Report - gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630

Report Overview

Visited public
2025-04-18 13:13:00
Tags
URL
gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630
Finishing URL
gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630
IP / ASN
20.150.12.193
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
Support_Helpdesk

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gfhe16-secondary.z8.web.core.windows.net	unknown	1995-08-10	2025-04-18	2025-04-18	16 kB	2.6 MB	20.150.12.193
ipwho.is	unknown	2022-01-29	2020-06-08	2025-04-16	472 B	929 B	195.201.57.90
code.jquery.com	634	2005-12-10	2012-05-21	2025-04-16	436 B	79 kB	151.101.130.137
settings.luckyorange.com	24189	2010-09-13	2019-06-09	2025-04-18	1.1 kB	1.1 kB	34.107.203.234
tools.luckyorange.com	23930	2010-09-13	2022-12-04	2025-04-18	450 B	41 kB	143.204.55.125

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630	ScriptElement	469 B	2025-03-06	2025-05-17
Pretty URL gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-06 06:49 Last Seen2025-05-17 15:46 Times Seen1682 Hash 92de511d6aebd5015e3ea4ad003cd33a 67447277290455450dc92f275ec1f909ede24755 c39f6c86f301082cad180af682657a1aa014dad499874096afc5566032b27a9b Loading...

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/pheduNYbdTgst.js	ScriptElement	139 B	2025-03-31	2025-05-19
Pretty URL gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/pheduNYbdTgst.js IP 20.150.12.193 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-31 16:55 Last Seen2025-05-19 04:04 Times Seen1643 Hash f562e3f196db282656f0b9e7907c0915 50ede892a49ad9493455646fd6f7d8ece8657f2d 89943fae676f3e22c4d24637a353c26ad2ea892d1c5b7976297a0134c071ad01 Loading...

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630	EventHandler	19 B	2023-04-10	2025-05-19
Pretty URL gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 IP 0.0.0.0 ASN #0 Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23 Last Seen2025-05-19 04:04 Times Seen8415 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/inscPsncSxd.js	ScriptElement	770 B	2025-04-15	2025-05-17
Pretty URL gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/inscPsncSxd.js IP 20.150.12.193 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-15 13:57 Last Seen2025-05-17 15:46 Times Seen1146 Hash ef30c617f1929c0e0fc73d3cf5df7e28 723567010750c93e2445ece3727d8759d45a9fd9 e30579b140c0fb1c10e80b32d810a4b298cf90659a0edd08c48fb75d29abba48 Loading...

	tools.luckyorange.com/core/lo.js?site-id=45ac65e0	ScriptElement	41 kB	2025-04-12	2025-05-16
Pretty URL tools.luckyorange.com/core/lo.js?site-id=45ac65e0 IP 143.204.55.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-12 16:23 Last Seen2025-05-16 12:43 Times Seen42 Hash dbf90bacafdb5f698877019ea68f4b07 8ee08abde86be96e603581a704e55ca94b5611bf dbd7affbe829ab064f526470f29b748c719ec02a2ac96575d7c75626a9d5f9dd Loading...

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/frwisYbsyBWa.js	ScriptElement	7.6 kB	2025-03-31	2025-05-17
Pretty URL gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/frwisYbsyBWa.js IP 20.150.12.193 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-31 17:08 Last Seen2025-05-17 15:46 Times Seen1366 Hash 66a8558c34fd362a658bb979b6898865 88a7188adab980d67ef176ee5739a4093dcaa517 0d67e180d9e7e7369f0f08e76ca25134778a0c2a090d17743ed5acdfe1b65a61 Loading...

	code.jquery.com/jquery-1.4.4.min.js	ScriptElement	79 kB	2023-03-07	2025-05-19
Pretty URL code.jquery.com/jquery-1.4.4.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-19 04:04 Times Seen5353 Hash 73a9c334c5ca71d70d092b42064f6476 b75990598ee8d3895448ed9d08726af63109f842 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c Loading...

		Size	First Seen	Last Seen
	#1 Write - 2f57028ca6e02e2c04cc76373314cb75	14 B	2025-04-11 12:42	2025-04-18 14:46
Pretty Observations First Seen2025-04-11 12:42 Last Seen2025-04-18 14:46 Times Seen84 Hash 2f57028ca6e02e2c04cc76373314cb75 3cc301980a022ce4dc81f2444c801cd594ef3f84 b4f139487652474e1644722fa0adcd20b8ddf45ab87fee83503c8f00386a39f9 Loading...

