Report - pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/

Report Overview

Visited public
2025-03-09 03:57:31
Tags
URL
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Finishing URL
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/#
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
مبروك

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pkrewards.click	unknown	2024-12-13	2025-03-04	2025-03-04	9.9 kB	894 kB	188.114.97.1
vuzismoothie.net	unknown	2024-09-26	2024-09-26	2025-03-03	7.0 kB	59 kB	139.45.197.121

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed
2025-03-08	medium	vuzismoothie.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	vuzismoothie.net/1f8/26121/mw.min.js?z=7573896&sw=/sw-check-permissions-1ccf0.js	ScriptElement	5.5 kB	2025-03-06	2025-03-11
Pretty URL vuzismoothie.net/1f8/26121/mw.min.js?z=7573896&sw=/sw-check-permissions-1ccf0.js IP 139.45.197.121 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-06 09:55 Last Seen2025-03-11 11:09 Times Seen218 Hash 029493ae143fc54aecbc100ed57cb01e 7c7a377cea67700f64c5745f5b59386987826197 519ee3bdfad4477aaafb910fbd7361d700311981847b7aeb1e08edea491043d6 Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/	ScriptElement	1.4 kB	2025-02-10	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 12:03 Last Seen2025-03-09 08:05 Times Seen145 Hash 17dbea061053a81b5da7385b81925519 0da9dd8319c6e7161bc19424c5a51e62e4e553c8 0125c1040c29b02c178114e0b5c3f6672f843d305297562d7b64ccaad89b10e1 Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/	ScriptElement	34 B	2025-02-02	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-02 09:36 Last Seen2025-03-09 17:15 Times Seen772 Hash 79b9d139b59070db3efb82e0799d7f00 a4378ad2701577404d936f821e2c02b1ff73954f 2106f4fcd65a08d1d12b33965298c68f5f377bc25bbd949950a0dff2e2a2407a Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/	ScriptElement	375 B	2025-02-02	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-02 09:36 Last Seen2025-03-09 17:15 Times Seen775 Hash b80288a213568db20c9a4110aa987e84 67b6bf19c5857453d246fce0e786fa400b7db8ba 7b14e6dd8506126a565a605f70be6092a6b38e3a92e9dfd6936d9884290368be Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/	ScriptElement	122 B	2023-03-12	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 10:22 Last Seen2025-03-09 17:15 Times Seen777 Hash 0f416c543c7ea6a731bbc8414f0e94f6 0a8918c2d16bc27c044cbe9c0d14fe0b9ec31a32 06360fb768335f67dc37014abc51c8c931d75e8afb7c42e7add057bb67419754 Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/	ScriptElement	122 B	2023-03-12	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 10:22 Last Seen2025-03-09 17:15 Times Seen777 Hash 0f416c543c7ea6a731bbc8414f0e94f6 0a8918c2d16bc27c044cbe9c0d14fe0b9ec31a32 06360fb768335f67dc37014abc51c8c931d75e8afb7c42e7add057bb67419754 Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/#	ScriptElement	1.4 kB	2025-02-10	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 12:03 Last Seen2025-03-09 08:05 Times Seen145 Hash 17dbea061053a81b5da7385b81925519 0da9dd8319c6e7161bc19424c5a51e62e4e553c8 0125c1040c29b02c178114e0b5c3f6672f843d305297562d7b64ccaad89b10e1 Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/#	ScriptElement	46 kB	2025-03-06	2025-03-11
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-06 09:55 Last Seen2025-03-11 11:09 Times Seen311 Hash 07a245d2c69a92636bc072fde7af27f6 132e07d092df7206903bf189d16338c0a2597375 d46b06d0f554ef07147c36b70c070e542408c299e90192f340287fdd0beda5f1 Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/	ScriptElement	122 B	2023-03-12	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 10:22 Last Seen2025-03-09 17:15 Times Seen777 Hash 0f416c543c7ea6a731bbc8414f0e94f6 0a8918c2d16bc27c044cbe9c0d14fe0b9ec31a32 06360fb768335f67dc37014abc51c8c931d75e8afb7c42e7add057bb67419754 Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/count_down.js	ScriptElement	1.2 kB	2023-03-07	2025-04-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/count_down.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:01 Last Seen2025-04-09 22:51 Times Seen1236 Hash 5e85fb76dd7ba6b5f207d9cdfe76e673 80859398bdaa90c4919ead564ebdbd450ccf1d0f 021e16159bd1ffd69e974a2095a61b98d1fb99b8ffbb07b9d11f4d212b233945 Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/jquery.js	ScriptElement	90 kB	2023-03-07	2025-04-29
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/jquery.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-04-29 17:47 Times Seen4469 Hash 7c14a783dfeb3d238ccd3edd840d82ee ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b 80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0 Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/common.js	ScriptElement	1.7 kB	2023-12-25	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/common.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-25 20:15 Last Seen2025-03-09 17:15 Times Seen835 Hash 84080aa21be829c95fea687c9313129d c9820ec796f906b0f07dd7bde3b0d46f6d485b3d 3ad755a3567b83804b20ee1565cb04653a3ec04ba4133df6a88ea85a71a69fb1 Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/	ScriptElement	375 B	2023-03-12	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 10:22 Last Seen2025-03-09 17:15 Times Seen777 Hash 7dedbbf2a7734d8a9d100ba6fe776881 e38ddf15c9df7506df3de6b0e29e1a4aee68b465 be71311c569326c56a627bd43e36d69bbdd46b667b22a0bdb0f39dc57a8164cf Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/	ScriptElement	660 B	2025-02-11	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-11 15:57 Last Seen2025-03-09 14:23 Times Seen194 Hash 0c5b4423d2c0eb79503e3e1be6414549 e693335c3a1cba7e0b9f903d849d1b4738f9fa0c 9a11a3b129ae4f4a245a946f3562f58962366d3d28d55836d16147ea5ef1486e Loading...

	pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/	ScriptElement	557 B	2025-02-19	2025-03-09
Pretty URL pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-19 06:07 Last Seen2025-03-09 03:57 Times Seen79 Hash 00d56917444cc75820a79b1065d4f25c 2374c7c4233fdc6529ab02d1438120e5356bd7ba c4bf4b664a239842acad40a5f60cbdcb77aad82ef006c80322c4eba3630b10ee Loading...

HTTP Transactions (33)

URL IP Response Size

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/oldlady.png

188.114.97.1

200 OK

2.4 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/oldlady.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3
Size
2.4 kB (2356 bytes)
Hash
5695feeb4ce30d707204f87f5f2bd60b
9873e8c45a2b8e3b77643435c931e3e8eaf42f78
2e116bd6259b0cbbc04898bc8468af4537cfd268e84d58f4ff19a5a7f51f84fb

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/oldlady.png HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: image/png
content-length: 2356
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "124c48e510ac363dd0f132680fb851f6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AVYy%2FZeph%2BK3WeN%2FCMqFz3By3pbjLdyHwnJZUAyT7rPVVsqSHDaAneF1u0d1XxoXjcz3YYkbibFGaSO7Sogcjqi5rIv4xls0t5HkZVFckm3NJfLp37a9VmyhTWQpaIaoyc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 91d7a595df485693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=75&recv=21&lost=0&retrans=0&sent_bytes=71824&recv_bytes=3045&delivery_rate=107772&cwnd=253&unsent_bytes=26542&cid=4bac852d0b915861&ts=525&x=0"
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

0 B

URL OPTIONS
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pkrewards.click/
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

0 B

URL POST
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/
Content-Type: text/plain;charset=UTF-8
Content-Length: 283
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: application/json; charset=utf-8
content-length: 26
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

81 B

URL POST
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
81 B (81 bytes)
Hash
0301a3d8586a46af45ec4fb939ce1378
85f19bd0874b24c0425b7866490d2dfe448c12c2
607096a8ba253daaa87fe2c57e8160adacab8922e974f1498a875386d90073ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/
Content-Type: application/json
Content-Length: 396
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

0 B

URL OPTIONS
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pkrewards.click/
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/css/style.css

