{"report_id":"c0aebe00-e88d-4e7e-ae08-f89ba75a3743","version":6,"status":"done","tags":["suspicious"],"date":"2026-04-21T09:19:55Z","url":{"schema":"https","addr":"applyaebenefits.com/","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"172.67.165.129","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"applyaebenefits.com/","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"title":"Fazaa Platinum Card — Premium Perks Across UAE","dom":{"size":21337,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14199)","md5":"997b5901d4345e489d47b82927d8cb8e","sha1":"20858284688c6c920d95233bdf13981f43a51ac3","sha256":"1742373f75f9c8dc00e1b07e78ea7762b4994c57a454ecd366e7d8eed9253a00","sha512":"9199f03d4bf303f9a32d3db4b422ee2ba0c6846309750d24cba0d0b4ff9c8c69362cfef6576f117f9eb3a75ff6d7934cd26ee1a930d1f24a92dd05358a030323","ssdeep":"192:4Q1fGtTTQBsDofbjK91bEqqRhiC7f2gG3e0:1CTQzbe/bEh7+D7","tlshash":"19a22f54a9500e3a2d536ea686cceb0cc12bd1c3c9eb5a9d7ede014e07c2bd90f76746","dom_hash":"domhashac75bbfc9df7aff904dc3c25729cd678","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"applyaebenefits.com/","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"172.67.165.129","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-26T09:19:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-21","alert":"Detects file containing Telegram Bot API","trigger":"applyaebenefits.com/static/js/main.7e8abd35.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"applyaebenefits.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-14","domain_rank":0,"first_seen":"2026-04-21T08:43:53.934726Z","last_seen":"2026-04-21T08:43:53.934726Z","alert_count":2,"request_count":12,"received_data":1534519,"sent_data":5378,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"adcbtemka.cc","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-30","domain_rank":0,"first_seen":"2025-10-10T09:38:26.740784Z","last_seen":"2026-04-21T08:43:54.461095Z","alert_count":0,"request_count":1,"received_data":597,"sent_data":555,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"applyaebenefits.com/static/js/main.7e8abd35.js","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"03a591ce91d7c17fc541d8fea99e14a5","sha1":"8e39fde368b774006c0f2436957e9b9b481eda62","sha256":"9715dad95113aa536d879d78ddc88ef308e3afee5034c2e342733ef903f01961","sha512":"8724ac2707228622f3a1f7838ebd8964d633263fe594d7f2c14d312d35789d95180fc90b897e3b902c21e69df20a001bfed4a3d58bbfc4e6b257afd0c2594c47","ssdeep":"12288:zeQeCD0T2A7xvo15z1m5zI95AIlBFr5oqbvT:mnA15A5zI9CGHtoqbL","tlshash":"51c45cc87251b5a5baa700e2547f4509f33e1a0eb80dc8b4b169fcca286454972b7ffd","size":587451,"data":"","first_seen":"2026-04-21T08:43:59.956987Z","last_seen":"2026-04-21T09:19:58.489857Z","times_seen":5,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-21","alert":"Detects file containing Telegram Bot API","trigger":"applyaebenefits.com/static/js/main.7e8abd35.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"applyaebenefits.com/fazaa/black.png","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET /fazaa/black.png HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:19:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Apr 2026 16:42:09 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e11161-4f756\"\r\nexpires: Thu, 21 May 2026 08:43:31 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 2162\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mPL2hOVUhBeJwN15jYdTRBr9AgH4IEaez6D0%2B%2Bp4jDrYuK8xH8Sy5KNLrCqFTzYGxlzxsI2%2BvcSdTJTSZdOupajpKTrwvxMXgET%2B94cpQN6RtDxBWRIFNRLI0yL8%2By%2F6s%2F%2BWRKxN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb4ecc397a56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":325462,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1094 