HTTP Transactions (36)

	URL	IP	Response	Size
	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/re.gif	20.150.12.193	200 OK	15 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/re.gif IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type GIF image data, version 89a, 193 x 71 Size 15 kB (14751 bytes) Hash 6fcb78e0cd7933a70eea2cf071f82118 70364bffd62fe33360abe70ecc7f7c0541b3b54c 4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86 HTTP Headers GET /wewebinfo01USAHTML/re.gif HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 14751 Content-Type: image/gif Content-MD5: b8t44M15M6cO6izwcfghGA== Last-Modified: Thu, 17 Apr 2025 12:05:30 GMT Accept-Ranges: bytes ETag: "0x8DD7DA82655462A" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 1519742e-701e-0014-7e63-b02b84000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	ipwho.is/?lang=en	195.201.57.90	200 OK	669 B
URL GET ipwho.is/?lang=en IP 195.201.57.90:443 ASN #24940 Hetzner Online GmbH Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerGoGetSSL Subjectipwho.is Fingerprint23:45:4F:91:B0:11:6E:44:AE:44:5A:2A:A3:B7:9E:11:6A:17:40:9D ValidityMon, 03 Mar 2025 00:00:00 GMT - Tue, 03 Mar 2026 23:59:59 GMT File type JSON text data Size 669 B (669 bytes) Hash 741456ec9ed164f660be43b086c17b6e c0afc9431d31e54130d5ec7f51beeaaa35f49316 c86e78395ea7b4fb0186e49073a58b39d8a51902a28ee5633e7d0c6e9caefb71 HTTP Headers `GET /?lang=en HTTP/1.1 Host: ipwho.is User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://gfhe16-secondary.z8.web.core.windows.net DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 18 Apr 2025 13:12:42 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Server: ipwhois Access-Control-Allow-Origin: * Access-Control-Allow-Headers: * X-Robots-Tag: noindex`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/winlo.png	20.150.12.193	200 OK	12 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/winlo.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced Size 12 kB (12386 bytes) Hash 20fc730f7b1ae7b900f66dbc7ddc3fc3 06b0abaca87ae75f8ed24d043b84f84e8ce8a473 250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2 HTTP Headers GET /wewebinfo01USAHTML/winlo.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 12386 Content-Type: image/png Content-MD5: IPxzD3sa57kA9m28fdw/ww== Last-Modified: Thu, 17 Apr 2025 12:05:34 GMT Accept-Ranges: bytes ETag: "0x8DD7DA8285E3250" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 7a7b5a36-701e-0066-7163-b02ccb000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:41 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/cs.png	20.150.12.193	200 OK	3.2 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/cs.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 520 x 520, 8-bit colormap, non-interlaced Size 3.2 kB (3152 bytes) Hash 911f04c21d791a20574a4b287b60d3af 4cef2ee054e7a08fbf9692fded2d9cf1f1700cf8 b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4 HTTP Headers GET /wewebinfo01USAHTML/cs.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 3152 Content-Type: image/png Content-MD5: kR8Ewh15GiBXSksoe2DTrw== Last-Modified: Thu, 17 Apr 2025 12:05:19 GMT Accept-Ranges: bytes ETag: "0x8DD7DA81F7554F3" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: e0abc10a-f01e-0078-6763-b0c013000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/nvidia.js	20.150.12.193	200 OK	2.1 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/nvidia.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type JavaScript source, ASCII text, with very long lines (2054), with no line terminators Size 2.1 kB (2054 bytes) Hash 921e013d361401879fe324e511d1c766 40a531545ec76297667c108bc3cc369e0f4b0e47 ad3619bd3e93e1e3a05f7ac346ec2d8afdd5bb2a583a876c0a085ce57fe6f2f0 HTTP Headers `GET /wewebinfo01USAHTML/nvidia.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 2054 Content-Type: text/javascript Content-MD5: kh4BPTYUAYef4yTlEdHHZg== Last-Modified: Thu, 17 Apr 2025 12:05:27 GMT Accept-Ranges: bytes ETag: "0x8DD7DA82496EBF9" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 7a7b5a24-701e-0066-6063-b02ccb000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/esc.js	20.150.12.193	200 OK	87 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/esc.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type ASCII text, with CRLF line terminators Size 87 B (87 bytes) Hash 3335a14050d4f6057bb019cf705843b4 1ecf59ecd458a27998fc365cbfa6ad8d5e7c1226 46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14 HTTP Headers `GET /wewebinfo01USAHTML/esc.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 87 Content-Type: text/javascript Content-MD5: MzWhQFDU9gV7sBnPcFhDtA== Last-Modified: Thu, 17 Apr 2025 12:05:20 GMT Accept-Ranges: bytes ETag: "0x8DD7DA820008F46" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 1519742a-701e-0014-7c63-b02b84000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/info.js	20.150.12.193	200 OK	140 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/info.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type ASCII text, with CRLF line terminators Size 140 B (140 bytes) Hash 08fa4a10338b833281f71219151461d4 3e5eb6914e8b028464a5d45187ad53e297a9cc25 c132ef133ad42c2c2de16446b842f809ba8d9a5527eb7201ec8cf4b384689f0f HTTP Headers `GET /wewebinfo01USAHTML/info.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 140 Content-Type: text/javascript Content-MD5: CPpKEDOLgzKB9xIZFRRh1A== Last-Modified: Thu, 17 Apr 2025 12:05:22 GMT Accept-Ranges: bytes ETag: "0x8DD7DA821316584" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 0634b2d4-701e-002b-7663-b0e327000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:41 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/def.gif	20.150.12.193	200 OK	170 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/def.gif IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type GIF image data, version 89a, 668 x 331 Size 170 kB (169529 bytes) Hash 1b7d291318f642858a53057da140019a c1086f1918121d173bdb5b52cea2cdd8f449a5eb 35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2 HTTP Headers GET /wewebinfo01USAHTML/def.gif HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 169529 Content-Type: image/gif Content-MD5: G30pExj2QoWKUwV9oUABmg== Last-Modified: Thu, 17 Apr 2025 12:05:20 GMT Accept-Ranges: bytes ETag: "0x8DD7DA8206F1E40" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 5086d4e9-e01e-0064-1963-b09273000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/vsc.png	20.150.12.193	200 OK	752 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/vsc.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 128 x 128, 1-bit colormap, non-interlaced Size 752 B (752 bytes) Hash 87073644990cb240bcc9aca429af2670 0e452e1f87d811c459d5c7084861f16076c71359 23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7 HTTP Headers GET /wewebinfo01USAHTML/vsc.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 752 Content-Type: image/png Content-MD5: hwc2RJkMskC8yaykKa8mcA== Last-Modified: Thu, 17 Apr 2025 12:05:32 GMT Accept-Ranges: bytes ETag: "0x8DD7DA8273041B8" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 7a7b5a33-701e-0066-6e63-b02ccb000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:41 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/wnesjdf.js	20.150.12.193	200 OK	1.8 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/wnesjdf.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 1.8 kB (1788 bytes) Hash c36d1177ac1bd4c98ba14cf21792fd7a 95b961738e8d72683c671284db4e948d30ee73ff f1e666ff0fd78334f886749ef167fcc369985debe48e0950694dde7c012ff37d HTTP Headers `GET /wewebinfo01USAHTML/wnesjdf.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 1788 Content-Type: text/javascript Content-MD5: w20Rd6wb1MmLoUzyF5L9eg== Last-Modified: Thu, 17 Apr 2025 12:05:34 GMT Accept-Ranges: bytes ETag: "0x8DD7DA828625061" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: e0abc108-f01e-0078-6563-b0c013000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:39 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/index.html	20.150.12.193	200 OK	13 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/index.html IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (371) Size 13 kB (13213 bytes) Hash b32f35ba7a07c46aa63babda253eae86 ae0d42637a0988249d37a17d19e792f28ead7e5c 65415313f92c52dfa6537f3b67b9850dba9a9b640dd25819614e9589225d37a3 HTTP Headers GET /wewebinfo01USAHTML/index.html HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 13213 Content-Type: text/html Content-MD5: 4TWsQyJlMu33H0qbiDzuKw== Last-Modified: Thu, 17 Apr 2025 12:05:21 GMT Accept-Ranges: bytes ETag: "0x8DD7DA820F1A752" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 864f0443-601e-007a-5763-b07eab000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:43 GMT`