188.114.97.1

200 OK

18 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/css/style.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
ASCII text
Size
18 kB (18544 bytes)
Hash
71e098f3535815eb015c9166a3635e0c
20de58a11cd1828fed0e326514b472be2e292ad2
2d2cf6b47b2e959cd5822333546ed445f72ba5d60f6d25245260fb0031a6dc9d

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/css/style.css HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: W/"cd00c35e9e6843d9f730c6c0366ba2b1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25%2B4%2BLOcxZcj57cJdzES895ueBqBPq1mRudsoiCvKy0Z6emUU%2BY75AXJ9O5sfCyXB%2FHud1WPImdXy9GidCmyoTLQv1xpBDlm60zrxN6F%2FqBBSl%2BrZAgxzPQk7O%2Fo2YOOBOI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 91d7a5957f145693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=15&recv=20&lost=0&retrans=0&sent_bytes=7440&recv_bytes=2503&delivery_rate=107772&cwnd=253&unsent_bytes=0&cid=4bac852d0b915861&ts=466&x=0"
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/css/33.png

188.114.97.1

200 OK

3.3 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/css/33.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
PNG image data, 100 x 108, 8-bit colormap, non-interlaced
Size
3.3 kB (3324 bytes)
Hash
7dc316aa7f07ca588e9f1e54b3e89a64
09b9726ea439c39adbfeaa08bb978a04776ab96a
e86d9efc28a34b761dc69536b5ce5771f1b06252829ec6cd3ca737c92af2d69c

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/css/33.png HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/css/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:12 GMT
content-type: image/png
content-length: 3324
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "8fd72f5457d8e82ddbda95198973eb6d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NnZdXw8w42VIDUpXiYeBhjfXck4RVP5aFggBw3PdkZ3r5tZ0ITT9TphCYZcUjcCGW7h2GIXOzfUySPzg7HXgAA8SbYrNsVPRJ6CO4pVjJdD9JhcJ8NongU3e3ozebFE8jYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 1
accept-ranges: bytes
server: cloudflare
cf-ray: 91d7a5974ffc5693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=57749&min_rtt=57223&rtt_var=147&sent=648&recv=144&lost=0&retrans=0&sent_bytes=781216&recv_bytes=3210&delivery_rate=6453034&cwnd=615&unsent_bytes=0&cid=4bac852d0b915861&ts=763&x=0"
X-Firefox-Spdy: h2

vuzismoothie.net/1f8/26121/micro.tag.min.js?zoneId=7573896&sw=%2Fsw-check-permissions-1ccf0.js

139.45.197.121

200 OK

46 kB

URL GET
vuzismoothie.net/1f8/26121/micro.tag.min.js?zoneId=7573896&sw=%2Fsw-check-permissions-1ccf0.js
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type
JavaScript source, ASCII text, with very long lines (46529), with no line terminators
Size
46 kB (46529 bytes)
Hash
07a245d2c69a92636bc072fde7af27f6
132e07d092df7206903bf189d16338c0a2597375
d46b06d0f554ef07147c36b70c070e542408c299e90192f340287fdd0beda5f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1f8/26121/micro.tag.min.js?zoneId=7573896&sw=%2Fsw-check-permissions-1ccf0.js HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 09:35:37 GMT
etag: W/"67c96c69-b5c1"
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

0 B

URL OPTIONS
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pkrewards.click/
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

81 B

URL POST
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
81 B (81 bytes)
Hash
248b7e09a80be16d8565f5da0baec6b3
3f33ed709875cad03f211d79966c4527b9f41f05
c62f412ce0be139ed7f91578332ab158a16e31558c1b75738b1756869c9013a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/
Content-Type: application/json
Content-Length: 1494
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/22.png

188.114.97.1

200 OK

643 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/22.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
PNG image data, 1145 x 1145, 8-bit/color RGBA, non-interlaced
Size
643 kB (643007 bytes)
Hash
4c0f02642cf219190fe8ea7346ae58ab
678dfedfa2783c28298b0706ef878a2a06bac7d8
bfa8fe7d97bcf0106133043aed338d16f5e84ea9ba5def65e93c5f71b4ccd652

