urlscan.io logo urlscan.io
SecurityTrails logo

answers.microsoft.com Open in urlscan Pro
2a02:26f0:480:bae::3432  Public Scan

Go To Rescan Add Verdict Report
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Submission: On September 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 42 HTTP transactions. The main IP is 2a02:26f0:480:bae::3432, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is answers.microsoft.com. The Cisco Umbrella rank of the primary domain is 19174.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on January 17th 2024. Valid for: a year.
This is the only time answers.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 6 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2603:1026:300... 8075 (MICROSOFT...)
1 2606:2800:233... 15133 (EDGECAST)
1 20.190.160.17 8075 (MICROSOFT...)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
17 2620:1ec:bdf::60 8075 (MICROSOFT...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2620:1ec:29:1... 8075 (MICROSOFT...)
5 2620:1ec:bdf::42 8075 (MICROSOFT...)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2603:1027:1:d... 8075 (MICROSOFT...)
1 20.189.173.6 8075 (MICROSOFT...)
42 14
6    2a02:26f0:480:bae::3432 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
answers.microsoft.com
2    2603:1026:3000:d0::6 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    20.190.160.17 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
3    2a02:26f0:480:bb1::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.microsoft.com
17    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
answers-afd.microsoft.com
js.monitor.azure.com
1    2a02:26f0:480:15::213:7e62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-prod-cms-rt-microsoft-com.akamaized.net
1    2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
filestore.community.support.microsoft.com
5    2620:1ec:bdf::42 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
consentdeliveryfd.azurefd.net
mem.gfx.ms
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wcpstatic.microsoft.com
2    2a02:26f0:480:f86::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.s-microsoft.com
2    2603:1027:1:d8::7 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    20.189.173.6 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
27 microsoft.com
answers.microsoft.com — Cisco Umbrella Rank: 19174
www.microsoft.com — Cisco Umbrella Rank: 369
answers-afd.microsoft.com — Cisco Umbrella Rank: 24581
filestore.community.support.microsoft.com — Cisco Umbrella Rank: 26734
wcpstatic.microsoft.com — Cisco Umbrella Rank: 4884
browser.events.data.microsoft.com — Cisco Umbrella Rank: 77 Failed
2 MB
4 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 4518
87 KB
4 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 9
13 KB
2 s-microsoft.com
c.s-microsoft.com — Cisco Umbrella Rank: 6279
62 KB
2 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 600
112 KB
1 azurefd.net
consentdeliveryfd.azurefd.net — Cisco Umbrella Rank: 14881
80 KB
1 akamaized.net
img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 3432
4 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 59
1 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 850
51 KB
42 9
Domain Requested by
15 answers-afd.microsoft.com answers.microsoft.com
answers-afd.microsoft.com
6 answers.microsoft.com 3 redirects
4 mem.gfx.ms answers.microsoft.com
mem.gfx.ms
4 login.microsoftonline.com mem.gfx.ms
3 www.microsoft.com answers.microsoft.com
answers-afd.microsoft.com
2 c.s-microsoft.com answers-afd.microsoft.com
www.microsoft.com
2 js.monitor.azure.com answers.microsoft.com
mem.gfx.ms
1 browser.events.data.microsoft.com js.monitor.azure.com
1 wcpstatic.microsoft.com answers.microsoft.com
1 consentdeliveryfd.azurefd.net answers.microsoft.com
1 filestore.community.support.microsoft.com answers.microsoft.com
1 img-prod-cms-rt-microsoft-com.akamaized.net answers.microsoft.com
1 login.live.com aadcdn.msftauth.net
1 aadcdn.msftauth.net login.microsoftonline.com
42 14
Subject Issuer Validity Valid
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-08-31 -
2025-02-28		 6 months crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-08-28 -
2025-02-28		 6 months crt.sh
answers.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-01-17 -
2025-01-11		 a year crt.sh
www.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-08-26 -
2025-08-21		 a year crt.sh
answers-afd.microsoft.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-07-29 -
2025-01-29		 6 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
filestore.community.support.microsoft.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-09-10 -
2025-03-09		 6 months crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-08-20 -
2025-08-15		 a year crt.sh
*.azurefd.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-08-05 -
2025-07-31		 a year crt.sh
wcpstatic.microsoft.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
identitycdn.msauth.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-08-31 -
2025-08-26		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-09-14 -
2025-09-09		 a year crt.sh

This page contains 5 frames:

Primary Page: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Frame ID: 2089DE68ED84C9A7FAF311D3D569C5FA
Requests: 38 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: 99CBCA53363E5721F68B08EF8561E004
Requests: 1 HTTP requests in this frame

Frame: https://login.microsoftonline.com/savedusers?appid=a81d90ac-aa75-4cf8-b14c-58bf348528fe&wreply=https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fall%2Fhave-i-been-hacked%2Fbbf22690-6b9f-47b9-9ead-e93a4f5f188a&uaid=ddeae6a3-ce4e-472a-298e-4edba0cd0df4&partnerId=msanswers&idpflag=proxy
Frame ID: B17A625C188B630A193CC43314B75914
Requests: 1 HTTP requests in this frame

Frame: https://login.microsoftonline.com/savedusers?appid=a81d90ac-aa75-4cf8-b14c-58bf348528fe&wreply=https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fall%2Fhave-i-been-hacked%2Fbbf22690-6b9f-47b9-9ead-e93a4f5f188a&uaid=ddeae6a3-ce4e-472a-298e-4edba0cd0df4&partnerId=msanswers&idpflag=proxy
Frame ID: 98C73F7D0FCA4F4727E3DEAEBF8D036D
Requests: 1 HTTP requests in this frame

Frame: https://mem.gfx.ms/me/mecache?partner=msanswers&wreply=https%3A%2F%2Fanswers.microsoft.com
Frame ID: E8382738186BB4548CFCEDEDE08E25A5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Have I been hacked? - Microsoft Community

Page URL History Show full URLs

  1. https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a HTTP 302
    https://answers.microsoft.com/en-us/site/silentsignin?returnUrl=https%3A%2F%2Fanswers.microsoft.com%2Fen-u... HTTP 302
    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=a81d90ac-aa75-4cf8-b14c-58bf348528fe&... Page URL
  2. https://answers.microsoft.com/ HTTP 302
    https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

