{"report_id":"9f835af9-2d8a-427c-812f-e050d1bd68b9","version":6,"status":"done","tags":["suspicious"],"date":"2026-04-21T09:21:03Z","url":{"schema":"https","addr":"benefitsfazaacard.com/","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"104.21.59.183","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"benefitsfazaacard.com/","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"title":"Fazaa Platinum Card — Premium Perks Across UAE","dom":{"size":21339,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14199)","md5":"c8f654a1abf105775d8c9360edc52b67","sha1":"eaed495325291a4e79560e99b2c8f361a3a84775","sha256":"3282ac5de67f34a38831c24f350b3e9bb87202c092c3dd079f0b33c75136b8aa","sha512":"3b330a41901486fa9c7a1e695d54943e5e8127f03f7c412dda88235fa72651ecac6ae26f563246a37dc74f04b7ccbbf80c5293243ae00a6f9b9fb3133aa40b4f","ssdeep":"192:4Q1fGtTTQBsDofbjK91bkqqRhiC7f2gG3S:1CTQzbe/bkh7+DS","tlshash":"9ca22f54a9500e3a2d536ea246cceb0cc12bd1c3c9eb5a9d7ede014e07c2bd90f76746","dom_hash":"domhashac75bbfc9df7aff904dc3c25729cd678","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"benefitsfazaacard.com/","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"104.21.59.183","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-26T09:21:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-21","alert":"Detects file containing Telegram Bot API","trigger":"benefitsfazaacard.com/static/js/main.ceef00e1.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"benefitsfazaacard.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-14","domain_rank":0,"first_seen":"2026-04-21T08:45:01.113145Z","last_seen":"2026-04-21T08:45:01.113145Z","alert_count":2,"request_count":13,"received_data":1535064,"sent_data":5868,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"adcbtemka.cc","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-30","domain_rank":0,"first_seen":"2025-10-10T09:38:26.740784Z","last_seen":"2026-04-21T08:43:54.461095Z","alert_count":0,"request_count":1,"received_data":599,"sent_data":557,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"benefitsfazaacard.com/static/js/main.ceef00e1.js","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3eebd897678593b4c4be5c6c55e08d4a","sha1":"82d1796bf0dcdc0522bdcbcb6a5317745218ad3f","sha256":"e0abe81f01e5490221e5d8475d2202e93c903f5552ddac464eccd7f878e09973","sha512":"4581b30b51644b0ee73e50388569bc1193f06bf3d2f12de28ac6cff5ae0eb3c2552cb877b556c2b907ba191981e7c582e222293b2a389431e031b4d7a681ac79","ssdeep":"12288:/eQeGDG96aA7xvRKayl+onTSTQlD0CG9X5UC:SpMJKaxaTSTegr9X5r","tlshash":"bbc45cc87251b5a5baa700e2547f4509f33e1a0eb80dc8b4b169fcca286454972b7ffd","size":587960,"data":"","first_seen":"2026-04-21T08:45:08.193458Z","last_seen":"2026-04-21T09:21:05.013051Z","times_seen":5,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-21","alert":"Detects file containing Telegram Bot API","trigger":"benefitsfazaacard.com/static/js/main.ceef00e1.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"benefitsfazaacard.com/logo192.png","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:42.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /logo192.png HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:20:42 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Apr 2026 15:46:53 GMT\r\npriority: u=6,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e64a6d-14e3\"\r\nexpires: Thu, 21 May 2026 08:44:32 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 