x 690, 8-bit/color RGBA, non-interlaced","md5":"fc60c2c87c4bebed57b0ca538330e0b2","sha1":"cbee4e1225bb57b2936bba5798e567e8729e8eb7","sha256":"4334dee14acc70fd8f401d27bdbe802692641faa53091789d5af64349c9fd28e","sha512":"97a485dd022987f381fa29f8399b292c8db1923bb440b542502df4ff0887db510e98890995ed46500f93aba4bdab0d88e47c43709b1774ca81666098dbb95ca8","ssdeep":"6144:X7qOWrSZjzWlZ3Uv7gaS7xHXkpZnP8WVUFwfBBLND0KWJo1IB1IHtw:X7TPIlZ3Uzgn7xHUHnPJVUF6BBLCKWee","tlshash":"96642365c161b0f470a2274a1eabd4887828ccf9db5872ecbd627704c02665daaf5f8d","first_seen":"2025-07-14T01:40:28.341387Z","last_seen":"2026-04-21T09:21:05.003013Z","times_seen":26,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":104,"dns":1,"connect":0,"send":0,"wait":25,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/logo.png","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:19:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Apr 2026 16:42:23 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e1116f-2ecf\"\r\nexpires: Thu, 21 May 2026 08:43:31 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 2162\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EAT98kE4Kxbx80IPdYRwcaIDE1%2BD%2Fklw1Hc2s2S2sV5bwjZMxe%2FbX3IVS9PxwjuE0ea0Dd5PLOKvtY5oiwz3I5HKR86ZMcwTTv7MxyCrDb0CamTWntmmaRfOjucMURw8%2FwZ%2BjAK%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb4ecc397b56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11983,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 190, 8-bit/color RGBA, non-interlaced","md5":"9a9b3fe96f9424b0b81f9ea501ec7b2c","sha1":"b854de9743f57eab9e0c07128b869a18a4ce7ef6","sha256":"103d2dcc222fcfa3687bea71569e5e5420de79864e657c15db6566bc7016bc4c","sha512":"7f06c0754c86690a7534a588e2471690fc91793078be5e82af37de5d807d491a325b807461538bd1b9f40aa6b594ab2431a617946f8cf90985a6cbddd40511d9","ssdeep":"192:hophvqeJYDcfDVcC2kgwmt2ooBrpSssc6UNleQHtF8oj3THyth5R/vAC9CerM/UM:homujD2C2tHtMlsc60FH7Hn6VAC9LMTx","tlshash":"ad32c02424de341794defae1a24b9913bf638e28af9d50d74935ce5d002907e2dc5f88","first_seen":"2025-07-14T01:40:28.343166Z","last_seen":"2026-04-21T09:21:05.004996Z","times_seen":26,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":102,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/creo.png","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET /creo.png HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:19:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Apr 2026 16:42:22 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e1116e-8213f\"\r\nexpires: Thu, 21 May 2026 08:43:30 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 2162\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DVxk626nytVY%2F4A3QNmymGJ3wcCcMpg49WoXH%2BThyrfovRkDOlsSCJ96VOWjn9lLdnCrPlsXMpaDXzTNfA2FQugBRuKYr8hnjjMDAv40eBL3OvoO%2FHRJj2QSSrbkzCcwTNw1SwsL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb4ecc397c56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":532799,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1593 x 708, 8-bit/color RGBA, non-interlaced","md5":"c58f6b402a1877f42414a4ed910ca595","sha1":"96b27c16e4d79dea44f97c9e95f402e52714f570","sha256":"daecb3f11e0fb91d28077aad2f09a4082301acb10e1b2cc0e615d035043322d9","sha512":"a5d0939513de2fc0740f70db7f746e26231f13bd2812f2cbbcbe6667c917e7a5f9fd0e235ff34e438ce51636e78f995d6c5851329d1db546fe1d328cfab3ee2d","ssdeep":"12288:0GTw4ZtcpjaVqBm4ZcLM4q8Oz4Ets6iNYtpUqjbs6:0LgtcZaVqB0o49ObriNNgQ6","tlshash":"53b423d4a8c428279e7d9b413533a8363d017a69c8f42e249e5f64b20c297dce51b7be","first_seen":"2025-07-14T01:40:28.34228Z","last_seen":"2026-04-21T09:21:05.016705Z","times_seen":26,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":101,"dns":0,"connect":0,"send":0,"wait":13,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/f4.svg","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET /f4.svg HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:19:33 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Apr 2026 16:42:23 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e1116f-329b\"\r\ncontent-encoding: gzip\r\nage: 4935\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2NKbFlmy51NW77zqxCqup8m5j0WHntQin8L3vhkYY3%2F7X8g%2Br3hze66ce1C%2FeeJEh%2FlT%2Fd60FJ5%2Fcdkzq%2BqeCBgBisAT9lOH0YCfR%2B2VmafzRLYdrmaLP6ZUb7zDkL4Neo0M3Wv%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb4ecc397e56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12955,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"49f2ba822c38198416ece6ff7029f322","sha1":"2c6d79bc7292347b963375c2b0633b1ba07391fc","sha256":"b82affff84599a0085bf78b687f166bbe616acb77a0e8be05e2b451b37d32f7d","sha512":"514ee5a7ca8f22e6b3bf0439b385e3bc1a7fffde88bbb72a592382c4e1db6c07c4ff7c5d34204700bf06a94cb0995c0ffa9142acc2adfcdb84dce83447cebd39","ssdeep":"192:aukGiUUTUXC8pH7xklBHRluMFX9TZ2ZrmNI1YOc5l+e7cyqWYRNZARceNdAXerI:x/fM8nQdJFNTZ2dmNV5lt4tWsQRcOzrI","tlshash":"1642d7f5ab7062e0e848e7a6b6254138795f78fb7fd5c288c355ad64bc521ad8c4ccc0","first_seen":"2025-07-14T01:40:28.338986Z","last_seen":"2026-04-23T02:44:26.0756Z","times_seen":40,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":90,"dns":0,"connect":0,"send":0,"wait":32,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-21T09:19:33.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 09:19:33 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Apr 2026 16:42:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ngBuRHcZsMvTRwcu%2F%2FzvWoJ5IKMW1jiVZ%2BWjEteMGJjQ5vkN7kjdJSuU6mOzC4bHdcHSGcgRpFtx%2B9aBaMxUYIPkn2sF4jdZfOmdQ%2BnplpNbPbtrkHjhoKwJwohKqrABr0uyGEEn\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9efb4ec8fbaa3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1624,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1618), with no line terminators","md5":"f0b64a67e0ebd10d55bcf66235435743","sha1":"4a39dc6bfe3b49c5bc2344cbb2855de15a782870","sha256":"71f467e9bae5c0c4804b737b706cdf57b871a8dc3db3f125571d3d8013d5cb66","sha512":"a461057df2f67ec22827959167201a8eac5cbc76c39b896a065ef4c49b8236bec3dcf8fff04b22205cecd38a46e3cab67a4d8416cb8a1fad9f64b2e92a4d964c","ssdeep":"","tlshash":"9f31c063cd30481c6bb48335998bb01dea68a945d610ec64f69a29db09c1ef3c573f21","first_seen":"2026-04-21T08:43:59.923103Z","last_seen":"2026-04-21T09:19:58.489133Z","times_seen":5,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":39,"dns":27,"connect":1,"send":0,"wait":66,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/static/js/main.7e8abd35.js","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET /static/js/main.7e8abd35.js HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:19:33 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Apr 2026 16:42:14 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e11166-8f6bb\"\r\nexpires: Tue, 21 Apr 2026 19:57:17 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 