42
Requests

95 %
HTTPS

85 %
IPv6

9
Domains

14
Subdomains

14
IPs

4
Countries

2226 kB
Transfer

7121 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a HTTP 302
    https://answers.microsoft.com/en-us/site/silentsignin?returnUrl=https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fall%2Fhave-i-been-hacked%2Fbbf22690-6b9f-47b9-9ead-e93a4f5f188a HTTP 302
    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=a81d90ac-aa75-4cf8-b14c-58bf348528fe&redirect_uri=https%3A%2F%2Fanswers.microsoft.com&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DDLlGX1bjOKuA77MZvSbHjKbA3iHl-S1KC7QTCtUmpyVov8tICiHa_k04AEnL3aVTcD_-zJV6dmKjaRE1QTfRv9tW-VBcHLcfQWEQ4TZHYJfBBml3qZHo0cO30Pic-7jU1gd3MXErZwV_7iqt9mh12ZvtZU-YqZKlZm6_woFGRub9oPNPFkDkyK8iQ9c7n4nUwXQs5hdtYe6xOz-yiTpHqEo3PH4OK66h3xC7nbSCRJoAPdX56RJ8LJzNnftHxpIbYHH1vKIoNZpSjm5fpQTILT4oOZPaRnsOy230vgdMebXU8EwCwkwO7EAqCQoFk3TTKeCr-tT0Iy4MPOnPiN8JCg&response_mode=form_post&nonce=638623613957864837.NTFiODZiODAtZmQyMy00NTIxLTlkY2QtNzI4OTYzNGU4NWQyNWI3NWRjZDEtNjY3ZC00YWI1LWEwMmEtZjNkODIxYTdiOTYx&nopa=2&prompt=none&x-client-SKU=ID_NET472&x-client-ver=7.6.0.0 Page URL
  2. https://answers.microsoft.com/ HTTP 302
    https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a HTTP 302
  • https://answers.microsoft.com/en-us/site/silentsignin?returnUrl=https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fall%2Fhave-i-been-hacked%2Fbbf22690-6b9f-47b9-9ead-e93a4f5f188a HTTP 302
  • https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=a81d90ac-aa75-4cf8-b14c-58bf348528fe&redirect_uri=https%3A%2F%2Fanswers.microsoft.com&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DDLlGX1bjOKuA77MZvSbHjKbA3iHl-S1KC7QTCtUmpyVov8tICiHa_k04AEnL3aVTcD_-zJV6dmKjaRE1QTfRv9tW-VBcHLcfQWEQ4TZHYJfBBml3qZHo0cO30Pic-7jU1gd3MXErZwV_7iqt9mh12ZvtZU-YqZKlZm6_woFGRub9oPNPFkDkyK8iQ9c7n4nUwXQs5hdtYe6xOz-yiTpHqEo3PH4OK66h3xC7nbSCRJoAPdX56RJ8LJzNnftHxpIbYHH1vKIoNZpSjm5fpQTILT4oOZPaRnsOy230vgdMebXU8EwCwkwO7EAqCQoFk3TTKeCr-tT0Iy4MPOnPiN8JCg&response_mode=form_post&nonce=638623613957864837.NTFiODZiODAtZmQyMy00NTIxLTlkY2QtNzI4OTYzNGU4NWQyNWI3NWRjZDEtNjY3ZC00YWI1LWEwMmEtZjNkODIxYTdiOTYx&nopa=2&prompt=none&x-client-SKU=ID_NET472&x-client-ver=7.6.0.0

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
authorize
login.microsoftonline.com/common/oauth2/v2.0/
Redirect Chain
  • https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
  • https://answers.microsoft.com/en-us/site/silentsignin?returnUrl=https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fall%2Fhave-i-been-hacked%2Fbbf22690-6b9f-47b9-9ead-e93a4f5f188a
  • https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=a81d90ac-aa75-4cf8-b14c-58bf348528fe&redirect_uri=https%3A%2F%2Fanswers.microsoft.com&response_type=code%20id_token&scope=op...
23 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=a81d90ac-aa75-4cf8-b14c-58bf348528fe&redirect_uri=https%3A%2F%2Fanswers.microsoft.com&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DDLlGX1bjOKuA77MZvSbHjKbA3iHl-S1KC7QTCtUmpyVov8tICiHa_k04AEnL3aVTcD_-zJV6dmKjaRE1QTfRv9tW-VBcHLcfQWEQ4TZHYJfBBml3qZHo0cO30Pic-7jU1gd3MXErZwV_7iqt9mh12ZvtZU-YqZKlZm6_woFGRub9oPNPFkDkyK8iQ9c7n4nUwXQs5hdtYe6xOz-yiTpHqEo3PH4OK66h3xC7nbSCRJoAPdX56RJ8LJzNnftHxpIbYHH1vKIoNZpSjm5fpQTILT4oOZPaRnsOy230vgdMebXU8EwCwkwO7EAqCQoFk3TTKeCr-tT0Iy4MPOnPiN8JCg&response_mode=form_post&nonce=638623613957864837.NTFiODZiODAtZmQyMy00NTIxLTlkY2QtNzI4OTYzNGU4NWQyNWI3NWRjZDEtNjY3ZC00YWI1LWEwMmEtZjNkODIxYTdiOTYx&nopa=2&prompt=none&x-client-SKU=ID_NET472&x-client-ver=7.6.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:d0::6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2a69def9e2d6ef8497a4ee0a4a7778f50caba24380c2b828edc4083c999fb38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9957
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Sep 2024 16:49:55 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.18947.4 - FRC ProdSlices
x-ms-request-id
848d27fa-07f7-4a15-a3f9-6637a3ef2b00
x-ms-srs
1.P