2169\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0FMQf4DoASE%2Fr87B9KrM90YtN35Tvev1ts6uQH0oOjdTN1V%2BnakjyQuzBvqFBxtk53Sseidrj7oqn6s8DkdDpOVKTxTOe2IIf739uuzmsEfojQJIcA8KrtU%2Fm5RFxJNolqjMYqy2bb4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb5076f8760b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5347,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"33dbdd0177549353eeeb785d02c294af","sha1":"7f4f2d68782a7fafceda84554ecab9b489877500","sha256":"c386396ec70db3608075b5fbfaac4ab1ccaa86ba05a68ab393ec551eb66c3e00","sha512":"e34572cf754ff7e1d0acb12d8275252230ad1dd9adc5858e807fef0fb61aea82cb1f9ca3ebab3eeb449460373140105f8d773e7bddbf6745f9e81cc1546621f4","ssdeep":"96:gMgJkzj81lSl2dxYAYKsHHVIqApHGoKf4slNb6LQbTehYx5AtKAdmTRwy/Ik2k3:gMct0nKsUwXTbnkeAMA+Twkv","tlshash":"deb18e4e37e13c238137de00aa8ee5ddff52c6ff81226144e24933e9243839d9591916","first_seen":"2023-04-21T11:39:01Z","last_seen":"2026-04-23T11:11:23.345034Z","times_seen":9084,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"adcbtemka.cc/","fqdn":"adcbtemka.cc","domain":"adcbtemka.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:42.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adcbtemka.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:41:35 GMT","end":"Sun, 24 May 2026 11:40:17 GMT"},"fingerprint":{"sha1":"7A:2A:8D:ED:D5:48:2F:26:7E:D2:3C:1B:AB:58:35:BF:5D:5E:68:22","sha256":"8E:2B:66:FF:37:3F:E6:71:55:B8:32:35:C9:1E:4F:EA:49:6D:B1:8B:CC:2E:41:2A:8C:4B:C9:AE:EF:1F:0F:C1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: adcbtemka.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://benefitsfazaacard.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 8EvadEBG3S2FFh8bHP7bLg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Tue, 21 Apr 2026 09:20:42 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: K2mnyqhYU3rsNbrQMMkqLVRWvAo=\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=on2dwoJ8mllE3NHrn9RDu%2Bo3GsM5KXnimbQ36qsiivrqXny7Glhu%2BhI60iJ3ijIEZPscykUr%2BPgh6gyyS9Fedmy5lH3fgFDOPO%2Fd1R6bCnGvH%2BOTOKmNCbt%2BqOmAkTY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9efb50774f18568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":22,"connect":22,"send":0,"wait":77,"receive":4,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-21T09:20:41.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 09:20:41 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Apr 2026 15:46:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jubDfB9KBdVSL8PbqAmAiC%2BLf8v9rAcFuYboxidzxz%2FXqp7c8uzjPsUO29kBuaH2d3ieWemGbuWpD8I6zWg2d2fRTLxRboRRTD9MLHHqZP152e4gNSSKFe6HU0SxoEDjEHIT3MpYuaA%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9efb507348bda0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1624,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1618), with no line terminators","md5":"ae094291db35dc572e23e5e3e3e6311f","sha1":"1085afc130326ef5a7e425ec919f80feb15f0efc","sha256":"fb08d69d9903d580b01b746d799350a3595a94e2bb48217c11f9fa5a0889589c","sha512":"dd4d948f03325740519e147017ae279366728359a393945aeffe162cd3410a811e39af5438c6257b163ce0f2b5cdc00a2daba1d6eb9e8b235926c850d4804c8c","ssdeep":"","tlshash":"0131d163ce30481c6bb483359d8bb01deaa4a845d610ec64f6da29db09c1ef3d573f21","first_seen":"2026-04-21T08:45:08.192713Z","last_seen":"2026-04-21T09:21:05.000996Z","times_seen":5,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":55,"dns":38,"connect":1,"send":0,"wait":71,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/logo.png","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:42.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/fazaa/black.png","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:42.