	code.jquery.com/jquery-1.4.4.min.js	151.101.130.137	200 OK	79 kB
URL GET code.jquery.com/jquery-1.4.4.min.js IP 151.101.130.137:443 ASN #54113 FASTLY Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerSectigo Limited Subject.jquery.com FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5 ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (820) Size 79 kB (78601 bytes) Hash 73a9c334c5ca71d70d092b42064f6476 b75990598ee8d3895448ed9d08726af63109f842 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c HTTP Headers `GET /jquery-1.4.4.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-13309" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * cross-origin-resource-policy: cross-origin content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Fri, 18 Apr 2025 13:12:41 GMT age: 3290975 x-served-by: cache-lga21980-LGA, cache-hel1410028-HEL x-cache: HIT, HIT x-cache-hits: 606, 1414 x-timer: S1744981961.061478,VS0,VE0 vary: Accept-Encoding content-length: 27078 X-Firefox-Spdy: h2

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/mnc.png	20.150.12.193	200 OK	166 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/mnc.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 140 x 30, 1-bit colormap, non-interlaced Size 166 B (166 bytes) Hash 51ebbb1879093893b39bbb6e970217ae 196aa8f9ae46c8a46b2a997904abeafad817fcee 1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7 HTTP Headers GET /wewebinfo01USAHTML/mnc.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 166 Content-Type: image/png Content-MD5: Ueu7GHkJOJOzm7tulwIXrg== Last-Modified: Thu, 17 Apr 2025 12:05:24 GMT Accept-Ranges: bytes ETag: "0x8DD7DA822926C02" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 0634b2d8-701e-002b-7a63-b0e327000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:41 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/set.png	20.150.12.193	200 OK	360 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/set.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced Size 360 B (360 bytes) Hash 07b254d9ba665e8fdfa1a577851a4942 08a88fd66d8677240ce3c16a06ece9af54e54663 d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3 HTTP Headers GET /wewebinfo01USAHTML/set.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 360 Content-Type: image/png Content-MD5: B7JU2bpmXo/foaV3hRpJQg== Last-Modified: Thu, 17 Apr 2025 12:05:30 GMT Accept-Ranges: bytes ETag: "0x8DD7DA82667B9DA" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: e0abc10d-f01e-0078-6a63-b0c013000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/bx1.png	20.150.12.193	200 OK	119 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/bx1.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 1056 x 908, 8-bit/color RGBA, non-interlaced Size 119 kB (119079 bytes) Hash 375f2aedc7a2c955f3a3d6086ab9560b 585c0154809d7513811bc4030254926c6ab8738e 02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35 HTTP Headers GET /wewebinfo01USAHTML/bx1.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 119079 Content-Type: image/png Content-MD5: N18q7ceiyVXzo9YIarlWCw== Last-Modified: Thu, 17 Apr 2025 12:05:18 GMT Accept-Ranges: bytes ETag: "0x8DD7DA81F404382" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: e0abc111-f01e-0078-6e63-b0c013000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/jupiter.js	20.150.12.193	200 OK	503 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/jupiter.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 503 B (503 bytes) Hash cd6c33fbc221d0271c910af910e6ebed 9b52f24d6f10b885bb19db1c4b531469f96d2914 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479 HTTP Headers `GET /wewebinfo01USAHTML/jupiter.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 503 Content-Type: text/javascript Content-MD5: zWwz+8Ih0CcckQr5EObr7Q== Last-Modified: Thu, 17 Apr 2025 12:05:23 GMT Accept-Ranges: bytes ETag: "0x8DD7DA821C021B1" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 5086d4e6-e01e-0064-1663-b09273000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/custom.js	20.150.12.193	200 OK	2.9 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/custom.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 2.9 kB (2854 bytes) Hash fb852dbba67b4d8f7de6edb232b5bf30 61885a84863c67efcb43b1911e2602224dc4ce5f cec2b7db31c8b57e79cd44c644b8b0345bb08b970a4b4902a604912536a0cb80 HTTP Headers `GET /wewebinfo01USAHTML/custom.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 2854 Content-Type: text/javascript Content-MD5: +4Utu6Z7TY995u2yMrW/MA== Last-Modified: Thu, 17 Apr 2025 12:05:19 GMT Accept-Ranges: bytes ETag: "0x8DD7DA81F83AA94" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 7a7b5a28-701e-0066-6463-b02ccb000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	settings.luckyorange.com/45ac65e0	34.107.203.234	200 OK	149 B