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/22.png HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: image/png
content-length: 643007
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "e787e0a493ccbcd2d48c9fd7d69a049b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIs35yGTLyyGd6DCKeydVFNBEZvzmouWgtihU%2B0q6IAX9c6MkXku2K9MfN27KfaUNpxWcOq8Hpotr3xsuV5SAACUJsQ5EakM7VtdG%2BiXZfQiZCDlYZccdEikWBb4mOsNnjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 91d7a5957f1a5693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=27&recv=20&lost=0&retrans=0&sent_bytes=15744&recv_bytes=2503&delivery_rate=107772&cwnd=253&unsent_bytes=0&cid=4bac852d0b915861&ts=469&x=0"
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/common.js

188.114.97.1

200 OK

1.7 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/common.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
JavaScript source, ASCII text, with very long lines (1725), with no line terminators
Size
1.7 kB (1669 bytes)
Hash
9b3a17ca02e5b65db6c5d0aa3005c227
f7b607cb02453987cc34880553d3b3cd9c82d7c3
03dba975fad006f849f187784fcdda5ef7890f4c5ca9498375dfb2c222480af1

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/common.js HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: W/"469c5db191267adf51e1e9a19f366e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9KBp6XpK5EIe8O1AX0WpK8tc903klhYf%2Fa3ypJ%2F28sbQ6C1YO3Pm2FrZpAUB%2F0JHMwNWx4U4GILTOHgtnkh0KB5DCGoyqT%2BsBg7Hai8F29NtE5zxPlhUopFYnj4i%2BaCMnos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 91d7a595df4b5693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=75&recv=21&lost=0&retrans=0&sent_bytes=71824&recv_bytes=3045&delivery_rate=107772&cwnd=253&unsent_bytes=26542&cid=4bac852d0b915861&ts=525&x=0"
X-Firefox-Spdy: h2

vuzismoothie.net/1f8/26121/mw.min.js?z=7573896&sw=/sw-check-permissions-1ccf0.js

139.45.197.121

200 OK

5.5 kB

URL GET
vuzismoothie.net/1f8/26121/mw.min.js?z=7573896&sw=/sw-check-permissions-1ccf0.js
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5459), with no line terminators
Size
5.5 kB (5459 bytes)
Hash
029493ae143fc54aecbc100ed57cb01e
7c7a377cea67700f64c5745f5b59386987826197
519ee3bdfad4477aaafb910fbd7361d700311981847b7aeb1e08edea491043d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1f8/26121/mw.min.js?z=7573896&sw=/sw-check-permissions-1ccf0.js HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:12 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 09:35:36 GMT
etag: W/"67c96c68-1553"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

81 B

URL POST
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
81 B (81 bytes)
Hash
8c88b7b68df389fc3f1a3a41ad03944f
e07c27a27c517f404ba7d167c09de1df7eabbbdb
42f1834777557aa66cb7b6ebec96c4cd40459f7dc14eae9f7eca6bc38c5b6f97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/
Content-Type: application/json
Content-Length: 398
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/11.png

188.114.97.1

200 OK

4.2 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/11.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
PNG image data, 531 x 531, 4-bit colormap, non-interlaced
Size
4.2 kB (4220 bytes)
Hash
a37a23b2a0618413adef70fb8204160b
77ea62ed00de2374e9680384a0f0ac2c119c6875
e036e6f8908a87aa0e5189b8096ed0e4faed461b17eb7646c9e48011d2b27b5c

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/11.png HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: image/png
content-length: 4220
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "30e2fd55cfe04ca9ec270efc3f1a0fae"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2290NcUw4d9q4m7%2BBdst%2B%2FCFas%2FeebtYFpQR3oTA9xx1PzVvjFVGJGXXK4s0w5iMPNGiCvmlGPYOyreqNNfUGFVFJot6%2FnLRrdjzs6REmx5fH%2Fx4xVx5TZkkFXM5om29m1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 91d7a5957f195693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=20&recv=20&lost=0&retrans=0&sent_bytes=10919&recv_bytes=2503&delivery_rate=107772&cwnd=253&unsent_bytes=0&cid=4bac852d0b915861&ts=468&x=0"
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/female.jpg

