{"report_id":"b65d2742-e6e8-4020-b896-d719227c301f","version":6,"status":"done","tags":[],"date":"2026-04-06T12:48:47Z","url":{"schema":"http","addr":"joyful-rewards.top","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"joyful-rewards.top/","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"title":"JOYFUL EARN - Reward Platform","dom":{"size":56477,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (20398)","md5":"e21bcbb3994a92fd3bde074e7a372c1b","sha1":"d0db75821cd7e1375a9e667665315364682ddd57","sha256":"69fcaffeb9510a8896aefa3b88c50a1b3df348a35ca2b50c80627a76ab160531","sha512":"c3390fbe6bf5c9ad074cdc4e4d24bc69528b92748422af615060eebd3b3eb0a81d878a5a296b5ac2f3aa5159a698aa82603f7483d6348fbceab53c27a2eb4a7d","ssdeep":"768:X4W5hEI3sQR86jHEpz+WbQXEKlFgV0NKjOTo2A2E1p1/g0LB:7hp3sQR14QFUp1d","tlshash":"5e43a41422f100771ca3d0f5e7d17b5eba28e7c3ca2b85a9769d06022fcadb54e97718","dom_hash":"domhash1599c4e882cfa5aba1fd8fd1fa310be4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"joyful-rewards.top","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-11T12:48:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-05T22:20:18.514512Z","alert_count":0,"request_count":1,"received_data":4074,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-04-06T05:40:12.052667Z","alert_count":0,"request_count":2,"received_data":816003,"sent_data":828,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"joyful-rewards.top","ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2026-04-04","domain_rank":0,"first_seen":"2026-04-06T12:48:48.692462Z","last_seen":"2026-04-06T12:48:48.692462Z","alert_count":24,"request_count":12,"received_data":1111065,"sent_data":5496,"comment":"","tags":null,"fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-05T22:16:34.770209Z","alert_count":0,"request_count":4,"received_data":131772,"sent_data":2172,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"joyful-rewards.top/","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"e07fcd50fe6420dce92df23a9c8cef2f","sha1":"05d86f0b28ef07b83fa330e96d915ed20e916c06","sha256":"f6b2788188b669591ea8063bb06fc2f2943958a378e2245b95250be1384d8b24","sha512":"0e7396008ebd0304470728239d531a0be0963a14f94e1fe1f68062495a281d6b089932fb4f20e12adcf74354b09cf909d1e4af16e9b8bfa2f00e6c3ec76f2f7d","ssdeep":"","tlshash":"cf317aed18b20117490321ba89cf0725a038a0a74f2e3c79bb8e18014f8c0cc21f9bae","size":1657,"data":"","first_seen":"2026-04-06T12:48:56.408233Z","last_seen":"2026-04-06T13:07:38.961346Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-06T18:10:48.08278Z","times_seen":29066,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"85e32bb1686889d142c4d0266df165fc","sha1":"f6d12c61501b889a3cc92c200139b7389577a3e6","sha256":"78fa23230d638b0a31c6ad28f57a7b0976f51ac34a8aa6fc3b3d21159b886c71","sha512":"b763b35230cd9bca77928a426c94fa8cce7f50f736e1f9ec1ac392e638ba6fbd5ea50b68e4d0292f7600631bbba5dcc45c613be3eee5f4e91e04109cef60e9b6","ssdeep":"","tlshash":"78216a247bf20a31068b136a0fdb61402134b0537256cc5ef6aee35ccf92f48e696e6c","size":1431,"data":"","first_seen":"2026-04-06T12:48:56.409502Z","last_seen":"2026-04-06T13:07:38.962624Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 09:41:26 GMT","end":"Fri, 19 Jun 2026 10:41:19 GMT"},"fingerprint":{"sha1":"1C:D9:C0:8C:4D:FA:FF:5A:2C:CC:48:EB:7B:35:CF:FA:AB:7F:C0:61","sha256":"1E:81:97:52:8B:47:37:54:3B:62:1E:0B:E5:1D:D6:F7:F2:6D:CD:F7:D3:1F:8C:0E:78:14:26:9F:B9:87:EA:5C"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://joyful-rewards.