4935\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o3XHxBoV9WKtpUF99T7cvhHnNbj9zs05xiTgO4AFyFX6%2F0EmkXH%2Fn%2Bp2QxsRkQnlqm7UihRO0WRONXYObpO0tjesmBnjTgxf3oVaYhVTtULAODrqEqe4LDb7HHWfqUsV4EQPdfrM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb4eca3b3349c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":587451,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"03a591ce91d7c17fc541d8fea99e14a5","sha1":"8e39fde368b774006c0f2436957e9b9b481eda62","sha256":"9715dad95113aa536d879d78ddc88ef308e3afee5034c2e342733ef903f01961","sha512":"8724ac2707228622f3a1f7838ebd8964d633263fe594d7f2c14d312d35789d95180fc90b897e3b902c21e69df20a001bfed4a3d58bbfc4e6b257afd0c2594c47","ssdeep":"12288:zeQeCD0T2A7xvo15z1m5zI95AIlBFr5oqbvT:mnA15A5zI9CGHtoqbL","tlshash":"51c45cc87251b5a5baa700e2547f4509f33e1a0eb80dc8b4b169fcca286454972b7ffd","first_seen":"2026-04-21T08:43:59.956987Z","last_seen":"2026-04-21T09:19:58.489857Z","times_seen":5,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-21","alert":"Detects file containing Telegram Bot API","trigger":"applyaebenefits.com/static/js/main.7e8abd35.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"wss","addr":"adcbtemka.cc/","fqdn":"adcbtemka.cc","domain":"adcbtemka.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adcbtemka.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 10:41:35 GMT","end":"Sun, 24 May 2026 11:40:17 GMT"},"fingerprint":{"sha1":"7A:2A:8D:ED:D5:48:2F:26:7E:D2:3C:1B:AB:58:35:BF:5D:5E:68:22","sha256":"8E:2B:66:FF:37:3F:E6:71:55:B8:32:35:C9:1E:4F:EA:49:6D:B1:8B:CC:2E:41:2A:8C:4B:C9:AE:EF:1F:0F:C1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: adcbtemka.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://applyaebenefits.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: IxUyEr/7SPKBz/pzVd3P9Q==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Tue, 21 Apr 2026 09:19:33 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: T3Ca5nwiDPmpWjoIoqh+xWGk3u4=\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=GrkUvZeiwizYrzfD9ywWF3Sr8m3T13loSeQU8aRadKuQiN4%2FPtH72vB7SmFWSOPVU9u%2BRaWjV%2FG4gshMB6LHcLcAr%2BlTlMdkpM28g49NkwyVHY1KV%2BNTjIR05K1MH6o%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9efb4ecccbe3712d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":0,"dns":66,"connect":64,"send":0,"wait":79,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/logo192.png","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET /logo192.png HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:19:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Apr 2026 16:42:24 GMT\r\npriority: u=6,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e11170-14e3\"\r\nexpires: Thu, 21 May 2026 08:43:31 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 2162\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L15YoT4%2F3CjiMsjOfImeJx%2B%2BRVnZj%2FJ4Brg6WAJBXC969%2FInvv8SnUTD2TZqoDuKuwjl%2Bn%2BS6llWukx4K9o7ak6btCBZmJq7NfXODcAhTPKOWWNZeAqyp43wRuJmNryEO1NWNnYb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb4eccfa3156b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5347,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"33dbdd0177549353eeeb785d02c294af","sha1":"7f4f2d68782a7fafceda84554ecab9b489877500","sha256":"c386396ec70db3608075b5fbfaac4ab1ccaa86ba05a68ab393ec551eb66c3e00","sha512":"e34572cf754ff7e1d0acb12d8275252230ad1dd9adc5858e807fef0fb61aea82cb1f9ca3ebab3eeb449460373140105f8d773e7bddbf6745f9e81cc1546621f4","ssdeep":"96:gMgJkzj81lSl2dxYAYKsHHVIqApHGoKf4slNb6LQbTehYx5AtKAdmTRwy/Ik2k3:gMct0nKsUwXTbnkeAMA+Twkv","tlshash":"deb18e4e37e13c238137de00aa8ee5ddff52c6ff81226144e24933e9243839d9591916","first_seen":"2023-04-21T11:39:01Z","last_seen":"2026-04-23T17:17:36.990779Z","times_seen":9086,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/favicon.png","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:19:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Apr 2026 16:42:23 GMT\r\npriority: u=6,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69e1116f-b91\"\r\nexpires: Tue, 19 May 2026 10:37:15 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 168138\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=akNkChFLvc7A%2FWO78yhkQonZvzOjLQLLOpqqPo%2B0gVzMmpLD6Evv1wtijz5bkLBDyiuqExkM7g3dVKmQYh2zpIuiYsj%2FVxMgAZfMHWLdXwKHJltsugwbftzdiYxVC%2FtVhDpOsQq9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb4eccfa3756b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2961,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 74 x 79, 8-bit/color RGBA, non-interlaced","md5":"a26cd9ab45ef085daa13dd8b57563b97","sha1":"b74ce91677d3bb9102877d1054caf3732985f7f0","sha256":"b062b6c7e29d69cd13560b49ec446defd5fa2ca5cc1c6180cab38ad9c4d1f570","sha512":"b3ab24c9bac033d73671794057630397d92d0ed8ee8c947fbadee00cf368ed33b2f72affe7445c1e851460595f0f25d9eeb047ce3cf0d1267ca539a9e5796dd7","ssdeep":"","tlshash":"f4516ccf37ad85e48f5a4d3c9d040b5c3681210c2b11aa40edd11dd30ebf08ebe016ae","first_seen":"2025-07-14T01:40:28.343908Z","last_seen":"2026-04-21T09:21:05.011045Z","times_seen":26,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/static/css/main.b3019ecc.css","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET /static/css/main.b3019ecc.css HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 09:19:33 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Apr 2026 16:42:13 GMT\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"69e11165-b8ae\"\r\nexpires: Tue, 21 Apr 2026 19:57:17 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 4935\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=quLR8fCCKH%2Fue%2Fm2gnZV8nJVQUhSuolgXc8YLDKIXVPxKqKDz8Q6gT0E4UL%2BrVYN31Oyw9%2F%2BZSes46X0EWnxeUh8eoVXHMF6XwhSN8SeR%2B1%2Fk7JCmNFW07A5ZdoVIcIdmCz9OSzJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efb4eca3b3849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47278,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (47169)","md5":"ea2c96e957ce8710496e2dd736657e1a","sha1":"0a3767431477207af790e651dbb138b3e3176c59","sha256":"62611cc74bca60f7715fdc374a032b6ae870ba62f8c9cfbeeda3e984dbd89e1b","sha512":"d3cbfb931a78da519c426fc7eed636d08a7facd3c0716ce85cb75ce8020c2e5302600c147b286d268d9258924496b6545f2715369add2b7eada21f59aac1e605","ssdeep":"384:/tF/Psi2aadNx0j/9NN01MwhwcZAbBj3b6gr:VF/PxPadQBNN01Mwhwc8rF","tlshash":"4623620caa51193a3c5398f6d6dcea5cd11ab4c1debb26de7dcb510887c27e70ea3604","first_seen":"2025-10-30T06:14:53.328001Z","last_seen":"2026-04-21T09:21:05.015047Z","times_seen":19,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/fazaa/black.png","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET /fazaa/black.png HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/logo.png","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applyaebenefits.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 17:55:54 GMT","end":"Mon, 13 Jul 2026 17:55:53 GMT"},"fingerprint":{"sha1":"D5:95:0D:7B:58:3A:B7:CD:2F:22:5D:78:1B:B3:C9:5D:98:86:72:B4","sha256":"8C:4C:5F:7B:EB:C1:11:30:DD:78:F5:5F:D4:65:A8:77:EE:69:88:41:4E:2F:1B:CB:17:35:26:2E:47:6D:9D:BA"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applyaebenefits.com/creo.png","fqdn":"applyaebenefits.com","domain":"applyaebenefits.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applyaebenefits.com/","date":"2026-04-21T09:19:33.672Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /creo.png HTTP/1.1\r\nHost: applyaebenefits.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applyaebenefits.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T17:09:30.501281Z","times_seen":14110607,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}