892fa8468f8bb0e51f8d9c4d16e21b

HTTP Headers

GET /c85tVhe.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 19 Oct 2023 12:09:32 GMT
etag: "892b0fc35965dacaefe2a70bb36eba02"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: agEtacKUEV582hDjknELzrrzGIShG7Zc4NNkxmYd4iTSeYbpsnIvXQ==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 23 Feb 2025 03:02:13 GMT
age: 3432714
x-served-by: cache-iad-kjyo7100024-IAD, cache-hel1410034-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 17146, 853
x-timer: S1740279734.775515,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 4478
X-Firefox-Spdy: h2

i.imgur.com/KYB7SI6.png

199.232.192.193

200 OK

35 kB

URL GET HTTP/2
i.imgur.com/KYB7SI6.png
IP
199.232.192.193:443
ASN
#54113 FASTLY

Requested by
https://jbzone.sh/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT

File type
PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced
Size
35 kB (34705 bytes)
Hash
6b0d552f8cc22088b762f6350c1d71bb
d8c2b4a8c2edaec452aecb4894efed2a7d5d143f
bd5bf61a24a70da89042d3db08e13dbe7bd4eafc9fd3390d7597d970f1a921fd

HTTP Headers

GET /KYB7SI6.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 01 Mar 2024 09:18:32 GMT
etag: "6b0d552f8cc22088b762f6350c1d71bb"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: ud9RlX17unjBaKwOdum2ZnCxLnUoyqVmVCdyDzrf3kKZdhIIdpB8Dw==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 23 Feb 2025 03:02:13 GMT
age: 2207767
x-served-by: cache-iad-kiad7000150-IAD, cache-hel1410034-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 35946, 107
x-timer: S1740279734.781199,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 34705
X-Firefox-Spdy: h2

t94.pixhost.to/thumbs/79/449993792_banner-inno.jpg

94.229.45.2

200 OK

7.0 kB

URL GET HTTP/1.1
t94.pixhost.to/thumbs/79/449993792_banner-inno.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintEF:67:08:20:EE:C7:91:56:E9:CA:04:62:E8:40:A2:42:07:73:F4:3B
ValiditySun, 12 Jan 2025 04:36:26 GMT - Sat, 12 Apr 2025 04:36:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
7.0 kB (7013 bytes)
Hash
7bb18c47b0b82b169e7deb6da9b20174
e798a22e34ef93a85eabf368012058544139e95d
05530f11886c66ff9cf5a487ce5e2cfb9aceeca51dc19bce0cbfa8d0c32b63a5

HTTP Headers

GET /thumbs/79/449993792_banner-inno.jpg HTTP/1.1
Host: t94.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)
Date: Sun, 23 Feb 2025 03:02:13 GMT
Content-Type: image/jpeg
Content-Length: 7013
Last-Modified: Fri, 01 Mar 2024 04:46:41 GMT
Connection: keep-alive
ETag: "65e15db1-1b65"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

t94.pixhost.to/thumbs/80/450001247_banner-self.jpg

94.229.45.2

200 OK

9.5 kB

URL GET HTTP/1.1
t94.pixhost.to/thumbs/80/450001247_banner-self.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintEF:67:08:20:EE:C7:91:56:E9:CA:04:62:E8:40:A2:42:07:73:F4:3B
ValiditySun, 12 Jan 2025 04:36:26 GMT - Sat, 12 Apr 2025 04:36:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
9.5 kB (9523 bytes)
Hash
779098e25a84ef66d8469c63bca54a33
dc9a0f3e971b078f06ca81855f82a354c7f53ba0
b64508d16258c9eeaa3f7c84bcfe63b92b11fdff63e289cb4ec17bb255d94c57

HTTP Headers

GET /thumbs/80/450001247_banner-self.jpg HTTP/1.1
Host: t94.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)
Date: Sun, 23 Feb 2025 03:02:13 GMT
Content-Type: image/jpeg
Content-Length: 9523
Last-Modified: Fri, 01 Mar 2024 05:40:46 GMT
Connection: keep-alive
ETag: "65e16a5e-2533"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

t98.pixhost.to/thumbs/152/492480803_banner-viper.jpg

94.229.45.2

200 OK

8.7 kB

URL GET HTTP/1.1
t98.pixhost.to/thumbs/152/492480803_banner-viper.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintEF:67:08:20:EE:C7:91:56:E9:CA:04:62:E8:40:A2:42:07:73:F4:3B
ValiditySun, 12 Jan 2025 04:36:26 GMT - Sat, 12 Apr 2025 04:36:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
8.7 kB (8719 bytes)
Hash
ddb84eb59177907f6f92785882379302
911879f542064f490e20acbd5dfbca03e027c192
aa51a1a72f35e8086dcbfc5f2dd8e5cda2fe2ad07d96107b32692c006bff38f0

HTTP Headers

GET /thumbs/152/492480803_banner-viper.jpg HTTP/1.1
Host: t98.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jbzone.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)
Date: Sun, 23 Feb 2025 03:02:13 GMT
Content-Type: image/jpeg
Content-Length: 8719
Last-Modified: Sun, 14 Jul 2024 17:11:44 GMT
Connection: keep-alive
ETag: "669406d0-220f"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

jbzone.sh/images/favicon.png

83.222.191.215

200 OK

1.5 kB

URL GET HTTP/1.1
jbzone.sh/images/favicon.png
IP
83.222.191.215:443
ASN
#212283 Roza Holidays Eood

Requested by
https://jbzone.sh/
Certificate
IssuerLet's Encrypt
Subjectjbzone.sh
Fingerprint4A:51:6F:CE:EA:84:D1:EA:B9:36:35:EF:55:97:11:1B:06:26:DA:DC
ValidityThu, 20 Feb 2025 15:19:54 GMT - Wed, 21 May 2025 15:19:53 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1479 bytes)
Hash
5510a6001b159d863aa4c49383ef2ab8
ad7cb978a2cd4e1ac9e2c9e33a88cea06a8ecf21
fc5acc0358824045065f989b1675b2c6d8721d5b66dfdd7ece6a046c50e02d83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: jbzone.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jbzone.sh/
DNT: 1
Connection: keep-alive
Cookie: mybb[lastvisit]=1740279733; mybb[lastactive]=1740279733; sid=6100895d26d39e4689c64841e6aef391
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 23 Feb 2025 03:02:13 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Thu, 04 Nov 2021 18:14:48 GMT
ETag: "5c7-5cffa807cf600"
Accept-Ranges: bytes
Content-Length: 1479
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (23)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type