Redirect headers

cache-control
max-age=0, no-cache, no-store no-transform
content-length
0
date
Thu, 19 Sep 2024 16:49:55 GMT
expires
Thu, 19 Sep 2024 16:49:55 GMT
location
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=a81d90ac-aa75-4cf8-b14c-58bf348528fe&redirect_uri=https%3A%2F%2Fanswers.microsoft.com&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DDLlGX1bjOKuA77MZvSbHjKbA3iHl-S1KC7QTCtUmpyVov8tICiHa_k04AEnL3aVTcD_-zJV6dmKjaRE1QTfRv9tW-VBcHLcfQWEQ4TZHYJfBBml3qZHo0cO30Pic-7jU1gd3MXErZwV_7iqt9mh12ZvtZU-YqZKlZm6_woFGRub9oPNPFkDkyK8iQ9c7n4nUwXQs5hdtYe6xOz-yiTpHqEo3PH4OK66h3xC7nbSCRJoAPdX56RJ8LJzNnftHxpIbYHH1vKIoNZpSjm5fpQTILT4oOZPaRnsOy230vgdMebXU8EwCwkwO7EAqCQoFk3TTKeCr-tT0Iy4MPOnPiN8JCg&response_mode=form_post&nonce=638623613957864837.NTFiODZiODAtZmQyMy00NTIxLTlkY2QtNzI4OTYzNGU4NWQyNWI3NWRjZDEtNjY3ZC00YWI1LWEwMmEtZjNkODIxYTdiOTYx&nopa=2&prompt=none&x-client-SKU=ID_NET472&x-client-ver=7.6.0.0
ms-cv
TUZfa2a9FUGdBLTy.0
pragma
no-cache
server
strict-transport-security
max-age=86400 ; includeSubDomains
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
18
x-edgeconnect-origin-mex-latency
20
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
FetchSessions_Core_VRFGv7Cn5qZDpUQIsx-pnA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/FetchSessions_Core_VRFGv7Cn5qZDpUQIsx-pnA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=a81d90ac-aa75-4cf8-b14c-58bf348528fe&redirect_uri=https%3A%2F%2Fanswers.microsoft.com&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DDLlGX1bjOKuA77MZvSbHjKbA3iHl-S1KC7QTCtUmpyVov8tICiHa_k04AEnL3aVTcD_-zJV6dmKjaRE1QTfRv9tW-VBcHLcfQWEQ4TZHYJfBBml3qZHo0cO30Pic-7jU1gd3MXErZwV_7iqt9mh12ZvtZU-YqZKlZm6_woFGRub9oPNPFkDkyK8iQ9c7n4nUwXQs5hdtYe6xOz-yiTpHqEo3PH4OK66h3xC7nbSCRJoAPdX56RJ8LJzNnftHxpIbYHH1vKIoNZpSjm5fpQTILT4oOZPaRnsOy230vgdMebXU8EwCwkwO7EAqCQoFk3TTKeCr-tT0Iy4MPOnPiN8JCg&response_mode=form_post&nonce=638623613957864837.NTFiODZiODAtZmQyMy00NTIxLTlkY2QtNzI4OTYzNGU4NWQyNWI3NWRjZDEtNjY3ZC00YWI1LWEwMmEtZjNkODIxYTdiOTYx&nopa=2&prompt=none&x-client-SKU=ID_NET472&x-client-ver=7.6.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C94) /
Resource Hash
ae95ebc7f7a48f110e33d61414ce33e3e06ac62246fdb27a8cd027f4d371cdbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
zZru9l+ZiZjCpirRGrH+Ug==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCB563CDC60F56
age
3645591
x-ms-version
2009-09-19
x-cache
HIT
date
Thu, 19 Sep 2024 16:49:56 GMT
content-type
application/x-javascript
last-modified
Mon, 05 Aug 2024 15:32:23 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
954782d0-001e-004d-5f8b-e99b22000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
51912
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4C94)
Me.htm
login.live.com/ Frame 99CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/FetchSessions_Core_VRFGv7Cn5qZDpUQIsx-pnA2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=315360000
Content-Encoding
gzip
Content-Length
1399
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Sep 2024 16:49:56 GMT
Expires
Sun, 17 Sep 2034 16:49:56 GMT
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02EPF000276BC V: 0
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-ms-request-id
b727cd11-87f7-4bf2-86fe-1ad9c94ecaca
x-ms-route-info
C507_BL2
favicon.ico
login.microsoftonline.com/ 		0
765 B 		Other
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:d0::6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=a81d90ac-aa75-4cf8-b14c-58bf348528fe&redirect_uri=https%3A%2F%2Fanswers.microsoft.com&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DDLlGX1bjOKuA77MZvSbHjKbA3iHl-S1KC7QTCtUmpyVov8tICiHa_k04AEnL3aVTcD_-zJV6dmKjaRE1QTfRv9tW-VBcHLcfQWEQ4TZHYJfBBml3qZHo0cO30Pic-7jU1gd3MXErZwV_7iqt9mh12ZvtZU-YqZKlZm6_woFGRub9oPNPFkDkyK8iQ9c7n4nUwXQs5hdtYe6xOz-yiTpHqEo3PH4OK66h3xC7nbSCRJoAPdX56RJ8LJzNnftHxpIbYHH1vKIoNZpSjm5fpQTILT4oOZPaRnsOy230vgdMebXU8EwCwkwO7EAqCQoFk3TTKeCr-tT0Iy4MPOnPiN8JCg&response_mode=form_post&nonce=638623613957864837.NTFiODZiODAtZmQyMy00NTIxLTlkY2QtNzI4OTYzNGU4NWQyNWI3NWRjZDEtNjY3ZC00YWI1LWEwMmEtZjNkODIxYTdiOTYx&nopa=2&prompt=none&x-client-SKU=ID_NET472&x-client-ver=7.6.0.0

Response headers

x-ms-srs
1.P
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
private
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-ests-server
2.1.18947.4 - SEC ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
X-Content-Type-Options
nosniff
x-ms-request-id
80c75c03-5a79-43a3-91cd-c0adf5903000
Referrer-Policy
strict-origin-when-cross-origin
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
0
X-XSS-Protection
0
Date
Thu, 19 Sep 2024 16:49:56 GMT
Primary Request bbf22690-6b9f-47b9-9ead-e93a4f5f188a
answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/
Redirect Chain
  • https://answers.microsoft.com/
  • https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
429 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:bae::3432 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d03ee6161a7d9303d88f2a588c88d3e5a91758c8abdbe60a544ac78067241d78
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store no-transform
content-encoding
gzip
content-security-policy-report-only
default-src 'none';block-all-mixed-content;base-uri 'none';connect-src 'self' https://*.microsoft.com https://*.msn.com https://*.gfx.ms data:;font-src 'self' https://*.microsoft.com https://*.s-microsoft.com https://*.sharepointonline.com https://answers-static-gvc7bde3gygjg5ed.z01.azurefd.net data:;frame-src 'self' https://*.microsoft.com https://*.sharepointonline.com https://*.microsoftonline.com https://*.msftauth.net https://*.gfx.ms https://login.live.com https://answersstaticfilecdnv2.azureedge.net; img-src 'self' https://statics-marketingsites-wcus-ms-com.akamaized.net https://img-prod-cms-rt-microsoft-com.akamaized.net https://*.microsoft.com https://answersstaticfilecdnv2.azureedge.net data:;script-src 'self' https://*.microsoft.com https://*.azure.com https://*.msftauth.net https://*.gfx.ms 'unsafe-inline' 'report-sample' blob:;script-src-elem 'self' https://*.microsoft.com https://*.azure.com https://*.msftauth.net https://*.gfx.ms 'unsafe-inline' 'report-sample' blob: https://consentdeliveryfd.azurefd.net;style-src 'self' https://statics-marketingsites-wcus-ms-com.akamaized.net https://img-prod-cms-rt-microsoft-com.akamaized.net.net https://*.microsoft.com 'unsafe-inline' 'report-sample';style-src-elem 'self' https://statics-marketingsites-wcus-ms-com.akamaized.net https://img-prod-cms-rt-microsoft-com.akamaized.net.net https://*.microsoft.com 'unsafe-inline' 'report-sample' data:;form-action 'self';object-src 'self';frame-ancestors 'self';report-uri https://csp.microsoft.com/report/Answers-PROD;
content-type
text/html; charset=utf-8
date
Thu, 19 Sep 2024 16:49:57 GMT
expires
Thu, 19 Sep 2024 16:49:57 GMT
ms-cv
TXhQEQvqa0aaKhA1+nqGAQ.0
pragma
no-cache
server
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
22
x-edgeconnect-origin-mex-latency
661
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0, no-cache, no-store no-transform
content-length
0
date
Thu, 19 Sep 2024 16:49:56 GMT
expires
Thu, 19 Sep 2024 16:49:56 GMT
location
https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
ms-cv
yGAHj7wbHUGWn6ppUihsXw.0
pragma
no-cache
server
strict-transport-security
max-age=86400 ; includeSubDomains
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
18
x-edgeconnect-origin-mex-latency
4
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
ca-ae3ce4
www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/43-5a5ab8/ 		167 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/43-5a5ab8/ca-ae3ce4?ver=2.0&_cf=02242021_3231
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:bb1::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
928acfba36ccd911340d2753db52423f0c7f6feaa72824e2a1ef6f5667ed4a71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

ms-cv-esi
CASMicrosoftCV20600c87.0
content-encoding
gzip
ms-cv
CASMicrosoftCV20600c87.0
x-content-type-options
nosniff
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
expires
Sat, 17 May 2025 23:14:49 GMT
x-activity-id
4bef69e3-58e9-49f7-b96a-65e940a1eafb
p3p
CP="CAO CONi OTR OUR DEM ONL"
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 17 May 2024 23:14:49 GMT
vary
Accept-Encoding
ms-operation-id
92da3ae45455b8408e2ecd5a9c63b1c0
x-s1
2024-05-17T23:14:49
strict-transport-security
max-age=31536000
cache-control
public, max-age=20759092
x-s2
2024-05-17T23:14:49
timing-allow-origin
*
x-rtag
RT
x-appversion
1.0.8902.7328
accept-ranges
bytes
access-control-allow-origin
*
content-length
22747
x-xss-protection
1; mode=block
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odwestcentralus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-05-16T12:04:16.0000000Z}
x-azure-ref
20240517T231525Z-1675f555588stqn4r0g95k9tr000000000qg00000000fs0a
tls_version
tls1.3
bundle.thread-view-mwfv3.1.0.4.237.min.css
answers-afd.microsoft.com/static/css/mwf/bundle/ 		886 KB
157 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/css/mwf/bundle/bundle.thread-view-mwfv3.1.0.4.237.min.css
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dff0eabd1cb0eb44ca0c3328eb4e190f678699810a96891108ba0d3373247281