URL GET settings.luckyorange.com/45ac65e0 IP 34.107.203.234:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerLet's Encrypt Subjectsettings.luckyorange.com FingerprintA9:35:91:73:5B:15:D9:6D:6D:FC:B5:6B:18:9E:D6:2C:E5:A2:3B:95 ValidityMon, 07 Apr 2025 23:02:57 GMT - Sun, 06 Jul 2025 23:02:56 GMT File type JSON text data Size 149 B (149 bytes) Hash 5ab79b37fa69455e1e5275e05f7ea89a cf8291e6d4328767e0bc2372e5646c2cb48a2af8 46bc304299165aa7ce61777e0b5e97d9bf99af4333751a2fc66fe70458735c1e HTTP Headers GET /45ac65e0 HTTP/1.1 Host: settings.luckyorange.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gfhe16-secondary.z8.web.core.windows.net/ x-lucky-uid: undefined x-lucky-referrer: Origin: https://gfhe16-secondary.z8.web.core.windows.net DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK access-control-allow-origin: https://gfhe16-secondary.z8.web.core.windows.net access-control-allow-credentials: true content-type: application/json; charset=utf-8 content-length: 149 vary: Accept-Encoding date: Fri, 18 Apr 2025 13:12:42 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/frwisYbsyBWa.js	20.150.12.193	200 OK	7.6 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/frwisYbsyBWa.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 7.6 kB (7617 bytes) Hash 66a8558c34fd362a658bb979b6898865 88a7188adab980d67ef176ee5739a4093dcaa517 0d67e180d9e7e7369f0f08e76ca25134778a0c2a090d17743ed5acdfe1b65a61 HTTP Headers `GET /wewebinfo01USAHTML/frwisYbsyBWa.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 7617 Content-Type: text/javascript Content-MD5: ZqhVjDT9Nipli7l5tomIZQ== Last-Modified: Thu, 17 Apr 2025 12:05:21 GMT Accept-Ranges: bytes ETag: "0x8DD7DA820E378BF" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 15197420-701e-0014-7363-b02b84000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:39 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/msmm.png	20.150.12.193	200 OK	148 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/msmm.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 31 x 30, 4-bit colormap, non-interlaced Size 148 B (148 bytes) Hash 786e451b89111d04cb1fba3d32c398fa cbcbacb13686702d2ff96c749c0c08e4913ee24e 7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6 HTTP Headers GET /wewebinfo01USAHTML/msmm.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 148 Content-Type: image/png Content-MD5: eG5FG4kRHQTLH7o9MsOY+g== Last-Modified: Thu, 17 Apr 2025 12:05:25 GMT Accept-Ranges: bytes ETag: "0x8DD7DA823679C0F" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 7a7b5a2a-701e-0066-6663-b02ccb000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:41 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/ques.png	20.150.12.193	200 OK	349 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/ques.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced Size 349 B (349 bytes) Hash 7454c652e0733d92de6c920c2d646ae0 34a5bd8c7401f95e346895b0e5ccffbf0e9ad638 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7 HTTP Headers GET /wewebinfo01USAHTML/ques.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 349 Content-Type: image/png Content-MD5: dFTGUuBzPZLebJIMLWRq4A== Last-Modified: Thu, 17 Apr 2025 12:05:29 GMT Accept-Ranges: bytes ETag: "0x8DD7DA825939B21" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 15197430-701e-0014-8063-b02b84000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/inscPsncSxd.js	20.150.12.193	200 OK	770 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/inscPsncSxd.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type ASCII text, with CRLF line terminators Size 770 B (770 bytes) Hash ef30c617f1929c0e0fc73d3cf5df7e28 723567010750c93e2445ece3727d8759d45a9fd9 e30579b140c0fb1c10e80b32d810a4b298cf90659a0edd08c48fb75d29abba48 HTTP Headers `GET /wewebinfo01USAHTML/inscPsncSxd.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 770 Content-Type: text/javascript Content-MD5: 7zDGF/GSnA4Pxz089d9+KA== Last-Modified: Thu, 17 Apr 2025 12:05:23 GMT Accept-Ranges: bytes ETag: "0x8DD7DA821BB677C" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 0634b2ce-701e-002b-7063-b0e327000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/web1.png	20.150.12.193	200 OK	60 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/web1.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 956 x 816, 8-bit/color RGBA, non-interlaced Size 60 kB (59561 bytes) Hash 3c4478d9526bbac9186ed7b1f68a228d 572e33f91c67c295020e5d1b04e9debc5590a96b 20b06790b46a305c70cdd9837e24abaa5511aed95df8fa54ad0c9ff117c6042d HTTP Headers GET /wewebinfo01USAHTML/web1.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 59561 Content-Type: image/png Content-MD5: PER42VJruskYbtex9ooijQ== Last-Modified: Thu, 17 Apr 2025 12:05:32 GMT Accept-Ranges: bytes ETag: "0x8DD7DA827888D1F" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 15197432-701e-0014-0263-b02b84000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/webs.mp4	20.150.12.193	206 Partial Content	8.4 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/webs.mp4 IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural Size 8.4 kB (8405 bytes) Hash 8618fbb0911e3b8fc96725dee8bfd81f 1bbcb78922946d0cf18fbf3a9e092e36453eb767 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1 HTTP Headers GET /wewebinfo01USAHTML/webs.mp4 HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/*;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 206 Partial Content Content-Length: 8405 Content-Type: video/mp4 Content-Range: bytes 0-8404/8405 Last-Modified: Thu, 17 Apr 2025 12:05:32 GMT Accept-Ranges: bytes ETag: "0x8DD7DA82772978F" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: e0abc12b-f01e-0078-0463-b0c013000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:43 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/pheduNYbdTgst.js	20.150.12.193	200 OK	139 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/pheduNYbdTgst.