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::rhz55-1772419043268-7fdcc195e7a4\r\nlast-modified: Mon, 02 Mar 2026 02:37:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 3060662\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8vfhoOq2msNzQQFglDQBX354butN0oLDGkfvOl%2BonuYqY0%2FwF9xgCm3%2FkQlOCd%2FMDIgPqUartdjtWtiTHi6waUwUVhMdJOALOshZqhr%2B8%2Fk17dcSmRgmjqv3NiwolistXlKYd7M%3D\"}]}\r\ncf-ray: 9e80e823f932c272-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-06T18:10:48.08278Z","times_seen":29066,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/testimonials-smile.jpg","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/testimonials-smile.jpg HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 396\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/jpeg\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\netag: \"778dc5e18972978061b4f3cf91e159ba-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCMJY4Z97QAMCKQ6W4HF4\r\ncontent-length: 99522\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99522,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x559, components 3","md5":"2413eb79c03c45ac97d5044e99c12d21","sha1":"1e4d66ead95cb6e1ad1277bd63620dbae1b5b382","sha256":"8083446ac29db960c656d879376ecae4a79c5327709e2d4ad124c065b572c697","sha512":"ff149e31ae213e41d6d9d2b01f61f27bc1dd8b0275be11e71a282a2f3709476dae52d8da2455bd2a541778e4e0fe466be040f879f17380a3e101739ce6e29faf","ssdeep":"3072:LcBeO65lSbXxH9KixD9uQOgDr1GgAF6l+egnNrq:QYOpFuQ9h4vtnNrq","tlshash":"98a312298418dad10b2da3f77ac64c383e67935d00c7989e2ce317ae6e1c8e5d5d9819","first_seen":"2026-04-06T12:48:56.378119Z","last_seen":"2026-04-06T13:07:38.94018Z","times_seen":2,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T12:48:25.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 21\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Mon, 06 Apr 2026 12:48:25 GMT\r\netag: \"32c98375d4eea56ff27728fa9b6860d6-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KNHDCMBT6MYCPFANGPZ4CEPW\r\ncontent-length: 6565\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":36004,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"1d64a4b18c7e4db91bd5215a03e338eb","sha1":"1fa6fd0dc8034d612db9ee45a1a255bea81eb1f4","sha256":"85d6d192c679de6689d8da4c0e736832905f38f98943128b1dcc56bc3b405873","sha512":"754e54c81ef2bf2a032a98e5e46e08400d0932a3d393fabdd4eab61d2fb96427d6cc0a704f0f06a1bd6020fe89f02888c8b27339ee4c072ee208545135cfe119","ssdeep":"384:sCBSVWuO3j5EKlFgcRxhbs0qNKjOTo2A2E1p1Hfg0lzFQYKbx:P4WREKlFgcmNKjOTo2A2E1p1/g0LK","tlshash":"62f2545412f201b60093c4f5b6e1776baeb4cb47c22bc58972ac0b962fcbc55de97368","first_seen":"2026-04-06T12:48:56.37986Z","last_seen":"2026-04-06T13:07:38.956008Z","times_seen":2,"resource_available":true,"data":null}},"time_used":240,"timings":{"blocked":99,"dns":42,"connect":23,"send":0,"wait":23,"receive":19,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 09:41:26 GMT","end":"Fri, 19 Jun 2026 10:41:19 GMT"},"fingerprint":{"sha1":"1C:D9:C0:8C:4D:FA:FF:5A:2C:CC:48:EB:7B:35:CF:FA:AB:7F:C0:61","sha256":"1E:81:97:52:8B:47:37:54:3B:62:1E:0B:E5:1D:D6:F7:F2:6D:CD:F7:D3:1F:8C:0E:78:14:26:9F:B9:87:EA:5C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::9gfmg-1775478998937-e630cea0f46e\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 707\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ah%2BkPTAiUHK7nd1A7dEkySWOHDaw5AJc7DXZGskJnswquQJT98PbVjwHoUMxVHD0SBdGONDW%2FQ%2BIW3VTHahsucD%2B%2F5lREFKzOzSF192G9rbJaARl79puNLgsDykA6W%2F%2F9%2BkblMU%3D\"}]}\r\ncf-ray: 9e80e823d8c6c272-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T18:11:47.329902Z","times_seen":13432264,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":17,"dns":1,"connect":3,"send":0,"wait":6,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/zone-partners.jpg","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/zone-partners.jpg HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 396\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/jpeg\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\netag: \"f8b495885978c9fc86ce50819b60bea3-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCMJWJCZC70A1JNGPK0J7\r\ncontent-length: 82387\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":82387,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x559, components 3","md5":"1c234a277a1494e2405f5c122940a549","sha1":"79dcd7f58a3ca2a7bcf3a58bcaa7d2fb61281d8a","sha256":"a7ec7fdac08d6116556f9037f915ff4527a0772d5e64fcb36b76d4d84cd5152e","sha512":"1531c5c897e4f2a3bf7b12080afe726b9e514490c6717dc4f9ee9c58d3fffe9ac2077a2e4b0c6a8e07d6f61790241a1dab094eebe16ac6cd218da969eecdbf77","ssdeep":"1536:SA3nppM6or3gihWxNxIf8nWYi/Q1/DpDiZs+PzYMbziWZkQkC6SYdClc:5pgr3jWxNxvWYTBDpWZ9EMbz1ZkK6Xd","tlshash":"aa8312db80a1bae61477a132fcd8add43ae2ceb8a23510083d5859f576c5f478d80ee5","first_seen":"2026-04-06T12:48:56.381831Z","last_seen":"2026-04-06T13:07:38.94458Z","times_seen":2,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/zone-survey.jpg","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/zone-survey.jpg HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 396\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/jpeg\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\netag: \"801c8d5fe02343e90c96b00f1d44bf63-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCMJWYVDKBGY2BMTNVGYZ\r\ncontent-length: 64183\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":64183,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x559, components 3","md5":"80ac98822ec2bc32c2c3f945435bc480","sha1":"9e4e93472b358cb1cf1e3f112987d5e278791bb3","sha256":"3d8900d2f97a6215738be312153f73120eba6eb9da2e1ebfb18de65e76c1c88e","sha512":"096ffdc5edd7c0b39440c840b8ff1cb5a29bcecbc4c397562fff6267967f9bb5f900161abc531af18e9049c8f8bca0bb4bf7520d06412cee342c31e0bbf1b107","ssdeep":"1536:SBnp+MNB3fzFSBvkGOJCt3DE2WEx+vJXUDQ1Obeu6RHCxOzORSeYzIQwk3y1:snpjXbFSxkHoD8mrQkb4CkKS6kC1","tlshash":"cf530253943011c650df876daabb2896aadd1a2f2092c3ef64377f0732e0e441a7279d","first_seen":"2026-04-06T12:48:56.383663Z","last_seen":"2026-04-06T13:07:38.93896Z","times_seen":2,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:27.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://joyful-rewards.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32108\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:59:44 GMT\r\nexpires: Sun, 04 Apr 2027 01:59:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 211723\r\nlast-modified: Thu, 04 Sep 2025 17:18:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32108, version 1.0","md5":"e414fe5664f376c8f145acd792939183","sha1":"5b69d46adc3a06af762193adb2dddbc359b2e786","sha256":"fa31c7981483e52cbb8b8bc1eb0dc6326f160b8699cc0899349f977f0517a9df","sha512":"51c251910e5cce616b3c336bcb63853f83c306e16e9b79e0a18f924a738ba06b3e2cb8132ff9bc6e720527234eb80e90be2625b860e1728b66d4fe86ac9bafe5","ssdeep":"768:gUX6jLkDeuAkZHs27nAflEFIapAgCauwIFPo3zjERcgmcjz:3X6tkpNAf6FIapAgCaMFozInjz","tlshash":"6ee2e14f8beb009ef3828a7812c46b3195b305d569cbfa901eef85d76b5c247c1474a8","first_seen":"2025-09-05T02:25:45.343777Z","last_seen":"2026-04-06T18:02:19.181363Z","times_seen":10476,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":67,"dns":1,"connect":10,"send":0,"wait":12,"receive":8,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:27.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://joyful-rewards.