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /fazaa/black.png HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:20:42 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Apr 2026 15:46:58 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e64a72-4f756\"\r\nexpires: Thu, 21 May 2026 08:44:32 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 2169\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mpS0dIF4KsAbp56Pmtv2WXyeQCjiEk23xZMAjYzA9ezKJNeB2eVzrgLCu9fr%2FAKc1QogBp4UQdzmzI4cVC0WubwKOO7umF9tF%2FTb%2F%2BsRHIFIikDgoHQ7vZna5L%2BTo%2ByvZnqPM9NoGBg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb507698370b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":325462,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1094 x 690, 8-bit/color RGBA, non-interlaced","md5":"fc60c2c87c4bebed57b0ca538330e0b2","sha1":"cbee4e1225bb57b2936bba5798e567e8729e8eb7","sha256":"4334dee14acc70fd8f401d27bdbe802692641faa53091789d5af64349c9fd28e","sha512":"97a485dd022987f381fa29f8399b292c8db1923bb440b542502df4ff0887db510e98890995ed46500f93aba4bdab0d88e47c43709b1774ca81666098dbb95ca8","ssdeep":"6144:X7qOWrSZjzWlZ3Uv7gaS7xHXkpZnP8WVUFwfBBLND0KWJo1IB1IHtw:X7TPIlZ3Uzgn7xHUHnPJVUF6BBLCKWee","tlshash":"96642365c161b0f470a2274a1eabd4887828ccf9db5872ecbd627704c02665daaf5f8d","first_seen":"2025-07-14T01:40:28.341387Z","last_seen":"2026-04-21T09:21:05.003013Z","times_seen":26,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/logo.png","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:42.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:20:42 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Apr 2026 15:46:53 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e64a6d-2ecf\"\r\nexpires: Thu, 21 May 2026 08:44:32 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 2169\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ko0QOszvQ9lnrdniyKvBdaWTg6f4EPEQJKCXuBgtG7CfgqK3hk3eQPfDrvIsjuMTwU7q6KP%2BDbI0Xq4P3fJjf0z%2BTnAJy63NuKxi1APTwiuUW%2FwbPQQi2MJcr2PvTddl%2BGmzKPZn4QE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb507698380b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11983,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 190, 8-bit/color RGBA, non-interlaced","md5":"9a9b3fe96f9424b0b81f9ea501ec7b2c","sha1":"b854de9743f57eab9e0c07128b869a18a4ce7ef6","sha256":"103d2dcc222fcfa3687bea71569e5e5420de79864e657c15db6566bc7016bc4c","sha512":"7f06c0754c86690a7534a588e2471690fc91793078be5e82af37de5d807d491a325b807461538bd1b9f40aa6b594ab2431a617946f8cf90985a6cbddd40511d9","ssdeep":"192:hophvqeJYDcfDVcC2kgwmt2ooBrpSssc6UNleQHtF8oj3THyth5R/vAC9CerM/UM:homujD2C2tHtMlsc60FH7Hn6VAC9LMTx","tlshash":"ad32c02424de341794defae1a24b9913bf638e28af9d50d74935ce5d002907e2dc5f88","first_seen":"2025-07-14T01:40:28.343166Z","last_seen":"2026-04-21T09:21:05.004996Z","times_seen":26,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/f4.svg","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:42.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /f4.svg HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:20:42 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Apr 2026 15:47:08 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e64a7c-329b\"\r\ncontent-encoding: gzip\r\nage: 2169\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YjZ4fZvdNSQZY8gA7O1B7afLvwHV0AIKPJpadzhiE7vz%2FoK9Pf3EkD5YqxJdoATojTQ%2Flnk6AI%2BsptKzooWwlSG0Q60cluRy1NHO3vFrLTcOHEvU%2Fw%2FoHPfrlE2S2WMVicgsvVmbw7U%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb5076a8410b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12955,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"49f2ba822c38198416ece6ff7029f322","sha1":"2c6d79bc7292347b963375c2b0633b1ba07391fc","sha256":"b82affff84599a0085bf78b687f166bbe616acb77a0e8be05e2b451b37d32f7d","sha512":"514ee5a7ca8f22e6b3bf0439b385e3bc1a7fffde88bbb72a592382c4e1db6c07c4ff7c5d34204700bf06a94cb0995c0ffa9142acc2adfcdb84dce83447cebd39","ssdeep":"192:aukGiUUTUXC8pH7xklBHRluMFX9TZ2ZrmNI1YOc5l+e7cyqWYRNZARceNdAXerI:x/fM8nQdJFNTZ2dmNV5lt4tWsQRcOzrI","tlshash":"1642d7f5ab7062e0e848e7a6b6254138795f78fb7fd5c288c355ad64bc521ad8c4ccc0","first_seen":"2025-07-14T01:40:28.338986Z","last_seen":"2026-04-23T02:44:26.0756Z","times_seen":40,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/favicon.png","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:42.