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgb1
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
feda3ef2-301e-0004-5b7e-0a12ea000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
text/css
vary
Accept-Encoding, Origin
last-modified
Tue, 20 Aug 2024 18:33:40 GMT
bundle.thread-list-no-kendo.1.0.4.237.min.css
answers-afd.microsoft.com/static/css/mwf/bundle/ 		65 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/css/mwf/bundle/bundle.thread-list-no-kendo.1.0.4.237.min.css
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0975655133c16a8e2adedec203f3bfdd46e0a540f488bbdb6636c4f64d5dc14f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgb2
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
50785133
x-ms-request-id
fee78c88-301e-0004-6083-0a12ea000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
text/css
vary
Accept-Encoding, Origin
last-modified
Tue, 20 Aug 2024 18:33:45 GMT
moray-mwf2.main.1.0.4.237.min.css
answers-afd.microsoft.com/static/css/mwf2/ 		308 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/css/mwf2/moray-mwf2.main.1.0.4.237.min.css
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dbf59490ebcc2d95794328f176f73688eb1972eaba8a234b3b9a6e20e784b760

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgb3
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
50785133
x-ms-request-id
6553fb8f-f01e-008d-5c83-0aa83f000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
text/css
vary
Accept-Encoding, Origin
last-modified
Tue, 20 Aug 2024 18:33:44 GMT
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-activityid
35c8cc41-a188-4e76-9936-61fee7f3ef6f
cache-control
public, max-age=127572
timing-allow-origin
*
x-datacenter
eastus
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
expires
Sat, 21 Sep 2024 04:16:09 GMT
access-control-allow-origin
*
x-source-length
4054
content-length
4054
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
date
Thu, 19 Sep 2024 16:49:57 GMT
x-resizerversion
1.0
last-modified
Wed, 11 Sep 2024 16:14:49 GMT
content-type
image/png
x-frame-options
DENY
91589b5d-c1f8-486a-8907-e4994e6e2080
filestore.community.support.microsoft.com/api/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filestore.community.support.microsoft.com/api/images/91589b5d-c1f8-486a-8907-e4994e6e2080?upload=true&fud_access=wJJIheezUklbAN2ppeDns8cDNpYs3nCYjgitr%2BfFBh2dqlqMuW7np3F6Utp%2FKMltnRRYFtVjOMO5tpbpW9UyRAwvLeec5emAPixgq9ta07Dgnp2aq5eJbnfd%2FU3qhn54yZpKWlvhoKxxvPzshPIu%2FvFp5ysR3q%2BndI1MTHuJHyURy%2BE%2F8DoNx1%2B8gUWgOPsG2xkhc%2Fqh%2FAErWFB9CFomKhN%2F0etVD2URAWCH1zOwps9oeczbcyATroRPuvppMXrZlQHg9IYiz10ZIwAuPl2NPSOp70XeWumMgXT3mbPXEqomytZrue7FaQtXJKJUo%2B0tDBfe20V%2FIUfg2IDYjViS2XxZnxyHIE5gSjeLGh89Z1jOQD9qxITCivFy5%2BWf10Jqm2T9AtRYarDpgl%2BMktWAl%2BhVNc3XlA1tz5n%2Fx7NoDZA%3D
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
14eeae048c9bdf437e97722b2e7de50b74747411da6b10f2a072d0f0a049e9a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

correlationid
cache-control
no-cache
pragma
no-cache
ms-cv
512WHHm1FUKd88CrbV/vdA.0
serverinfo
DB5P-DB5C30
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
9194
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
image/png
x-azure-ref
20240919T164957Z-15f966665cfvwmclnvdm8wxkgw000000024g00000000c4n9
inreplyto.svg
answers-afd.microsoft.com/static/images/ 		242 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://answers-afd.microsoft.com/static/images/inreplyto.svg
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
41ab929756123c1ec0a9f778fc98429de6ed7b33b0dda0876816c6c21a8c91f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgb4
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCD85B69A6B8B5
x-fd-int-roxy-purgeid
50785133
x-ms-request-id
201d7928-d01e-0023-2283-0a052e000000
accept-ranges
bytes
x-cache
TCP_HIT
content-length
242
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
image/svg+xml
last-modified
Thu, 19 Sep 2024 03:30:30 GMT
vary
Origin
x-ms-blob-type
BlockBlob
jquery-3.6.0.min.js
answers-afd.microsoft.com/static/js/lib/jquery/ 		105 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/js/lib/jquery/jquery-3.6.0.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
528a1886f07e7777a6ee359f49155202a3ca8670e7f8feb399ca186a8bf80ac6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgbr
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
50785133
x-ms-request-id
ac37545f-001e-0052-0e7e-0ae305000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Thu, 19 Sep 2024 03:31:02 GMT
jquery-migrate-3.0.0.min.js
answers-afd.microsoft.com/static/js/lib/jquery/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/js/lib/jquery/jquery-migrate-3.0.0.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8c2669cd92da7fbb351be4287c3ea7b99599948a07431b80ec630570b87cf174

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgbx
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
50785133
x-ms-request-id
3242bdec-f01e-009d-4583-0a6d57000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Thu, 19 Sep 2024 03:31:10 GMT
purify.min.js
answers-afd.microsoft.com/static/js/lib/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/js/lib/purify.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f52af6168a33ee031281e3ff3f72323ff6a993d960978b8d778641366b09869