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32108\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:59:44 GMT\r\nexpires: Sun, 04 Apr 2027 01:59:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 211723\r\nlast-modified: Thu, 04 Sep 2025 17:18:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32108, version 1.0","md5":"e414fe5664f376c8f145acd792939183","sha1":"5b69d46adc3a06af762193adb2dddbc359b2e786","sha256":"fa31c7981483e52cbb8b8bc1eb0dc6326f160b8699cc0899349f977f0517a9df","sha512":"51c251910e5cce616b3c336bcb63853f83c306e16e9b79e0a18f924a738ba06b3e2cb8132ff9bc6e720527234eb80e90be2625b860e1728b66d4fe86ac9bafe5","ssdeep":"768:gUX6jLkDeuAkZHs27nAflEFIapAgCauwIFPo3zjERcgmcjz:3X6tkpNAf6FIapAgCaMFozInjz","tlshash":"6ee2e14f8beb009ef3828a7812c46b3195b305d569cbfa901eef85d76b5c247c1474a8","first_seen":"2025-09-05T02:25:45.343777Z","last_seen":"2026-04-06T18:02:19.181363Z","times_seen":10476,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":48,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Outfit:wght@400;500;700;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Outfit:wght@400;500;700;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 06 Apr 2026 12:48:26 GMT\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3388,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"6813bef5415cfc204ef36c497f1245a1","sha1":"f682ec0fa3634626438eebb8fe5d1a784aff9eb7","sha256":"3fb64fdcff8076d9f1fc593ead389d0951726775af158eee054e7054e43963da","sha512":"f8f450e014b357b5cbdbac5138a4fe898b07301a9b1ca797923cf3d1079e7c47b48e29233f362d8f4be9afd7e09076a3cca568ebfa878a568287a279f7a59c65","ssdeep":"","tlshash":"fb61dca1042ba144df970cc222ce7e33ef5f62516444d934affe1899ac6bd5a835770d","first_seen":"2025-11-15T04:00:44.626039Z","last_seen":"2026-04-06T13:07:38.95296Z","times_seen":11,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":158,"dns":1,"connect":22,"send":0,"wait":34,"receive":0,"ssl":143},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/logo.png","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/logo.png HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 397\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/png\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\netag: \"c8b35b0426a87d12efc2b99c3350157a-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCMJPP9Y90BVD89M79D9E\r\ncontent-length: 102667\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102667,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 676 x 369, 8-bit/color RGBA, non-interlaced","md5":"68a97e98df524f397db3e2e3b7e989bc","sha1":"9dfe0a72eba0ae504e0221cdd6ca12ad0f36e0cb","sha256":"eac1a49607059f6b5a698fa458523de63ee072b62da77a3cf0115a3153ceeab8","sha512":"a48abff7589cb5d0e19f4afd58b3eb1bbd781ea0c067baba20f1e8749a2ae1dbbb2d074d898053b2b53071c93af1b4d2cb3cc6bf4aebc3247f7c8bc02ea3e4b3","ssdeep":"3072:e2Xyb0tay/9Pe6Ig+GxIuOrMODLE9hG/Ak4:e2Xyb04y/IzGxIuOrT+GH4","tlshash":"faa31213c8c757a4a8c9e5b104e5be8b311667a77989ebf08c01d9b754e83a17270fcb","first_seen":"2026-04-06T12:48:56.388645Z","last_seen":"2026-04-06T13:07:38.943197Z","times_seen":2,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/step-3-redeem.png","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/step-3-redeem.png HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 396\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/png\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\netag: \"1aea46a61d56c4ab0e7515747d34b2e1-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCMJX4SEXZXAZJQEXMR71\r\ncontent-length: 83155\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83155,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 