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type ASCII text, with CRLF line terminators Size 139 B (139 bytes) Hash f562e3f196db282656f0b9e7907c0915 50ede892a49ad9493455646fd6f7d8ece8657f2d 89943fae676f3e22c4d24637a353c26ad2ea892d1c5b7976297a0134c071ad01 HTTP Headers `GET /wewebinfo01USAHTML/pheduNYbdTgst.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 139 Content-Type: text/javascript Content-MD5: 9WLj8ZbbKCZW8LnnkHwJFQ== Last-Modified: Thu, 17 Apr 2025 12:05:29 GMT Accept-Ranges: bytes ETag: "0x8DD7DA8255D9F5E" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 864f03b5-601e-007a-4e63-b07eab000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:39 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/bxs.png	20.150.12.193	200 OK	4.8 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/bxs.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 840 x 32, 8-bit/color RGBA, non-interlaced Size 4.8 kB (4776 bytes) Hash dd1acbd9435c4415ce503a98d8a5ff2b f10046f388d944ce798706919c9d78423aa1d29b 689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199 HTTP Headers GET /wewebinfo01USAHTML/bxs.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 4776 Content-Type: image/png Content-MD5: 3RrL2UNcRBXOUDqY2KX/Kw== Last-Modified: Thu, 17 Apr 2025 12:05:18 GMT Accept-Ranges: bytes ETag: "0x8DD7DA81F12D1FC" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 0634b2dd-701e-002b-7f63-b0e327000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:41 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/f24.png	20.150.12.193	200 OK	1.8 MB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/f24.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 3016 x 1888, 8-bit/color RGBA, non-interlaced Size 1.8 MB (1832599 bytes) Hash a5291229d2ccab0316e62ea05282f335 9a4358bb92ec5bc848a43f0a93f5c2375e580967 58ad7ea2ca500817266dd0a83b8c4edb0739fd456664b5a2da132204a2240419 HTTP Headers GET /wewebinfo01USAHTML/f24.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 1832599 Content-Type: image/png Content-MD5: pSkSKdLMqwMW5i6gUoLzNQ== Last-Modified: Thu, 17 Apr 2025 12:05:33 GMT Accept-Ranges: bytes ETag: "0x8DD7DA827EB1057" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 864f03d3-601e-007a-6c63-b07eab000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/main.js	20.150.12.193	200 OK	1.1 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/main.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 1.1 kB (1144 bytes) Hash 194810bcf097cc8049b0eef29ac22cb2 9d64f4f70d21c46fc74dbf2eb41a00ce46705f20 353de29431d96f8efe3739cf3c16eaf57a536e3b13fe0c57f53c81917deb9cdb HTTP Headers `GET /wewebinfo01USAHTML/main.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 1144 Content-Type: text/javascript Content-MD5: GUgQvPCXzIBJsO7ymsIssg== Last-Modified: Thu, 17 Apr 2025 12:05:23 GMT Accept-Ranges: bytes ETag: "0x8DD7DA8221FBEEB" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 864f03c6-601e-007a-5f63-b07eab000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:40 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/visudk.mp4	20.150.12.193	206 Partial Content	201 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/visudk.mp4 IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type Audio file with ID3 version 2.3.0, contains: - MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Monaural Size 201 kB (200832 bytes) Hash 0116152611dd51432e852781f8cc7e82 2408d3d281b25649894f78a4e19f7f8a8ac735f9 fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65 HTTP Headers GET /wewebinfo01USAHTML/visudk.mp4 HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/*;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 206 Partial Content Content-Length: 200832 Content-Type: video/mp4 Content-Range: bytes 0-200831/200832 Last-Modified: Thu, 17 Apr 2025 12:05:32 GMT Accept-Ranges: bytes ETag: "0x8DD7DA82780ED2D" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 1519743d-701e-0014-0a63-b02b84000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:42 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/tapa.css	20.150.12.193	200 OK	20 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/tapa.css IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type assembler source, ASCII text, with CRLF line terminators Size 20 kB (19500 bytes) Hash 50709174280689209e0a1ce4290818cc 5b6115fb99094c21081cc559690bc9d3a8acd5de 863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de HTTP Headers GET /wewebinfo01USAHTML/tapa.css HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 19500 Content-Type: text/css Content-MD5: UHCRdCgGiSCeChzkKQgYzA== Last-Modified: Thu, 17 Apr 2025 12:05:31 GMT Accept-Ranges: bytes ETag: "0x8DD7DA8268E279C" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 1519741f-701e-0014-7263-b02b84000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:39 GMT`