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:20:42 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Apr 2026 15:47:09 GMT\r\npriority: u=6,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e64a7d-b91\"\r\nexpires: Thu, 21 May 2026 08:44:32 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 2169\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=93OPRxHWhG5ohh2gw6pFej5%2FfyF%2Bk50uO2VNddzzXdoMru4OllcVz5c28023w%2FVEVuZPLHQ6u6tN46Fmsu5Fqouk3a4VjA3gf2jkTOsbNpCOumKjSu44KrQQtgmwQU%2BLU1WVqhKZI%2Bk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb5076f8780b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2961,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 74 x 79, 8-bit/color RGBA, non-interlaced","md5":"a26cd9ab45ef085daa13dd8b57563b97","sha1":"b74ce91677d3bb9102877d1054caf3732985f7f0","sha256":"b062b6c7e29d69cd13560b49ec446defd5fa2ca5cc1c6180cab38ad9c4d1f570","sha512":"b3ab24c9bac033d73671794057630397d92d0ed8ee8c947fbadee00cf368ed33b2f72affe7445c1e851460595f0f25d9eeb047ce3cf0d1267ca539a9e5796dd7","ssdeep":"","tlshash":"f4516ccf37ad85e48f5a4d3c9d040b5c3681210c2b11aa40edd11dd30ebf08ebe016ae","first_seen":"2025-07-14T01:40:28.343908Z","last_seen":"2026-04-21T09:21:05.011045Z","times_seen":26,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/static/js/main.ceef00e1.js","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:41.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /static/js/main.ceef00e1.js HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:20:41 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Apr 2026 15:47:02 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e64a76-8f8b8\"\r\nexpires: Tue, 21 Apr 2026 20:44:31 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 2169\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YiVSQ%2BIaY2hgfW09968Vaa5VcjHDuDipkWbzUmh5PDx3xYP8fiPlSYiP%2FW81Uky3tSm4kd%2BCcgKh26Q4N3lvpTU0thOf4kwIrC3ypqe6mS9MFDPj5b2Rg8pX4pWcRSIWYIzIuqwG664%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb50755f530b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":587960,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"3eebd897678593b4c4be5c6c55e08d4a","sha1":"82d1796bf0dcdc0522bdcbcb6a5317745218ad3f","sha256":"e0abe81f01e5490221e5d8475d2202e93c903f5552ddac464eccd7f878e09973","sha512":"4581b30b51644b0ee73e50388569bc1193f06bf3d2f12de28ac6cff5ae0eb3c2552cb877b556c2b907ba191981e7c582e222293b2a389431e031b4d7a681ac79","ssdeep":"12288:/eQeGDG96aA7xvRKayl+onTSTQlD0CG9X5UC:SpMJKaxaTSTegr9X5r","tlshash":"bbc45cc87251b5a5baa700e2547f4509f33e1a0eb80dc8b4b169fcca286454972b7ffd","first_seen":"2026-04-21T08:45:08.193458Z","last_seen":"2026-04-21T09:21:05.013051Z","times_seen":5,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-21","alert":"Detects file containing Telegram Bot API","trigger":"benefitsfazaacard.com/static/js/main.ceef00e1.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/static/css/main.b3019ecc.css","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:41.