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgby
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
38499b5b-401e-0053-787e-0abcd9000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Thu, 19 Sep 2024 03:31:04 GMT
ms.analytics-web-4.min.js
js.monitor.azure.com/scripts/c/ 		154 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.analytics-web-4.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
46e6bd20237858fd5dcdf1be0a58104bdff9f04d538b68da0f6988b749940ec5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954dd6pf4z03fb8u4g00000000xg000000009kvv
cache-control
no-transform, public, max-age=1800, immutable
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.analytics-web-4.3.2.min.js
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
0926a5eb-901e-008f-3f31-09a42b000000
x-ms-meta-jssdkver
4.3.2
access-control-allow-origin
*
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 16 Sep 2024 18:19:55 GMT
wcp-consent.js
consentdeliveryfd.azurefd.net/mscc/lib/v2/ 		273 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consentdeliveryfd.azurefd.net/mscc/lib/v2/wcp-consent.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

content-md5
X1JOIM5h9UISVFS6+GfEew==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DA85F6EA62BF74
age
41739
x-ms-version
2009-09-19
x-cache
CONFIG_NOCACHE
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
application/javascript
last-modified
Wed, 24 Aug 2022 17:34:36 GMT
vary
Accept-Encoding
cache-control
max-age=43200
x-ms-request-id
584ed678-a01e-00d9-6452-0a55c4000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
81726
x-ms-blob-type
BlockBlob
x-azure-ref
20240919T164957Z-185bbb44954x8pbxg21fxwvbvs00000001t0000000015yza
bundle.thread-view.1.0.4.237.min.js
answers-afd.microsoft.com/static/js/bundle/ 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/js/bundle/bundle.thread-view.1.0.4.237.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7e61f27eab2b28be3e88c0d8a22b0c947c2a0dfc025605d09d31a35ce0be94ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgbz
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
5f3c2712-701e-0015-1372-0a885e000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Tue, 20 Aug 2024 18:33:45 GMT
moray-mwf2.bundle.1.0.4.237.min.js
answers-afd.microsoft.com/static/js/mwf2/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/js/mwf2/moray-mwf2.bundle.1.0.4.237.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3808a0539f5e942c52adaa45c2b021165a51e5e0056dded7a34c119d4d1b3bce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgc0
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
89cabf03-201e-009e-7872-0a8c33000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Tue, 20 Aug 2024 18:33:43 GMT
editor.1.0.4.237.min.js
answers-afd.microsoft.com/static/js/react/ 		2 MB
835 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/js/react/editor.1.0.4.237.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e810abe895bbd4f3996c11181c939641327b399f873fdfce5f0f9b20b8a96b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgc1
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
50785133
x-ms-request-id
a1f0703c-001e-0020-7c83-0ae44a000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Tue, 20 Aug 2024 18:33:45 GMT
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/ 		273 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

content-md5
X1JOIM5h9UISVFS6+GfEew==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DA85F6EA62BF74
age
24955
x-ms-version
2009-09-19
x-cache
CONFIG_NOCACHE
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
application/javascript
last-modified
Wed, 24 Aug 2022 17:34:36 GMT
vary
Accept-Encoding
cache-control
max-age=43200
x-ms-request-id
55ac9109-001e-00b0-3479-0a8116000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
81726
x-ms-blob-type
BlockBlob
x-azure-ref
20240919T164957Z-185bbb44954bj56qrg4t9xtnaw00000001u000000000xvs9
2b-8e0ae6
www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9... 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/54-af9f9f/d4-fb1f57/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/f9-a5b2ce/db-bc0148/dc-7e9864/6d-c07ea1/6f-dafe8c/f6-aa5278/73-a24d00/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/d0-e64f3e/92-10345d/79-499886/7e-cda2d3/58-ab4971/ca-108466/e0-3c9860/de-884374/1f-100dea/33-abe4df/2b-8e0ae6?ver=2.0&_cf=02242021_3231&iife=1
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:bb1::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a1fe019388875b696edb373b51a51c0a8e3bad52cd489617d042c0722bdb1e48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

ms-cv-esi
CASMicrosoftCV20600cbd.0
content-encoding
gzip
ms-cv
CASMicrosoftCV20600cbd.0
x-content-type-options
nosniff
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
expires
Sat, 17 May 2025 23:14:30 GMT
x-activity-id
ef85b096-5950-4070-8b3f-f17752cc5e89
p3p
CP="CAO CONi OTR OUR DEM ONL"
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 17 May 2024 23:14:30 GMT
vary
Accept-Encoding
ms-operation-id
e8e3bc89f5a0f248b72c74098559a770
x-s1
2024-05-17T23:14:30
strict-transport-security
max-age=31536000
cache-control
public, max-age=20759073
x-s2
2024-05-17T23:14:30
timing-allow-origin
*
x-rtag
RT
x-appversion
1.0.8902.7328
accept-ranges
bytes
access-control-allow-origin
*
content-length
36102
x-xss-protection
1; mode=block
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odwestcentralus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-05-16T12:04:16.0000000Z}
x-azure-ref
20240517T231525Z-1675f555588rp56zfbrcf26fc400000001h0000000012tx4
tls_version
tls1.3
meversion
mem.gfx.ms/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=MSAnswers&market=en-us&uhf=1
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9c38d3b5b80698c9749fbcb7275f5f6c3b3fd46b35546a87589ffbd489baf1fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, no-transform, max-age=43200
content-encoding
br
x-fd-int-roxy-purgeid
38334287
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 02:45:53 GMT
access-control-allow-origin
*
x-cache
TCP_HIT
x-ua-compatible
IE=edge
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
application/javascript
vary
Accept-Encoding
x-azure-ref
20240919T164957Z-185bbb4495449b5h472t097yn000000000rg00000001rg7p
RememberedAccounts.1.0.4.237.min.js
answers-afd.microsoft.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/js/RememberedAccounts.1.0.4.237.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bfd0ed30bff483dcf953da5806d86803f73607e82a2e0cc85b546bd5d2fb458f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgc2
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
fd7c7be1-d01e-008a-0a72-0ac45c000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Tue, 20 Aug 2024 18:33:43 GMT
ucsCreativeService.1.0.4.237.min.js
answers-afd.microsoft.com/static/js/ 		554 KB
225 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/js/ucsCreativeService.1.0.4.237.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e8cb94e51f938396c62aab378e9cceb8d94c008730084188aac207e8151697e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgc3
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
50785133
x-ms-request-id
6553f893-f01e-008d-4883-0aa83f000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Tue, 20 Aug 2024 18:33:45 GMT
banner.1.0.4.237.min.js
answers-afd.microsoft.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/js/banner.1.0.4.237.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d718e116e5e99b58f6207140c8d477138417cfaff0aa29dc4ead3115692d06c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164957Z-185bbb44954vhqz86mz51xy22000000000sg00000001dgc4
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
50785133
x-ms-request-id
414e9167-301e-0014-3683-0ad782000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
x-ms-blob-type
BlockBlob
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Tue, 20 Aug 2024 18:33:42 GMT
mwfmdl2-v2.81.woff2
www.microsoft.com/mwf/_h/v2.81/mwf.app/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/_h/v2.81/mwf.app/fonts/mwfmdl2-v2.81.woff2
Requested by
Host: answers-afd.microsoft.com
URL: https://answers-afd.microsoft.com/static/css/mwf/bundle/bundle.thread-view-mwfv3.1.0.4.237.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:bb1::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
42c8697c004ced79b2c06adf4111db0bda0da08527b97e83f53f4622bca9091b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://answers.microsoft.com
Referer
https://answers-afd.microsoft.com/

Response headers

ms-cv
CASMicrosoftCV20600cde.0
x-content-type-options
nosniff
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
expires
Fri, 17 Jan 2025 19:14:52 GMT
x-activity-id
cd92b9cc-2a7e-49e4-887d-fead09fa6bcb
p3p
CP="CAO CONi OTR OUR DEM ONL"
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
application/font-woff2
last-modified
Thu, 18 Jan 2024 19:14:52 GMT
ms-operation-id
c7216efa5b671c40983af62e9062c93b
strict-transport-security
max-age=31536000
cache-control
public, max-age=10376695
x-rtag
RT
x-appversion
1.0.8745.29656
access-control-allow-origin
*
content-length
17448
x-xss-protection
1; mode=block
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-12-12T00:28:32.0000000Z}
ms-cv-esi
CASMicrosoftCV20600cde.0
tls_version
tls1.3
MWFFluentIcons.woff2
answers-afd.microsoft.com/static/fonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/fonts/MWFFluentIcons.woff2
Requested by
Host: answers-afd.microsoft.com
URL: https://answers-afd.microsoft.com/static/css/mwf2/moray-mwf2.main.1.0.4.237.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
528961b18c15d0350ad5635713e448c83f2faf991176211e5546d35d62cf5faf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://answers.microsoft.com
Referer
https://answers-afd.microsoft.com/static/css/mwf2/moray-mwf2.main.1.0.4.237.min.css