	tools.luckyorange.com/core/lo.js?site-id=45ac65e0	143.204.55.125	200 OK	41 kB
URL GET tools.luckyorange.com/core/lo.js?site-id=45ac65e0 IP 143.204.55.125:443 ASN #16509 AMAZON-02 Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerAmazon Subjectluckyorange.com FingerprintF0:E7:5A:37:B1:D7:47:7D:D7:DC:58:91:50:3D:7A:9B:71:46:21:08 ValidityThu, 17 Oct 2024 00:00:00 GMT - Fri, 14 Nov 2025 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (40706), with no line terminators Size 41 kB (40718 bytes) Hash dbf90bacafdb5f698877019ea68f4b07 8ee08abde86be96e603581a704e55ca94b5611bf dbd7affbe829ab064f526470f29b748c719ec02a2ac96575d7c75626a9d5f9dd HTTP Headers `GET /core/lo.js?site-id=45ac65e0 HTTP/1.1 Host: tools.luckyorange.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript content-length: 13643 last-modified: Fri, 11 Apr 2025 18:42:09 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip accept-ranges: bytes server: AmazonS3 date: Fri, 18 Apr 2025 12:42:12 GMT cache-control: max-age=3600 etag: "21edcf7cb1a20362b4d8c26478c13dd6" vary: accept-encoding x-cache: Hit from cloudfront via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: KGq9-RU0LhJwM33el2xr13Ggez9Y-vQX4yz-m8VDrF2SRudY-W6HiQ== age: 1829 X-Firefox-Spdy: h2