321 x 269, 8-bit/color RGBA, non-interlaced","md5":"71a6ec742815e0f2042796e1dc62613a","sha1":"5c700c34fa0725496421eaf7b2f909ed900b0781","sha256":"0526ec25ceb1ffb2159e911e366f51d8c388ce59cb8ebbe47cfc4be844df43f4","sha512":"0ac60215c68f7d69725b73ffa8424118c720cefc793bbd451b53aeeef9cfcd117fc9542c5f830dc237c0b569db065bdc6b896f2507ece20c22101689719c8d6f","ssdeep":"1536:YAUdFbZniw/OgdOXPa3GQZqrePPPjnAvqUlXKI:Y7f9niWPI0GQbbnAvxl9","tlshash":"bb8302ba38341573f732260348596a20437bfcc649a1cb7b774dfb595c235b034ad969","first_seen":"2026-04-06T12:48:56.390522Z","last_seen":"2026-04-06T13:07:38.957556Z","times_seen":2,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/step-2-earn.png","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/step-2-earn.png HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 12115\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/png\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\netag: \"11ac052f946a6c48a1a4d0018c797fcd-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCMJX999970T5XGCMGRNK\r\ncontent-length: 97107\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":97107,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 317 x 300, 8-bit/color RGBA, non-interlaced","md5":"b75290fb9d1d16565e6107492893b6d3","sha1":"4cbdefdca00ae79f69993aa484e665bb323ec786","sha256":"71af4c6de7e266f20aafd41f3639b3e97ca2b1bef90164b5ed418d730af0e165","sha512":"edd1ce5b5bcf39cbeb01e23b50769833fc4ce9bc92723fa57400c2865b29a4e014bffe59a8ab0767707e924f224918f7c5d42ae3897130968e028a5e3e1ed22d","ssdeep":"1536:S7GvEHePlEtgst19UT0Ue8Nk+rS4d8zGXufFXpHesCjU24xw/XGAjynbTQvnBF0X:SKYIEqst0fvS4ezGq+sc4xaXKYZmQy","tlshash":"9a93020ddd86f51065f6a039284d8ca5beb6acc0a8f078ced514dbb26bb73437644b17","first_seen":"2026-04-06T12:48:56.395814Z","last_seen":"2026-04-06T13:07:38.945764Z","times_seen":2,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/favicon.png","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:27.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/favicon.png HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 13340\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/png\r\ndate: Mon, 06 Apr 2026 12:48:27 GMT\r\netag: \"218f54045cfc6d4d6e92a06266f06c3f-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCNJP8C14P87YM1FXN54T\r\ncontent-length: 137191\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":137191,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"a0d3f333c075f0f04611e9fa36a3c153","sha1":"3cf17077b89b88321bfdd451aedfe87e500c07cf","sha256":"715d44f0ca2c80f365db1160db9c7a4911afe335931d720c5c9fe9da111f8dcf","sha512":"bee29599bfb54f9d36b91284931d98a527e46d319acddc90f22ea617cf076094c37b67c3148cad0973e7660a7b710e4ca1fa43e860958873d86c0ae33bb13e00","ssdeep":"3072:LKfvr1fCo9n8uKcXqF4ybMYKRUtF/uHEQXY2b618wZZLlmR1zmq1:LuHXqFtURUtFolXDb61DZhmvz7","tlshash":"c2d31244f9b637fa84e6b2da697937f33848d4c086d8c182df36971dd501ab2b1d1b28","first_seen":"2026-04-06T12:48:56.398175Z","last_seen":"2026-04-06T13:07:38.95065Z","times_seen":2,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/hero-reward-box.png","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/hero-reward-box.png HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 397\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/png\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\netag: \"d02b3d46e3d2206ca34b5abe8e1c92ab-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCMJQR8QSQ8YYZC7DYYNF\r\ncontent-length: 99324\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99324,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x559, components 