188.114.97.1

200 OK

2.3 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/female.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3
Size
2.3 kB (2322 bytes)
Hash
2c41913d0d049ca6a052f7c7253e863e
2f6ccdd2567a5cd2bb54eb629a2edf7008222180
d4c75b2753ad3a13b25c40f2e561139ee8213426afc2cd6e9e6cb50674939bb6

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/female.jpg HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: image/jpeg
content-length: 2322
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "a268c1a6532d3baaaa6614632845b288"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMEq2kC%2FNLogEdHRiDk7EL570jz72VEFwEVF5RZ5BUtXzAXqIC0K7kEvCodKy7gQPzU979r9DSXY7RzmvTO7TDFrry3KIRYEIWKlpcIruceSsKlRxhEk9ROjV%2Fts3iM7aiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 91d7a595df475693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58536&min_rtt=57606&rtt_var=4792&sent=80&recv=24&lost=0&retrans=0&sent_bytes=77328&recv_bytes=3045&delivery_rate=1169616&cwnd=253&unsent_bytes=21038&cid=4bac852d0b915861&ts=530&x=0"
X-Firefox-Spdy: h2

pkrewards.click/favicon.ico

188.114.97.1

404 Not Found

0 B

URL GET
pkrewards.click/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sun, 09 Mar 2025 03:57:12 GMT
content-length: 0
access-control-allow-origin: *
cache-control: no-store
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xu40TH%2BpBi4XKrbANA2K4QuMLq%2B6NlnkgAyPQ7V6CI3gZcqIvWrK9A4y%2Fay6CKThrb8EA14w5OLcJ0JqmbrpZ3llZRW4XA%2FVFlmf6YfsU%2FUY%2B3D1YQRUNfETnU23mIsTvj8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
cf-ray: 91d7a598b8aa5693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=62915&min_rtt=56985&rtt_var=10953&sent=653&recv=169&lost=0&retrans=0&sent_bytes=785100&recv_bytes=3285&delivery_rate=6346750&cwnd=709&unsent_bytes=0&cid=4bac852d0b915861&ts=1004&x=0"
X-Firefox-Spdy: h2

vuzismoothie.net/zone?pub=0&zone_id=7573896&is_mobile=false&domain=pkrewards.click&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.598&trace_id=5594cede-a951-4a13-9181-b9c39cb375cc&action=prerequest&drf=

139.45.197.121

200 OK

0 B

URL POST
vuzismoothie.net/zone?pub=0&zone_id=7573896&is_mobile=false&domain=pkrewards.click&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.598&trace_id=5594cede-a951-4a13-9181-b9c39cb375cc&action=prerequest&drf=
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?pub=0&zone_id=7573896&is_mobile=false&domain=pkrewards.click&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.598&trace_id=5594cede-a951-4a13-9181-b9c39cb375cc&action=prerequest&drf= HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

0 B

URL POST
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/
Content-Type: text/plain;charset=UTF-8
Content-Length: 282
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: application/json; charset=utf-8
content-length: 26
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/comment-k.jpg

188.114.97.1

200 OK

4.0 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/comment-k.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 140x140, components 3
Size
4.0 kB (3975 bytes)
Hash
5a9a33d463240dadca7d0f8fd2e1d4e5
3aff45ca7e748c2ceb565218d736e0d32c39f06e
a29f1be9820c77c39e4a6a7a8f233ee4eb90acd027f66291f97bd15b802c7377

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/comment-k.jpg HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: image/jpeg
content-length: 3975
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "455b787f2cadbe82d86322c5aefcaaa8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SnzDJecu5TFshEDrDxnBZUtLlXt2J%2FeQRc9a5T9pC8V%2Fzybm3JB8g4QQKE3ceArWJfAxflkAlwsD6wUwk2kZJsteyPBToU7Q8I%2BMuNrUk3AjbJzT2AITh98MmcqEYyBBm5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 91d7a5957f1c5693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=75&recv=20&lost=0&retrans=0&sent_bytes=71824&recv_bytes=2503&delivery_rate=107772&cwnd=253&unsent_bytes=26542&cid=4bac852d0b915861&ts=475&x=0"
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/ps4man.jpg