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/noir.js	20.150.12.193	200 OK	84 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/noir.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type JavaScript source, ASCII text, with very long lines (32180) Size 84 kB (84272 bytes) Hash a8325a8dddc75eb4cd78a4c9d207aaf3 5a956570fbffd26b497f38ea3a28f0bc075d5efc 46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b HTTP Headers `GET /wewebinfo01USAHTML/noir.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 84272 Content-Type: text/javascript Content-MD5: qDJajd3HXrTNeKTJ0geq8w== Last-Modified: Thu, 17 Apr 2025 12:05:28 GMT Accept-Ranges: bytes ETag: "0x8DD7DA824CE470B" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: e0abc0ef-f01e-0078-5963-b0c013000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:39 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/index.html	20.150.12.193	206 Partial Content	13 kB
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/index.html IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (371) Size 13 kB (13213 bytes) Hash b32f35ba7a07c46aa63babda253eae86 ae0d42637a0988249d37a17d19e792f28ead7e5c 65415313f92c52dfa6537f3b67b9850dba9a9b640dd25819614e9589225d37a3 HTTP Headers GET /wewebinfo01USAHTML/index.html HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/*;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 206 Partial Content Content-Length: 13213 Content-Type: text/html Content-Range: bytes 0-13212/13213 Last-Modified: Thu, 17 Apr 2025 12:05:21 GMT Accept-Ranges: bytes ETag: "0x8DD7DA820F1A752" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 5086d4fd-e01e-0064-2763-b09273000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:42 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/dm.png	20.150.12.193	200 OK	347 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/dm.png IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type PNG image data, 100 x 100, 1-bit colormap, non-interlaced Size 347 B (347 bytes) Hash 4a39876d0660cfe5b1f5cb073498c66d 174e953eb12a558f9ebdd2a276fc6b544cb8dbee 1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5 HTTP Headers GET /wewebinfo01USAHTML/dm.png HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 347 Content-Type: image/png Content-MD5: SjmHbQZgz+Wx9csHNJjGbQ== Last-Modified: Thu, 17 Apr 2025 12:05:20 GMT Accept-Ranges: bytes ETag: "0x8DD7DA81FF260A4" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 0634b2e3-701e-002b-0463-b0e327000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:41 GMT`

	gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/bxsafe.js	20.150.12.193	200 OK	334 B
URL GET gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/bxsafe.js IP 20.150.12.193:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint6E:EB:BE:20:89:4B:98:C4:E2:8A:84:7D:75:6F:98:42:65:33:03:8C ValiditySat, 01 Feb 2025 04:27:20 GMT - Thu, 31 Jul 2025 04:27:20 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 334 B (334 bytes) Hash 4ccbafe3294ad0c33dc22099d9a66ac8 eef5cdf453fd67e6a9096ee4d8ce16942ce0280b ba2a8e0e05fd4b666e404981470fc5bc59b2d9654b1c025a339e3cefdac6308c HTTP Headers `GET /wewebinfo01USAHTML/bxsafe.js HTTP/1.1 Host: gfhe16-secondary.z8.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 334 Content-Type: text/javascript Content-MD5: TMuv4ylK0MM9wiCZ2aZqyA== Last-Modified: Thu, 17 Apr 2025 12:05:18 GMT Accept-Ranges: bytes ETag: "0x8DD7DA81F30DC96" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 15197424-701e-0014-7763-b02b84000000 x-ms-version: 2018-03-28 Date: Fri, 18 Apr 2025 13:12:39 GMT`

	settings.luckyorange.com/45ac65e0	34.107.203.234	200 OK	0 B
URL OPTIONS settings.luckyorange.com/45ac65e0 IP 34.107.203.234:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://gfhe16-secondary.z8.web.core.windows.net/wewebinfo01USAHTML/?bcda=1-888-844-9630 Certificate IssuerLet's Encrypt Subjectsettings.luckyorange.com FingerprintA9:35:91:73:5B:15:D9:6D:6D:FC:B5:6B:18:9E:D6:2C:E5:A2:3B:95 ValidityMon, 07 Apr 2025 23:02:57 GMT - Sun, 06 Jul 2025 23:02:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /45ac65e0 HTTP/1.1 Host: settings.luckyorange.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid Referer: https://gfhe16-secondary.z8.web.core.windows.net/ Origin: https://gfhe16-secondary.z8.web.core.windows.net DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK access-control-allow-origin: https://gfhe16-secondary.z8.web.core.windows.net access-control-allow-credentials: true access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer access-control-max-age: 86400 date: Fri, 18 Apr 2025 13:12:41 GMT via: 1.1 google content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (36)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size