3","md5":"5c9520ff5945952ea11e27bc709e8dd1","sha1":"d135ca7598682c7a410d9961e05b81b91aed9904","sha256":"ef0e6e0dc9eb3bced5960dbf74fa4a2b4900e75951eec0b845e579e1a023a1ed","sha512":"94e236837402b15a89c3ca0ab9808fee9e4421d3102c9c08949a9b354ac8bb4f023b679d9505ef1567d89283ee46751e7d375faa81dbc65a713cd3f2a28ba812","ssdeep":"3072:Ig0j/7xeU7i3W1YDH0auboATSN3yV0RWPw9FLEeGD:XuxlR1YfD00RWqGeGD","tlshash":"e6a3029f29675f0b5c044a6c9ffe3d8de224f8f58099d93635c26a6d4b2b01e0beb504","first_seen":"2026-04-06T12:48:56.400322Z","last_seen":"2026-04-06T13:07:38.954523Z","times_seen":2,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/zone-arcade.jpg","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/zone-arcade.jpg HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 396\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/jpeg\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\netag: \"6090b2ca4c59165f1ba7bd7d303ee468-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCMJVC7AY4R2PVPY7Q4E9\r\ncontent-length: 84933\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":84933,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x559, components 3","md5":"36f33467e64f82512488812ad939bfe6","sha1":"19ba36a44324b92ac17fa1f635698e006ab5bd4a","sha256":"6dd130d4bddaa00718e142b2f2f0f2b2fc1d96bb5889c94bdfbabe9671af7201","sha512":"3d9c1d7df8c29f48473ebf9bd4fff9a06353344407dfa20a8f1cb45abd14c5c7f3997c76681f1818f85a9c09a80eb9ac5d3572bb487f64b434efb8d772f6b4e3","ssdeep":"1536:YCwuOGYRSbM1yuHnTVCNNcoOqJAI5LJb70kPCWT1SJJE8FE1zCPcOCwWwIyOSe:AR1RGodoOqJh5LJkk6w1SbEOE1zhw5RW","tlshash":"7083127fb1d2035be703eb1512a897dbdd1e92e86790ed4628d14dd8ba00acb6773384","first_seen":"2026-04-06T12:48:56.402139Z","last_seen":"2026-04-06T13:07:38.953616Z","times_seen":2,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:27.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://joyful-rewards.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32108\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:59:44 GMT\r\nexpires: Sun, 04 Apr 2027 01:59:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 211723\r\nlast-modified: Thu, 04 Sep 2025 17:18:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32108, version 1.0","md5":"e414fe5664f376c8f145acd792939183","sha1":"5b69d46adc3a06af762193adb2dddbc359b2e786","sha256":"fa31c7981483e52cbb8b8bc1eb0dc6326f160b8699cc0899349f977f0517a9df","sha512":"51c251910e5cce616b3c336bcb63853f83c306e16e9b79e0a18f924a738ba06b3e2cb8132ff9bc6e720527234eb80e90be2625b860e1728b66d4fe86ac9bafe5","ssdeep":"768:gUX6jLkDeuAkZHs27nAflEFIapAgCauwIFPo3zjERcgmcjz:3X6tkpNAf6FIapAgCaMFozInjz","tlshash":"6ee2e14f8beb009ef3828a7812c46b3195b305d569cbfa901eef85d76b5c247c1474a8","first_seen":"2025-09-05T02:25:45.343777Z","last_seen":"2026-04-06T18:02:19.181363Z","times_seen":10476,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":72,"dns":1,"connect":22,"send":0,"wait":8,"receive":7,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:27.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://joyful-rewards.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32108\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:59:44 GMT\r\nexpires: Sun, 04 Apr 2027 01:59:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 211723\r\nlast-modified: Thu, 04 Sep 2025 17:18:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32108, version 