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCD85B7DE38417
x-fd-int-roxy-purgeid
50785133
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
font/woff2
last-modified
Thu, 19 Sep 2024 03:31:04 GMT
vary
Origin
access-control-allow-credentials
true
x-ms-request-id
fe07cfc7-d01e-008a-3ba2-0ac45c000000
accept-ranges
bytes
access-control-allow-origin
https://answers.microsoft.com
content-length
32372
x-azure-ref
20240919T164957Z-185bbb44954wdfsvt6tp62bhuw00000000y000000000521g
x-ms-blob-type
BlockBlob
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/semibold/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/semibold/latest.woff2
Requested by
Host: answers-afd.microsoft.com
URL: https://answers-afd.microsoft.com/static/css/mwf2/moray-mwf2.main.1.0.4.237.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f86::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://answers.microsoft.com
Referer
https://answers-afd.microsoft.com/

Response headers

cache-control
public, max-age=468005
etag
"5b68d583e9c7d51:0"
access-control-allow-methods
GET,POST
expires
Wed, 25 Sep 2024 02:50:02 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
29388
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
font/woff2
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/1b-9d8ed9/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/43-5a5ab8/ca-ae3ce4?ver=2.0&_cf=02242021_3231
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f86::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://answers.microsoft.com
Referer
https://www.microsoft.com/

Response headers

cache-control
public, max-age=414527
etag
"588d483e9c7d51:0"
access-control-allow-methods
GET,POST
expires
Tue, 24 Sep 2024 11:58:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
34052
date
Thu, 19 Sep 2024 16:49:57 GMT
content-type
font/woff2
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
ms.shared.analytics.mectrl-3.gbl.min.js
js.monitor.azure.com/scripts/c/ 		90 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.gbl.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSAnswers&market=en-us&uhf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a790b6c0d26d7a4d292cb27f992eafaff42c37e9318b2ab704207039127fcb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://answers.microsoft.com
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164958Z-185bbb44954g94dz1861kygp9g00000000yg0000000013vk
cache-control
no-transform, public, max-age=1800, immutable
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.shared.analytics.mectrl-3.2.18.gbl.min.js
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
42743c24-f01e-0007-03cd-094cf9000000
x-ms-meta-jssdkver
3.2.18
access-control-allow-origin
*
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:58 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 01 Jul 2024 17:02:58 GMT
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.24228.4/en-US/ 		207 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.24228.4/en-US/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSAnswers&market=en-us&uhf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
906a3b2a89aa06a9c0da125fbf248d1f9fd188511b44d4822d9e3fcfd28197e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://answers.microsoft.com
Referer
https://answers.microsoft.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
20240919T164958Z-185bbb44954vhqz86mz51xy22000000000y0000000004qug
content-encoding
br
etag
W/"1daf52360f10482"
x-fd-int-roxy-purgeid
38334287
x-content-type-options
nosniff
access-control-allow-origin
*
x-cache
TCP_HIT
x-ua-compatible
IE=edge
date
Thu, 19 Sep 2024 16:49:58 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 22 Aug 2024 23:12:06 GMT
savedusers
login.microsoftonline.com/ Frame B17A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/savedusers?appid=a81d90ac-aa75-4cf8-b14c-58bf348528fe&wreply=https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fall%2Fhave-i-been-hacked%2Fbbf22690-6b9f-47b9-9ead-e93a4f5f188a&uaid=ddeae6a3-ce4e-472a-298e-4edba0cd0df4&partnerId=msanswers&idpflag=proxy
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.24228.4/en-US/meBoot.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:d8::7 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://answers.microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
1386
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Sep 2024 16:49:57 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.18947.4 - WEULR1 ProdSlices
x-ms-request-id
2a262653-3947-40d9-a28a-4b146cbb2c00
x-ms-srs
1.P
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
mwf-main.var.1.53.1.min.js
answers-afd.microsoft.com/static/js/mwf/ 		340 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answers-afd.microsoft.com/static/js/mwf/mwf-main.var.1.53.1.min.js
Requested by
Host: answers-afd.microsoft.com
URL: https://answers-afd.microsoft.com/static/js/lib/jquery/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6cf921cf7bd161d84348d6b5759cbffac4255e9df3c631031543d40e06a4f70c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/

Response headers

x-azure-ref
20240919T164958Z-185bbb44954vhqz86mz51xy22000000000sg00000001dggg
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
50785133
x-ms-request-id
ec6cdbed-d01e-000c-2f83-0a08e5000000
x-cache
TCP_HIT
date
Thu, 19 Sep 2024 16:49:58 GMT
x-ms-blob-type
BlockBlob
content-type
application/x-javascript
vary
Accept-Encoding, Origin
last-modified
Thu, 19 Sep 2024 03:31:05 GMT
addthreadviewcountasync
answers.microsoft.com/en-us/contentstatisticsspark/ 		807 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://answers.microsoft.com/en-us/contentstatisticsspark/addthreadviewcountasync?id=bbf22690-6b9f-47b9-9ead-e93a4f5f188a&forum=cacb25ef-5e2a-e011-8a67-d8d385dcbb12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:bae::3432 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a