188.114.97.1

200 OK

3.8 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/ps4man.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3
Size
3.8 kB (3790 bytes)
Hash
7d4e5a5d0f781b6d56386ca3992e4295
31916c8d2ae53a8963d8723e1ad11f2c301398fd
e5aa7e870bebd39304cec8f23b4847c23e5150e665578972dd32447f2d242c1d

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/ps4man.jpg HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: image/jpeg
content-length: 3790
server: cloudflare
age: 0
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "1484de86062a096160530750d4d14537"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KX3pXDFzigEGosk8uZ04BmFg7ekTD8QGY33ER%2BSFOd3KcMCNy7M1EiEYXLzVnA%2B7lZeYQviCR0hKMLA9tKhXbTHBoYwqU0hjBkdrycTeSIk8%2FbGQhrX4fMl6MxdEjtMDxks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 91d7a5957f205693-OSL
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

81 B

URL POST
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
81 B (81 bytes)
Hash
d5c98b29a76b4a10db4a908aae2889ff
7a2303496b7ab7746a552d1f5811e50fab5a175d
f6fe0231db61f455d35fb5a562e8418ef68d48327326f06e231f2f0b61906b9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/
Content-Type: application/json
Content-Length: 402
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/

188.114.97.1

200 OK

11 kB

URL User Request GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type

Size
11 kB (10774 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/ HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O5tEJ8slraeHLO91yVJEoNB7XOsA8FRu5DhmDYIRVVc2NHsI0QwSw1It1irOEaIhO8qldorZQGr4NHqsggO0qP8WLiQLoM3EfNiJK9J6C0BMWfZsnVnuloJPmIDYhQGXDIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91d7a5931e215693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58079&min_rtt=57935&rtt_var=12417&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3246&recv_bytes=1284&delivery_rate=63998&cwnd=253&unsent_bytes=0&cid=4bac852d0b915861&ts=144&x=0"
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/44.png

188.114.97.1

200 OK

59 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/44.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x284, components 3
Size
59 kB (59395 bytes)
Hash
ec348407fffaa871d6e373e0370af868
77a202669f64c275541ad746ae0120c5b3e6e35a
29fb12b7947f7a980a1e102f63d03d5ea000a574647b9a0fdd820309212854da

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/44.png HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: image/png
content-length: 59395
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "b9bfa7c6e82d4c7edc9dc9d44ffe2c22"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15A9M%2B8ZS8gJuDXyrlTJL74ic3ej9dZEJZQveT5CCtgCU2NFkk0JlDqWmvI7RL1A45RW1Jl%2F2rRFW63EtJqbgok%2BqbQWg0icnzF9pQFbWLWUIZwx3nyAYUJwu%2BNt3wBf%2BzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 91d7a5957f1b5693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=70&recv=20&lost=0&retrans=0&sent_bytes=65918&recv_bytes=2503&delivery_rate=107772&cwnd=253&unsent_bytes=32448&cid=4bac852d0b915861&ts=470&x=0"
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/comment1.png

188.114.97.1

200 OK

1.9 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/comment1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3
Size
1.9 kB (1876 bytes)
Hash
e6d09aa7a7bfbcd6873d9fba645e231a
5336ad196a2d3d50c2bd00a17e26740602219d14
8ccc052cd7087334be9106f879af4a71285445f948278c896d2beaa1dcd63aa0

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/comment1.png HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: image/png
content-length: 1876
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "64b062c215800ff14efc08e272a8003a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twDhmsSpHBLlp2%2BseMolFHYVS%2FelxlyYLJRHvPrGnkmaIh5lG8%2FO4ys0Ay76haJTE4pxK4EWCgKpWuZMT4ulFdATEnCbHdU5h7XsG08Yut1OyHosqpj1mlLRqqwZHTag0fM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 91d7a5957f1d5693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=75&recv=20&lost=0&retrans=0&sent_bytes=71824&recv_bytes=2503&delivery_rate=107772&cwnd=253&unsent_bytes=26542&cid=4bac852d0b915861&ts=472&x=0"
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

0 B

URL OPTIONS
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pkrewards.click/
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/css/sweetalert.css