1.0","md5":"e414fe5664f376c8f145acd792939183","sha1":"5b69d46adc3a06af762193adb2dddbc359b2e786","sha256":"fa31c7981483e52cbb8b8bc1eb0dc6326f160b8699cc0899349f977f0517a9df","sha512":"51c251910e5cce616b3c336bcb63853f83c306e16e9b79e0a18f924a738ba06b3e2cb8132ff9bc6e720527234eb80e90be2625b860e1728b66d4fe86ac9bafe5","ssdeep":"768:gUX6jLkDeuAkZHs27nAflEFIapAgCauwIFPo3zjERcgmcjz:3X6tkpNAf6FIapAgCaMFozInjz","tlshash":"6ee2e14f8beb009ef3828a7812c46b3195b305d569cbfa901eef85d76b5c247c1474a8","first_seen":"2025-09-05T02:25:45.343777Z","last_seen":"2026-04-06T18:02:19.181363Z","times_seen":10476,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":94,"dns":4,"connect":22,"send":0,"wait":8,"receive":2,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/leaderboard-trophy.jpg","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/leaderboard-trophy.jpg HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 396\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/jpeg\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\netag: \"97c85198d76bf7703514ca28b5abe397-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCMJYJHCYBD309XRV678V\r\ncontent-length: 115301\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":115301,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x559, components 3","md5":"c1b3ef7c0ec0d21baa0a583c70dd842c","sha1":"7cfa2ca756553cd7eb90cb38ff5e6736c7566a0d","sha256":"f381cc7d5d32f15cbbcd4f93e5d09a3bcf7e7404023528f05b42289bbb9296c1","sha512":"4a901063024bdb3f4437277943c01d20aa72906728892d6a5edf2e2f981ce41a5ed502fcb48cc29bdc754db0821d3f20d02fda5ea88f1c8d421e9d052c451960","ssdeep":"3072:Mn+oSD9fI2ikTAkRIiIPxa+J7GehQn8pPZrjMUJrFXD5rjwU9HGjTzzI:cvSD9ADUIdJyqQn8/jMUJZ5rjwUcjT4","tlshash":"2eb3128ec780d4d273501cfb5e581d63d2c0f93d58b93e0aa7b8dea2bc992b8481c579","first_seen":"2026-04-06T12:48:56.404268Z","last_seen":"2026-04-06T13:07:38.948011Z","times_seen":2,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"joyful-rewards.top/assets/step-1-activity.png","fqdn":"joyful-rewards.top","domain":"joyful-rewards.top","tld":"top"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://joyful-rewards.top/","date":"2026-04-06T12:48:26.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"joyful-rewards.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 10:53:37 GMT","end":"Fri, 03 Jul 2026 10:53:36 GMT"},"fingerprint":{"sha1":"8B:77:7F:BF:05:0B:3B:6E:F4:99:B7:87:45:3B:79:E1:D1:DA:1A:C0","sha256":"80:DC:E1:52:42:AE:2B:CD:02:6D:A2:64:33:AB:36:B9:D1:E8:8A:2A:90:93:B4:3E:7C:7B:F3:F7:72:95:9B:AA"}}},"request":{"raw":"GET /assets/step-1-activity.png HTTP/1.1\r\nHost: joyful-rewards.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://joyful-rewards.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 396\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/png\r\ndate: Mon, 06 Apr 2026 12:48:26 GMT\r\netag: \"7996cdb5c6c15304a1211da8f4afb204-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDCMJWV9N53AXV4AS0NACG\r\ncontent-length: 104525\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":104525,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 332 x 291, 8-bit/color RGBA, non-interlaced","md5":"47af601cd729bb96eb3c54e186ccea5b","sha1":"84d25b1b4668d13b27f75d8cc6f525b88fcab264","sha256":"0ec4b436c146d23f839ccca0ef753f5c639ab183db3edb5f43575f554f4edda1","sha512":"ccadc8a5d439de15021a6f045db87d231d293238d7ccd071fea6631fe899925bd374c3ee63c743f3aec504bd5a64c634b837b98afab240a823da8fd2c4d2f155","ssdeep":"3072:xzwi2Q/h7MCUqO6vD32QPQ1E6791Zr8vZYC55SeRQajq3Qxf:Rx2cMDqLDdW9Lr8l55SeHOQh","tlshash":"81a3127bb278b8d4b98348357e90fb157893b53184b9df22c7fbc889f449e792621081","first_seen":"2026-04-06T12:48:56.405899Z","last_seen":"2026-04-06T13:07:38.952028Z","times_seen":2,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"joyful-rewards.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}