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /static/css/main.b3019ecc.css HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:20:41 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Apr 2026 15:47:01 GMT\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e64a75-b8ae\"\r\nexpires: Tue, 21 Apr 2026 20:44:31 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 2169\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4%2FyHlotlXiRGeFRJCiGheRi52GXWZ%2B%2B04Icf4%2FDisPy19gr3%2FZesjJIcCFNM7V3zF91bdq0GUIPyqKx6n3oyLy6ehNghJhds3TtXxqgukoV%2BW%2BwO0F%2Fz%2Fe%2BsUhA5UPMFHrU7VZvaZuw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb50755f540b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47278,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (47169)","md5":"ea2c96e957ce8710496e2dd736657e1a","sha1":"0a3767431477207af790e651dbb138b3e3176c59","sha256":"62611cc74bca60f7715fdc374a032b6ae870ba62f8c9cfbeeda3e984dbd89e1b","sha512":"d3cbfb931a78da519c426fc7eed636d08a7facd3c0716ce85cb75ce8020c2e5302600c147b286d268d9258924496b6545f2715369add2b7eada21f59aac1e605","ssdeep":"384:/tF/Psi2aadNx0j/9NN01MwhwcZAbBj3b6gr:VF/PxPadQBNN01Mwhwc8rF","tlshash":"4623620caa51193a3c5398f6d6dcea5cd11ab4c1debb26de7dcb510887c27e70ea3604","first_seen":"2025-10-30T06:14:53.328001Z","last_seen":"2026-04-21T09:21:05.015047Z","times_seen":19,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/fazaa/black.png","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:41.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /fazaa/black.png HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/creo.png","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:42.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /creo.png HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/f4.svg","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:42.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /f4.svg HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benefitsfazaacard.com/creo.png","fqdn":"benefitsfazaacard.com","domain":"benefitsfazaacard.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benefitsfazaacard.com/","date":"2026-04-21T09:20:42.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benefitsfazaacard.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:43 GMT","end":"Mon, 13 Jul 2026 17:55:42 GMT"},"fingerprint":{"sha1":"0E:CB:EF:23:B3:5E:4F:35:1D:4A:39:1F:9D:6E:8E:30:EF:98:47:F7","sha256":"98:A6:12:B7:C1:4B:7B:BA:4D:B0:6F:D2:5B:57:2E:02:E4:21:C9:B5:66:88:36:84:8D:AB:2A:97:01:3E:80:E0"}}},"request":{"raw":"GET /creo.png HTTP/1.1\r\nHost: benefitsfazaacard.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benefitsfazaacard.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:20:42 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 20 Apr 2026 15:47:08 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e64a7c-8213f\"\r\nexpires: Thu, 21 May 2026 08:44:32 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 2169\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9w7zJk9gIoSrMo17%2FkZ%2BH1lKQRwTGdtu1naojTLyGAoNe6R2Lph0z6f4k%2BlNriMlfFljf6jaaHDrBCixEU99dfmDS0MNd6R%2BH9VfNenmwUVlFl0z%2B6f7OMwUs4xWEqNhKBIDWfNIFKg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb5076983c0b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":532799,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1593 x 708, 8-bit/color RGBA, non-interlaced","md5":"c58f6b402a1877f42414a4ed910ca595","sha1":"96b27c16e4d79dea44f97c9e95f402e52714f570","sha256":"daecb3f11e0fb91d28077aad2f09a4082301acb10e1b2cc0e615d035043322d9","sha512":"a5d0939513de2fc0740f70db7f746e26231f13bd2812f2cbbcbe6667c917e7a5f9fd0e235ff34e438ce51636e78f995d6c5851329d1db546fe1d328cfab3ee2d","ssdeep":"12288:0GTw4ZtcpjaVqBm4ZcLM4q8Oz4Ets6iNYtpUqjbs6:0LgtcZaVqB0o49ObriNNgQ6","tlshash":"53b423d4a8c428279e7d9b413533a8363d017a69c8f42e249e5f64b20c297dce51b7be","first_seen":"2025-07-14T01:40:28.34228Z","last_seen":"2026-04-21T09:21:05.016705Z","times_seen":26,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}