Response headers

ms-cv
C1D5WGGTF0SYnQ/b+s5itA.0
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 16:49:59 GMT
x-ua-compatible
IE=edge
date
Thu, 19 Sep 2024 16:49:59 GMT
content-type
image/gif
content-disposition
attachment; filename=PageStatistics.gif
strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=0, no-cache, no-store, no-transform
pragma
no-cache
content-security-policy-report-only
default-src 'none';block-all-mixed-content;base-uri 'none';connect-src 'self' https://*.microsoft.com https://*.msn.com https://*.gfx.ms data:;font-src 'self' https://*.microsoft.com https://*.s-microsoft.com https://*.sharepointonline.com https://answers-static-gvc7bde3gygjg5ed.z01.azurefd.net data:;frame-src 'self' https://*.microsoft.com https://*.sharepointonline.com https://*.microsoftonline.com https://*.msftauth.net https://*.gfx.ms https://login.live.com https://answersstaticfilecdnv2.azureedge.net; img-src 'self' https://statics-marketingsites-wcus-ms-com.akamaized.net https://img-prod-cms-rt-microsoft-com.akamaized.net https://*.microsoft.com https://answersstaticfilecdnv2.azureedge.net data:;script-src 'self' https://*.microsoft.com https://*.azure.com https://*.msftauth.net https://*.gfx.ms 'unsafe-inline' 'report-sample' blob:;script-src-elem 'self' https://*.microsoft.com https://*.azure.com https://*.msftauth.net https://*.gfx.ms 'unsafe-inline' 'report-sample' blob: https://consentdeliveryfd.azurefd.net;style-src 'self' https://statics-marketingsites-wcus-ms-com.akamaized.net https://img-prod-cms-rt-microsoft-com.akamaized.net.net https://*.microsoft.com 'unsafe-inline' 'report-sample';style-src-elem 'self' https://statics-marketingsites-wcus-ms-com.akamaized.net https://img-prod-cms-rt-microsoft-com.akamaized.net.net https://*.microsoft.com 'unsafe-inline' 'report-sample' data:;form-action 'self';object-src 'self';frame-ancestors 'self';report-uri https://csp.microsoft.com/report/Answers-PROD;
content-length
807
x-xss-protection
1; mode=block
server
x-edgeconnect-midmile-rtt
18
x-edgeconnect-origin-mex-latency
24
savedusers
login.microsoftonline.com/ Frame 98C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/savedusers?appid=a81d90ac-aa75-4cf8-b14c-58bf348528fe&wreply=https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fall%2Fhave-i-been-hacked%2Fbbf22690-6b9f-47b9-9ead-e93a4f5f188a&uaid=ddeae6a3-ce4e-472a-298e-4edba0cd0df4&partnerId=msanswers&idpflag=proxy
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.24228.4/en-US/meBoot.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:d8::7 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://answers.microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
1386
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Sep 2024 16:49:58 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.18947.4 - FRC ProdSlices
x-ms-request-id
6cb6d1ce-b236-4bb9-91e3-2abffb611a00
x-ms-srs
1.P
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.24228.4/en-US/ 		98 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.24228.4/en-US/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSAnswers&market=en-us&uhf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a5268a183f2a091d2d17773997e89a25fc45cbd60e586edf61f544fb85d6f6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://answers.microsoft.com
Referer
https://answers.microsoft.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
20240919T164958Z-185bbb44954vhqz86mz51xy22000000000y0000000004qxb
content-encoding
br
etag
W/"1daf5236222e5a1"
x-fd-int-roxy-purgeid
0
x-content-type-options
nosniff
access-control-allow-origin
*
x-cache
TCP_HIT
x-ua-compatible
IE=edge
date
Thu, 19 Sep 2024 16:49:58 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 22 Aug 2024 23:12:08 GMT
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.6 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://answers.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://answers.microsoft.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 19 Sep 2024 16:49:59 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
mecache
mem.gfx.ms/me/ Frame E838 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/me/mecache?partner=msanswers&wreply=https%3A%2F%2Fanswers.microsoft.com
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.24228.4/en-US/meBoot.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://answers.microsoft.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://answers.microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
public, no-transform, max-age=43200
content-encoding
br
content-security-policy
frame-ancestors https://answers.microsoft.com;
content-type
text/html; charset=utf-8
date
Thu, 19 Sep 2024 16:49:59 GMT
expires
Thu, 19 Sep 2024 22:43:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-azure-ref
20240919T164959Z-185bbb44954vhqz86mz51xy22000000000xg000000008kq0
x-cache
TCP_HIT
x-content-type-options
nosniff
x-fd-int-roxy-purgeid
38334287
x-ua-compatible
IE=edge
favicon.ico
answers.microsoft.com/ 		5 KB
647 B 		Other
General
Check archive.org
Download Go to
Full URL
https://answers.microsoft.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:bae::3432 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f35fe126f90cecbb6addd79308e296e8409dbebf6bc589c31749e67713e9bb3c
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a

Response headers

content-encoding
gzip
etag
"014431429f3da1:0"
ms-cv
D8BdH9DYJkWpcveXG+UByg.0
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 01:48:25 GMT
x-ua-compatible
IE=edge
date
Thu, 19 Sep 2024 16:49:59 GMT
content-type
image/x-icon
last-modified
Tue, 20 Aug 2024 17:47:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=32306, no-transform
accept-ranges
bytes
content-length
335
x-xss-protection
1; mode=block
server
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Answers function| resolveForumLogoFallback function| checkThirdPartyAdsOptOutCookie function| getCookie function| $ function| jQuery function| DOMPurify object| oneDS4 object| oneDS object| __tsUtils$gblCfg object| __dynProto$Gbl function| WcpConsent function| mscc function| getGpcDataSharingOptIn object| siteConsent object| analytics function| isElementVisisbleInViewport function| onFooterVisibleInViewPort boolean| answersResDefined boolean| answersUtilDefined object| mwf2 object| webpackJsonp function| MscomCustomEvent object| onDSGlobal string| referrer object| props string| pageName string| pageType string| product string| market string| requestUri object| overrideValues object| MSA object| MeControl function| MeControlDefine function| MeControlImport function| setImmediate function| clearImmediate object| regeneratorRuntime object| UcsCreative object| msCommonShell object| oneDsMeControl3 object| oneDsMeControl object| mwf object| html5 object| Modernizr object| picturefillCFG function| picturefill function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault

19 Cookies

Domain/Path Name / Value
.answers.microsoft.com/ Name: cap_f
Value: smc-survey-feat-1|smc-survey-elg-1|filterexposuretest|ce-aatest-1|smc-clicktale|vafx-enginev2-1|sps-awa-fix-1|vafx-proxybot-1|vafx-mts-french-azure-1|vafx-mts-german-1|vafx-mts-hungarian-1|vafx-mts-czech-1|vafx-mts-turkish-1|vafx-mts-korean-1|vafx-mts-polish-1|vafx-mts-dutch-1|vafx-mts-italian-1|vafx-mts-russian-1|vafx-mts-danish-1|vafx-mts-norwegian-1|vafx-mts-arabic-1|vafx-mts-swedish-1|vafx-mts-portuguese-1|amc-bannertelemetry-1|thopo-testprog-other|amc-quicksearch-1|vafx-darkmode-1|amc-mod-translator|amc-enable-ucs-1|amc-transtoken-1|amc-forumos|amc-default-profile|amc-time-out-9|amc-move|amc-csp|amc-openai-answer|amc-extimage-1|5e9a0974|amc-dbsize-1|amc-msglimit-1|amc-react-home-1|amc-savedictionaryitemcosmosflight|amc-saveforumcosmosflight|amc-saveuseractivitylogcosmosonlyflight|amc-saveprofilecountercosmosflight|amc-cvsacturl-1|amc-reportglass-1|amc-azuremaps-1
.answers.microsoft.com/ Name: answers_sid
Value: 1b265ab6-7fb3-4d00-b9c9-54cedad379b7
.answers.microsoft.com/ Name: community.silentsignin
Value:
.answers.microsoft.com/ Name: community.silentsignin.returnUrl
Value: https://answers.microsoft.com/en-us/windows/forum/all/have-i-been-hacked/bbf22690-6b9f-47b9-9ead-e93a4f5f188a
.answers.microsoft.com/ Name: Answers.SsoReferringUrl
Value:
answers.microsoft.com/ Name: OpenIdConnect.nonce.8z%2FiPEpmmJVb9WEXfmaskVD3rzpgKyJlm0AkGYKjBx4%3D
Value: R0lKT0ZyU3ZTQVNPWl9SQXpiTWFUVWEyR0hmcEpmbXBDVTFKdFM2QzktUXc4TGFOVXhMXzJWYTgyUkduLXdqei1qUmt5NmpmX28wRW5sY1FDeWN1NjNvNkllWjI1SnNKeDJIOGs4dmdyc2lwQkJyUHAwQzhpX1ZJSkFRRk1LcFR4ZjVaZ1RjOVVTdk02VDducjBBblp5cHBqdTNLWWVLWjZWSzJTdzB2bnhMSUR0dFB6aEtTQXI3cWVERTU3VlMwbjVlalhRVUFSTFVyc1BoWV9QcFVPRncwTGV6NFJRRnBwbEZtVUs2QkVnVQ%3D%3D
login.microsoftonline.com/ Name: buid
Value: 0.AQYAMe_N-B6jSkuT5F9XHpElWqyQHah1qvhMsUxYvzSFKP4BAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYrpBBIDT8oPKPN9a-ON1t0fR8vGgIzQzwStfeXr77Oy_md1wJnWvKEg_Hv1PTKIOoFsLnC9b9yVSAzXCY_THm5US63lsynY4tLn3JXKmkvdsgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYDxxonDHs_wYYkKAhywhiFEpSkjs7CJFK30SQfR8lvyF57GezA2dSSUFWHtpS20sghdoVYjiM84H_INd6TuSLeLTOoHiDw3PoKYeuaUu9TK152W_SJZG9lskVb3CxeutEpHzFjbe4hsl4arMtsVoAyHFb87CfBiOhKaC2K5n1FvYgAA
.login.microsoftonline.com/ Name: esctx-b5krSWTpHo
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYtUK-UpmBnIOOtapr2SVnWC1f_CmcNxLuE22Orsbgykj0IQndZhK7xEuone4r8jFKHzQnwWh97Mmny2hXGLNE0itmWcJflW3J0fwlt2kLLbvD5OZXc2Yq6-ZXLtRhJjcOhGVrDsT8nlp2VggOtuV7GCAA
login.microsoftonline.com/ Name: fpc
Value: AlTU8PeolwVFqOMt6kPdq1xUbUL7AQAAADNNft4OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
answers.microsoft.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 09cd6c2d-49ff-4f79-ad97-21b092385cba
answers.microsoft.com/ Name: answerstzo
Value: -120
answers.microsoft.com/ Name: ai_session
Value: UAYbNCOzQfYRESRiCuxY2t|1726764598018|1726764598222
.answers.microsoft.com/ Name: cap_t
Value: 2024-09-19T16:49:58.9851892Z
.login.live.com/ Name: uaid
Value: 294a4fa31cb047799f77ae5988cc1837
.login.live.com/ Name: MSPRequ
Value: id=12&lt=1726764599&co=1
.login.live.com/ Name: OParams
Value: 11O.DnQYB7RuJJja0cxXVkRuNU4vnw4dAzNXACvFA45VfDYn3sg3!DSxi0fPcJrDrftGlftxg4Q3gJeStwS2ZGQmF!NxbgpxTMn0sb*!OKeqbmav!SnzOEHR3*zZhiWsjEvQJHdfScp56XhYualQDm9!J44BG7GMjkWzRW!9o5IjX0qHJSeGx2!1rD1JZfRpnvrv4xnnLqpoDeC9W56skVhLAi7sqHFUfyysllzMZ7w3z0hQ0XhWiMtaUl7Cxlx1TmRx8g1D4HUsQKgCxx3Giw6p5YE!AZ1j13e3bT2NIuvCjo8xGcPyLVZBB9AuszCO!XjBO9bUwSc9Qtv0ak3iWSN4BbDliBXOs1hDcBJzf47vrjs9jO4ytBIbdJ25AMmmm9I1eQ$$

1 Console Messages

Source Level URL
Text
network error URL: https://login.microsoftonline.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
answers-afd.microsoft.com
answers.microsoft.com
browser.events.data.microsoft.com
c.s-microsoft.com
consentdeliveryfd.azurefd.net
filestore.community.support.microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
login.live.com
login.microsoftonline.com
mem.gfx.ms
wcpstatic.microsoft.com
www.microsoft.com
browser.events.data.microsoft.com
20.189.173.6
20.190.160.17
2603:1026:3000:d0::6
2603:1027:1:d8::7
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:29:1::45
2620:1ec:bdf::42
2620:1ec:bdf::45
2620:1ec:bdf::60
2a02:26f0:480:15::213:7e62
2a02:26f0:480:bae::3432
2a02:26f0:480:bb1::356e
2a02:26f0:480:f86::356e
0975655133c16a8e2adedec203f3bfdd46e0a540f488bbdb6636c4f64d5dc14f
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
14eeae048c9bdf437e97722b2e7de50b74747411da6b10f2a072d0f0a049e9a2
3808a0539f5e942c52adaa45c2b021165a51e5e0056dded7a34c119d4d1b3bce
3a790b6c0d26d7a4d292cb27f992eafaff42c37e9318b2ab704207039127fcb8
41ab929756123c1ec0a9f778fc98429de6ed7b33b0dda0876816c6c21a8c91f8
42c8697c004ced79b2c06adf4111db0bda0da08527b97e83f53f4622bca9091b
46e6bd20237858fd5dcdf1be0a58104bdff9f04d538b68da0f6988b749940ec5
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
528961b18c15d0350ad5635713e448c83f2faf991176211e5546d35d62cf5faf
528a1886f07e7777a6ee359f49155202a3ca8670e7f8feb399ca186a8bf80ac6
5e8cb94e51f938396c62aab378e9cceb8d94c008730084188aac207e8151697e
6cf921cf7bd161d84348d6b5759cbffac4255e9df3c631031543d40e06a4f70c
6d718e116e5e99b58f6207140c8d477138417cfaff0aa29dc4ead3115692d06c
6e810abe895bbd4f3996c11181c939641327b399f873fdfce5f0f9b20b8a96b7
6f52af6168a33ee031281e3ff3f72323ff6a993d960978b8d778641366b09869
7e61f27eab2b28be3e88c0d8a22b0c947c2a0dfc025605d09d31a35ce0be94ab
8c2669cd92da7fbb351be4287c3ea7b99599948a07431b80ec630570b87cf174
906a3b2a89aa06a9c0da125fbf248d1f9fd188511b44d4822d9e3fcfd28197e8
928acfba36ccd911340d2753db52423f0c7f6feaa72824e2a1ef6f5667ed4a71
9c38d3b5b80698c9749fbcb7275f5f6c3b3fd46b35546a87589ffbd489baf1fd
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
a1fe019388875b696edb373b51a51c0a8e3bad52cd489617d042c0722bdb1e48
a5268a183f2a091d2d17773997e89a25fc45cbd60e586edf61f544fb85d6f6a8
ae95ebc7f7a48f110e33d61414ce33e3e06ac62246fdb27a8cd027f4d371cdbc
bfd0ed30bff483dcf953da5806d86803f73607e82a2e0cc85b546bd5d2fb458f
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9
d03ee6161a7d9303d88f2a588c88d3e5a91758c8abdbe60a544ac78067241d78
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
dbf59490ebcc2d95794328f176f73688eb1972eaba8a234b3b9a6e20e784b760
dff0eabd1cb0eb44ca0c3328eb4e190f678699810a96891108ba0d3373247281
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
f2a69def9e2d6ef8497a4ee0a4a7778f50caba24380c2b828edc4083c999fb38
f35fe126f90cecbb6addd79308e296e8409dbebf6bc589c31749e67713e9bb3c