188.114.97.1

200 OK

24 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/css/sweetalert.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
ASCII text
Size
24 kB (24228 bytes)
Hash
d448912e8b5804c76d5c036f3c7b9699
4a0eb83b3acabe57de63826d500d905776195496
a6e1aa3be4776efb1932a6f9842b7f9113c4f1b39455e936a4c763864d9890f8

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/css/sweetalert.css HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: W/"2d8b2af2f56bebc058ffa390fad340bf"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=viVbe%2BQoRPMTaLo7eazxCLFHp%2BZkHkAsOSWGz%2Fuu2qX866mU2ZsrbIe5EI3qK7McCJcjUHNyLnXr6DBuiZdgB5YiuQq7bR%2FSZUtyGu3Qiq%2FvpTT0WDcM4Qz2KMlw5RT4gRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 91d7a5957f165693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=75&recv=20&lost=0&retrans=0&sent_bytes=71824&recv_bytes=2503&delivery_rate=107772&cwnd=253&unsent_bytes=26542&cid=4bac852d0b915861&ts=472&x=0"
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/count_down.js

188.114.97.1

200 OK

1.2 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/count_down.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
JavaScript source, ASCII text, with very long lines (1395), with no line terminators
Size
1.2 kB (1173 bytes)
Hash
ad2a89861f1bc5be158da5c7b48013c8
286577872276607ccce7bd4077b7892276624e10
942d52bcd5f546498fd9b1eccdcc51de1a121fc306e52a059e8fe3613238f669

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/count_down.js HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: W/"3c9eec4d2d096df1290f6a90797d4174"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G8ohsfe6ElFzCboevEiisidopWYuxLhg1rSoy0eeR%2FQxoOgqxdLKZStP0BI5PCrj9r9SO%2B5l5lwUrI%2FSCtSAvlLiauIrKVDCdVYWwfsZqK7RqyAK%2FUjNWROEX3EvtMRVlaY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 91d7a5957f175693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=70&recv=20&lost=0&retrans=0&sent_bytes=65918&recv_bytes=2503&delivery_rate=107772&cwnd=253&unsent_bytes=32448&cid=4bac852d0b915861&ts=470&x=0"
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/3oarsg56ylj7fcd0unpi.png

188.114.97.1

200 OK

3.0 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/3oarsg56ylj7fcd0unpi.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
PNG image data, 152 x 172, 8-bit/color RGBA, non-interlaced
Size
3.0 kB (2986 bytes)
Hash
bd7817f2412cea2bafeed06154097cd1
eaa33d5f56fb9ccad5a6fca4dd2036f4f6f77504
7de31acf7082e28dc29cb264d863e21d68a7beeda72650a824e56507c6e54bec

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/3oarsg56ylj7fcd0unpi.png HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: image/png
content-length: 2986
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "91c1037b944ed8e2c52455ad6be9b3fe"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VpBAHMrEeBAgX1WyLMaOJbLW780ZHUdH6avjHNxPsG0uLYjKiqh8ZSuEjMdDI%2FODZbydfmZQ1KmSqIjtubTRriorRmgfaysBPqwj7bQkjSQTzQA4esx8WXpO3U%2B3LWzYAgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 91d7a5957f185693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=70&recv=20&lost=0&retrans=0&sent_bytes=65918&recv_bytes=2503&delivery_rate=107772&cwnd=253&unsent_bytes=32448&cid=4bac852d0b915861&ts=469&x=0"
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/comment7.jpg

188.114.97.1

200 OK

1.2 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/comment7.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3
Size
1.2 kB (1186 bytes)
Hash
ddda42b80f789632b2cc5548431d1fc7
514ba81de15fba9eab39b6de030e050665be6f82
b65f59564ac3883ef8a7aaac3c9d44d759e812e1db1b3fd5baf57225068a00f2

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/img/comment7.jpg HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: image/jpeg
content-length: 1186
cf-cache-status: REVALIDATED
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: "329ddccf0c1d9081f1da013894575291"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZnWeuZDEG7G39OSQuLtmAWVSFC68jaxwQmBcyklBrcNPy7BPndqsJ2l4h%2BmvPLiBinP7IZwiZFxhtHIRHpj9ocBs2kiebXLbI8phVIgwVe9W79yI3kSi%2F2MEJaIgh8O5sI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 91d7a595df465693-OSL
X-Firefox-Spdy: h2

pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/jquery.js

188.114.97.1

200 OK

90 kB

URL GET
pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/jquery.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89500 bytes)
Hash
7c14a783dfeb3d238ccd3edd840d82ee
ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

HTTP Headers

GET /jo/Umniah/7ba29f3d99580a3abb910d08553499d7/js/jquery.js HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:11 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: W/"25a6a93a7c3443d29db768623c7372f7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DiAnRa6nqq19iSSTiw2sf9TI7b%2Be6hYCNsXOfsJpDE3pwm3LPXCP0OvY8NIgYFRv9zWoQxhJ3FhZJP8YO81tn1p9p6bJOXRmG762CCVBJeyvXUf%2BkthQbYv6QcW%2F9SpWjYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 91d7a595df4a5693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58056&min_rtt=57829&rtt_var=9357&sent=75&recv=21&lost=0&retrans=0&sent_bytes=71824&recv_bytes=3045&delivery_rate=107772&cwnd=253&unsent_bytes=26542&cid=4bac852d0b915861&ts=527&x=0"
X-Firefox-Spdy: h2

pkrewards.click/sw-check-permissions-1ccf0.js?zoneId=7573896&tg=1

188.114.97.1

200 OK

572 B

URL GET
pkrewards.click/sw-check-permissions-1ccf0.js?zoneId=7573896&tg=1
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerGoogle Trust Services
Subjectpkrewards.click
FingerprintD7:EB:48:E5:17:C4:76:22:66:F0:64:FA:11:D2:6A:49:D2:D2:45:9B
ValidityFri, 07 Feb 2025 15:36:04 GMT - Thu, 08 May 2025 16:34:51 GMT

File type
ASCII text, with very long lines (611), with no line terminators
Size
572 B (572 bytes)
Hash
42aa130a7a363cdb195c406a0fc32b2e
16ddeaf464ed5d552c1f13c3861a0c7d586395be
341a116c0d39c88ed87e01ff0919178177f2670558851a794584a32bcd70790d

HTTP Headers

GET /sw-check-permissions-1ccf0.js?zoneId=7573896&tg=1 HTTP/1.1
Host: pkrewards.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, must-revalidate
etag: W/"bc0d7540b59936003518fe038a8deb38"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVqWLmGdd0dxsE4pt8nogxO3iGO%2Bp07mlKK4leC0bByzbnoW4CLiMMs03aKhn19NEEY31YWn%2BULM0GloEI0xBHBb5N04AP1e68j3brztMogxvRfO2wNcyhZBHsc0EQ3Fz7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 91d7a59e9b2c5693-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=62265&min_rtt=56985&rtt_var=9514&sent=654&recv=171&lost=0&retrans=0&sent_bytes=785685&recv_bytes=3407&delivery_rate=6346750&cwnd=710&unsent_bytes=0&cid=4bac852d0b915861&ts=1928&x=0"
X-Firefox-Spdy: h2

vuzismoothie.net/event

139.45.197.121

200 OK

0 B

URL POST
vuzismoothie.net/event
IP
139.45.197.121:443
ASN
#9002 RETN Limited

Requested by
https://pkrewards.click/jo/Umniah/7ba29f3d99580a3abb910d08553499d7/
Certificate
IssuerLet's Encrypt
Subjectvuzismoothie.net
Fingerprint05:E2:C7:5F:77:09:88:0F:65:9A:10:13:8B:09:D8:68:9B:EF:43:87
ValidityWed, 05 Mar 2025 05:27:45 GMT - Tue, 03 Jun 2025 05:27:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: vuzismoothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pkrewards.click/
Content-Type: text/plain;charset=UTF-8
Content-Length: 280
Origin: https://pkrewards.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 09 Mar 2025 03:57:13 GMT
content-type: application/json; charset=utf-8
content-length: 26
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://pkrewards.click
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML