urlscan.io logo urlscan.io
SecurityTrails logo

answers.microsoft.com Open in urlscan Pro
104.92.96.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed0...
Effective URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed0...
Submission: On May 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 8 domains to perform 32 HTTP transactions. The main IP is 104.92.96.203, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is answers.microsoft.com. The Cisco Umbrella rank of the primary domain is 32647.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on December 2nd 2021. Valid for: a year.
This is the only time answers.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 4 104.92.96.203 16625 (AKAMAI-AS)
1 1 20.190.159.4 8075 (MICROSOFT...)
3 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 23.216.77.196 20940 (AKAMAI-ASN1)
8 2606:2800:133... 15133 (EDGECAST)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2620:1ec:49::45 8075 (MICROSOFT...)
1 2620:1ec:40::45 8075 (MICROSOFT...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 20.40.136.238 8075 (MICROSOFT...)
5 64.4.54.254 8075 (MICROSOFT...)
4 20.189.173.2 8075 (MICROSOFT...)
32 12
4    104.92.96.203 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-96-203.deploy.static.akamaitechnologies.com
answers.microsoft.com
1    20.190.159.4 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
3    2a02:26f0:7100:598::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.microsoft.com
1    23.216.77.196 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-196.deploy.static.akamaitechnologies.com
statics-marketingsites-neu-ms-com.akamaized.net
8    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
answersstaticfilecdnv2.azureedge.net
1    2a02:26f0:3500:7::17d8:4dd1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-prod-cms-rt-microsoft-com.akamaized.net
4    2620:1ec:49::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
mem.gfx.ms
1    2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wcpstatic.microsoft.com
2    2a02:26f0:3500:594::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.s-microsoft.com
2    20.40.136.238 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
arc.msn.com
5    64.4.54.254 (Cheyenne, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
4    20.189.173.2 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
17 microsoft.com
answers.microsoft.com — Cisco Umbrella Rank: 32647
www.microsoft.com — Cisco Umbrella Rank: 305
wcpstatic.microsoft.com — Cisco Umbrella Rank: 5413
web.vortex.data.microsoft.com — Cisco Umbrella Rank: 1620
browser.events.data.microsoft.com — Cisco Umbrella Rank: 280
268 KB
8 azureedge.net
answersstaticfilecdnv2.azureedge.net — Cisco Umbrella Rank: 37145
392 KB
3 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 3656
56 KB
2 msn.com
arc.msn.com — Cisco Umbrella Rank: 227
3 KB
2 s-microsoft.com
c.s-microsoft.com — Cisco Umbrella Rank: 10074
63 KB
2 akamaized.net
statics-marketingsites-neu-ms-com.akamaized.net — Cisco Umbrella Rank: 31578
img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1161
5 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3882
44 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 87
1010 B
32 8
Domain Requested by
8 answersstaticfilecdnv2.azureedge.net answers.microsoft.com
answersstaticfilecdnv2.azureedge.net
5 web.vortex.data.microsoft.com mem.gfx.ms
4 browser.events.data.microsoft.com js.monitor.azure.com
answersstaticfilecdnv2.azureedge.net
4 answers.microsoft.com 3 redirects
3 mem.gfx.ms answers.microsoft.com
mem.gfx.ms
3 www.microsoft.com answers.microsoft.com
answersstaticfilecdnv2.azureedge.net
2 arc.msn.com answersstaticfilecdnv2.azureedge.net
2 c.s-microsoft.com www.microsoft.com
1 wcpstatic.microsoft.com answers.microsoft.com
1 js.monitor.azure.com answers.microsoft.com
1 img-prod-cms-rt-microsoft-com.akamaized.net answers.microsoft.com
1 statics-marketingsites-neu-ms-com.akamaized.net answers.microsoft.com
1 login.live.com 1 redirects
32 13
Subject Issuer Validity Valid
answers.microsoft.com
Microsoft RSA TLS CA 02		 2021-12-02 -
2022-12-02		 a year crt.sh
www.microsoft.com
Microsoft RSA TLS CA 01		 2021-07-28 -
2022-07-28		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 02		 2022-03-27 -
2023-03-22		 a year crt.sh
wcpstatic.microsoft.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-10 -
2023-03-10		 a year crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 02		 2022-05-11 -
2023-05-06		 a year crt.sh
arc.msn.com
Microsoft Azure TLS Issuing CA 06		 2022-02-23 -
2023-02-18		 a year crt.sh
*.vortex.data.microsoft.com
Microsoft RSA TLS CA 01		 2022-04-03 -
2023-04-03		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-03-02 -
2023-02-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Frame ID: 57F0FE22D280DF3C8DCC8174A8E91D44
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Error Page - Microsoft Community

Page URL History Show full URLs

  1. https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4... HTTP 301
    https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4... HTTP 302
    https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1652798171&rver=6.7.6643.0&wp=... HTTP 302
    https://answers.microsoft.com/en-us/site/completesignin?silent=True&returnUrl=https%3A%2F%2Fanswers.micros... HTTP 302
    https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

13
Subdomains

12
IPs

4
Countries

830 kB
Transfer

3022 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5. HTTP 301
    https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5 HTTP 302
    https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1652798171&rver=6.7.6643.0&wp=MBI_SSL&wreply=https:%2F%2Fanswers.microsoft.com%2Fen-us%2Fsite%2Fcompletesignin%3Fsilent%3DTrue%26returnUrl%3Dhttps%253A%252F%252Fanswers.microsoft.com%252Fen-us%252Fwindows%252Fforum%252Fwindows_10-security%252Fwanna-cry-ransomware%252F5afdb045-8f36-4f55-a992-53398d21ed07%2524%253B%25245&id=273572&aadredir=1 HTTP 302
    https://answers.microsoft.com/en-us/site/completesignin?silent=True&returnUrl=https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fwindows_10-security%2Fwanna-cry-ransomware%2F5afdb045-8f36-4f55-a992-53398d21ed07%24%3B%245 HTTP 302
    https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5afdb045-8f36-4f55-a992-53398d21ed07$;$5
answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/
Redirect Chain
  • https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5.
  • https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1652798171&rver=6.7.6643.0&wp=MBI_SSL&wreply=https:%2F%2Fanswers.microsoft.com%2Fen-us%2Fsite%2Fcompletesignin%3Fsilent%3DTrue%2...
  • https://answers.microsoft.com/en-us/site/completesignin?silent=True&returnUrl=https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fwindows_10-security%2Fwanna-cry-ransomware%2F5afdb045-8...
  • https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
104 KB
105 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.96.203 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-96-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4a36645e1336f5949c71c891fca4f1315f14b876fa8bfba5f59c991eb2c63743
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store no-transform
content-length
106836
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 14:36:12 GMT
expires
Tue, 17 May 2022 14:36:12 GMT
ms-cv
NwI8zGaumEWcmpvg.0
pragma
no-cache
server
strict-transport-security
max-age=86400 ; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge

Redirect headers

cache-control
max-age=0, no-cache, no-store no-transform
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 14:36:12 GMT
expires
Tue, 17 May 2022 14:36:12 GMT
location
https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
ms-cv
fBvIBAzVP0mQaxQG.0
pragma
no-cache
server
strict-transport-security
max-age=86400 ; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
ef-a24652
www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/dd-4224e1/ 		166 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/dd-4224e1/ef-a24652?ver=2.0&_cf=20210618
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:598::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
58d444a20d0ac6f199efca28a8c232d7714651bf3a27e9a02c9ef5364aa20250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ms-operation-id
b447d2c90da0d245aa1a87435aee059c
date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-rtag
RT
x-s2
2022-01-04T01:36:45
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
559f1fd9-d39d-4425-8ae1-47fe81348682
tls_version
tls1.3
x-s1
2022-01-04T01:36:45
ms-cv
quRV9EZE3kCX1RYi.0
vary
Accept-Encoding
content-length
22527
x-xss-protection
1; mode=block
last-modified
Tue, 04 Jan 2022 01:36:45 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-12-11T09:19:10.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=19998077
timing-allow-origin
*
x-appversion
1.0.8015.2375
expires
Wed, 04 Jan 2023 01:37:29 GMT
override.css
statics-marketingsites-neu-ms-com.akamaized.net/statics/ 		1 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics-marketingsites-neu-ms-com.akamaized.net/statics/override.css
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-196.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 17 May 2022 14:36:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2019 23:22:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6EEC3A2D67C35
Vary
Accept-Encoding
Content-Type
text/css
x-ms-request-id
abce744b-901e-0041-680c-342219000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
473
mwf-west-european-default.1.53.1.min.css
answersstaticfilecdnv2.azureedge.net/static/css/mwf/mwf/ 		766 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answersstaticfilecdnv2.azureedge.net/static/css/mwf/mwf/mwf-west-european-default.1.53.1.min.css
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FAB) /
Resource Hash
7a92f10fe544456cbf298b2e675beaa6073ac67f5f8556b1904c17f5c4876797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
gzip
content-md5
dB7ZKXAZnyY1v46wstIyxw==
age
479008
x-cache
HIT
content-length
89162
x-ms-lease-status
unlocked
last-modified
Wed, 11 May 2022 00:02:35 GMT
server
ECAcc (frc/8FAB)
etag
0x8DA32E18DEF65FA
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
76cfdc93-801e-0073-66a0-65c77e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
bundle.error.1.0.3.613.min.css
answersstaticfilecdnv2.azureedge.net/static/css/mwf/bundle/ 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answersstaticfilecdnv2.azureedge.net/static/css/mwf/bundle/bundle.error.1.0.3.613.min.css
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F14) /
Resource Hash
1c0bb7981a7f214c5e61f6d9ee882e0f89523e3d2423b7441a45803293765576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
gzip
content-md5
K8iW+rMDRkROR3JcbhHk7g==
age
74603
x-cache
HIT
content-length
11092
x-ms-lease-status
unlocked
last-modified
Mon, 09 May 2022 20:29:25 GMT
server
ECAcc (frc/8F14)
etag
0x8DA31FA9C36B588
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
5cce2d44-501e-0012-4e4d-69e43d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 14:36:12 GMT
last-modified
Sat, 14 May 2022 06:37:37 GMT
x-datacenter
northeu
x-source-length
4054
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=144079
x-activityid
6f457ef6-494c-46f8-8b9d-8714e2aa9559
x-resizerversion
1.0
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
content-length
4054
expires
Thu, 19 May 2022 06:37:31 GMT
jquery-3.6.0.min.js
answersstaticfilecdnv2.azureedge.net/static/js/lib/jquery/ 		105 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answersstaticfilecdnv2.azureedge.net/static/js/lib/jquery/jquery-3.6.0.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F37) /
Resource Hash
528a1886f07e7777a6ee359f49155202a3ca8670e7f8feb399ca186a8bf80ac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
gzip
content-md5
qiRg5jg0OhwuWFs3wih3Kg==
age
588186
x-cache
HIT
content-length
33055
x-ms-lease-status
unlocked
last-modified
Tue, 10 May 2022 18:32:25 GMT
server
ECAcc (frc/8F37)
etag
0x8DA32B36E3CFDCB
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
108504d1-301e-0004-7ba1-6412ea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
jquery-migrate-3.0.0.min.js
answersstaticfilecdnv2.azureedge.net/static/js/lib/jquery/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answersstaticfilecdnv2.azureedge.net/static/js/lib/jquery/jquery-migrate-3.0.0.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC7) /
Resource Hash
8c2669cd92da7fbb351be4287c3ea7b99599948a07431b80ec630570b87cf174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
gzip
content-md5
BBBblM+pzdyzj1nsivxVWg==
age
486355
x-cache
HIT
content-length
3347
x-ms-lease-status
unlocked
last-modified
Wed, 11 May 2022 00:02:33 GMT
server
ECAcc (frc/8FC7)
etag
0x8DA32E18CE71D62
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2e29a4e7-d01e-007e-568f-650faa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
ms.analytics-web-3.min.js
js.monitor.azure.com/scripts/c/ 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f80a06e9a4aa827b32aa79a095b084a2986e0ed42123172fa0249326053a1dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
br
x-azure-ref-originshield
0ebCDYgAAAACQ8wRRvSNrRZGOQGseB7/eQU1TMDRFREdFMTgwNwBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5
n/xFUGQu+ZhD4o8p+0MLCQ==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.1.11
last-modified
Wed, 27 Apr 2022 23:18:46 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.analytics-web-3.1.11.min.js
etag
0x8DA28A4473B6BBE
x-azure-ref
03LKDYgAAAADPZOxi0SJWR65aRPFzgzXERlJBMjMxMDUwNDE4MDI1AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c4c81038-701e-002d-03f8-695b06000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-lastmodified,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
bundle.core.1.0.3.613.min.js
answersstaticfilecdnv2.azureedge.net/static/js/bundle/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answersstaticfilecdnv2.azureedge.net/static/js/bundle/bundle.core.1.0.3.613.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F3A) /
Resource Hash
f15b880072a5ba67c4ea6a98a56256942f057f20918b85b64a5b37b88cb9fe10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
gzip
content-md5
TB48SOf+LmveH00KVoOCYA==
age
78685
x-cache
HIT
content-length
10502
x-ms-lease-status
unlocked
last-modified
Mon, 09 May 2022 20:29:29 GMT
server
ECAcc (frc/8F3A)
etag
0x8DA31FA9E459930
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
36902ade-001e-0042-6d44-69266d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/ 		273 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
768304ececf64109acb1144a4a5fb1ea56ccadf675c60b65956dfad07a8d5ceb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 May 2022 14:36:11 GMT
content-encoding
gzip
vary
Accept-Encoding
content-md5
bayEWRcBe3ATXM+K9o1rLg==
age
24551
x-cache
CONFIG_NOCACHE
content-length
81724
x-ms-lease-status
unlocked
last-modified
Mon, 28 Feb 2022 19:38:30 GMT
etag
0x8D9FAF1E6285DA5
x-azure-ref
03LKDYgAAAAAGd9qsjVrwSoR0nv7uGRZ7RlJBMjMxMDUwNDE4MDIzADM5YjQ2MTU3LWNiOWUtNDliNy1hNjVhLTg3MjJhM2Y4MjRlNA==
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f9fbad64-201e-0055-0ac2-69d34a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
37-8473b9
www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/8e-e88b64/93-04b71e/dd-2cee44/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d... 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/8e-e88b64/93-04b71e/dd-2cee44/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/8d-b89eaf/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=20210618&iife=1
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:598::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
67a1c277d278bee02e90ccf0f47d4d17e774a8d11fb0d986b0621580c652e154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ms-operation-id
1db413c1ca9a824b9a771873dbee7a96
date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-rtag
RT
x-s2
2022-02-01T23:37:01
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
a02a0fa4-7c4f-4bab-bfe4-a008c10f561f
tls_version
tls1.3
x-s1
2022-02-01T23:37:01
ms-cv
yS+5q6x3pEaGT27O.0
vary
Accept-Encoding
content-length
35658
x-xss-protection
1; mode=block
last-modified
Tue, 01 Feb 2022 23:37:01 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-01-26T10:26:10.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=22496457
timing-allow-origin
*
x-appversion
1.0.8061.4385
expires
Wed, 01 Feb 2023 23:37:09 GMT
meversion
mem.gfx.ms/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=MSAnswers&market=en-us&uhf=1
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
856f8e4e6cf456aa182936351b872e51e258f2cbdc0dc8f5080500c4df15055b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-azure-ref-originshield
0s1yDYgAAAAC4ZnWZKu/GRrfc7YOg+nNGQU1TMDRFREdFMTkwOABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date
Tue, 17 May 2022 14:36:12 GMT
x-azure-ref
03LKDYgAAAADVSp0CqFapRZ0s30/ouz2oRlJBMjMxMDUwNDE3MDQ5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
x-ua-compatible
IE=edge
expires
Tue, 17 May 2022 18:26:31 GMT
ucsCreativeService.1.0.3.613.min.js
answersstaticfilecdnv2.azureedge.net/static/js/ 		533 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answersstaticfilecdnv2.azureedge.net/static/js/ucsCreativeService.1.0.3.613.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F1F) /
Resource Hash
2d025e055348a4363bf4c93b01866bcd869ca3e9a58a4bab0f3dfdde9a0d8c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
gzip
content-md5
YYxayzi9NJhvvdEosV1n5g==
age
78836
x-cache
HIT
content-length
168459
x-ms-lease-status
unlocked
last-modified
Mon, 09 May 2022 20:29:30 GMT
server
ECAcc (frc/8F1F)
etag
0x8DA31FA9F2ACE7E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b1df0957-701e-0077-1c43-694a79000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
banner.1.0.3.613.min.js
answersstaticfilecdnv2.azureedge.net/static/js/ 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://answersstaticfilecdnv2.azureedge.net/static/js/banner.1.0.3.613.min.js
Requested by
Host: answers.microsoft.com
URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA8) /
Resource Hash
6d718e116e5e99b58f6207140c8d477138417cfaff0aa29dc4ead3115692d06c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
gzip
content-md5
gKNiMnxzvyV7XLdLM/iZTw==
age
78838
x-cache
HIT
content-length
698
x-ms-lease-status
unlocked
last-modified
Mon, 09 May 2022 20:29:29 GMT
server
ECAcc (frc/8FA8)
etag
0x8DA31FA9E173CFA
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3ba8d85c-701e-0048-6343-6982da000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
mwfmdl2-v2.81.woff2
www.microsoft.com/mwf/_h/v2.81/mwf.app/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/_h/v2.81/mwf.app/fonts/mwfmdl2-v2.81.woff2
Requested by
Host: answersstaticfilecdnv2.azureedge.net
URL: https://answersstaticfilecdnv2.azureedge.net/static/css/mwf/mwf/mwf-west-european-default.1.53.1.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:598::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
42c8697c004ced79b2c06adf4111db0bda0da08527b97e83f53f4622bca9091b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://answersstaticfilecdnv2.azureedge.net/
Origin
https://answers.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ms-operation-id
a719a98152bc494c8656968fda53e857
date
Tue, 17 May 2022 14:36:12 GMT
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
476c71f0-bd47-466a-9543-ce4fcdfddef2
tls_version
tls1.3
ms-cv
L1FUMvm/CUK64sit.0
content-length
17448
x-xss-protection
1; mode=block
last-modified
Sun, 01 Aug 2021 13:10:30 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-06-10T04:04:28.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=6561096
x-appversion
1.0.7830.36134
expires
Mon, 01 Aug 2022 13:07:48 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/dd-4224e1/ef-a24652?ver=2.0&_cf=20210618
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

Referer
https://www.microsoft.com/
Origin
https://answers.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 14:36:12 GMT
last-modified
Fri, 10 Jan 2020 19:09:42 GMT
etag
"83cce83e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=301368
accept-ranges
bytes
content-length
30132
expires
Sat, 21 May 2022 02:19:00 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/dd-4224e1/ef-a24652?ver=2.0&_cf=20210618
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer
https://www.microsoft.com/
Origin
https://answers.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 14:36:12 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"588d483e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=128854
accept-ranges
bytes
content-length
34052
expires
Thu, 19 May 2022 02:23:46 GMT
mwf-main.var.1.53.1.min.js
answersstaticfilecdnv2.azureedge.net/static/js/mwf/ 		340 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answersstaticfilecdnv2.azureedge.net/static/js/mwf/mwf-main.var.1.53.1.min.js
Requested by
Host: answersstaticfilecdnv2.azureedge.net
URL: https://answersstaticfilecdnv2.azureedge.net/static/js/lib/jquery/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F57) /
Resource Hash
6cf921cf7bd161d84348d6b5759cbffac4255e9df3c631031543d40e06a4f70c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 May 2022 14:36:12 GMT
content-encoding
gzip
content-md5
4pYmvNLXrhTrsBU7eeCXhA==
age
47968
x-cache
HIT
content-length
83385
x-ms-lease-status
unlocked
last-modified
Tue, 17 May 2022 01:01:40 GMT
server
ECAcc (frc/8F57)
etag
0x8DA37A0CD6D3B09
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9f5612db-b01e-0068-2c8b-69f97d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.22059.5/en-US/ 		157 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.22059.5/en-US/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSAnswers&market=en-us&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfd295d8315492e4b0b0d79cb43a38ed7c6a98340e66341becdb312ea634ebab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://answers.microsoft.com/
Origin
https://answers.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 19 Apr 2022 00:20:12 GMT
x-azure-ref-originshield
0q5GBYgAAAADfumnzyOXaSYgTOUzJ9dWOQU1TMDRFREdFMTgwOQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag
"1d853bde862ea4c"
x-azure-ref
03LKDYgAAAABfbRhE5V/eQa3yJM3giPsRRlJBMjMxMDUwNDE4MDA5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Tue, 17 May 2022 14:36:11 GMT
x-ua-compatible
IE=edge
selection
arc.msn.com/v4/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://arc.msn.com/v4/api/selection?SCS_EXPFLIGHTID=smc-survey-feat-1%3Bsmc-survey-elg-1%3Bce-aatest-1%3Bsmc-clicktale%3Btasmigrationmseg%3Bvafx-enginev2-1%3Bamc-suspend-1%3Bsps-awa-fix-1%3Bvafx-proxybot-1%3Bamc-officeicon-1%3Bamc-adminconfigurations-1%3Bamc-showrelatedforum-1%3Bamc-ellipsisrework-1%3Bamc-showedgelegacyicon-1%3Bamc-experts-1%3Bamc-nonelevatedusermessagethreshold-1%3Bmultitenanttasmigration_103%3Bvafx-mts-french-azure-1%3Bvafx-mts-german-1%3Bvafx-mts-hungarian-1%3Bvafx-mts-czech-1%3Bvafx-mts-turkish-1%3Bvafx-mts-korean-1%3Bvafx-mts-polish-1%3Bvafx-mts-dutch-1%3Bvafx-mts-italian-1%3Bvafx-mts-russian-1%3Bvafx-mts-danish-1%3Bvafx-mts-norwegian-1%3Bvafx-mts-arabic-1%3Bvafx-mts-swedish-1%3Bvafx-mts-portuguese-1%3Bamc-bannertelemetry-1%3Bthopo-testprog-other%3Bamc-simpleuseract-1%3Bamc-quicksearch-1%3Bvafx-darkmode-1%3Bamc-mod-translator%3Bamc-enable-ucs-1%3Bamc-history-to%3Bamc-ipqsflaguser-1%3Bamc-pmessage-editor&country=us&dismissedCookieSet=False&isAuthed=False&locale=en-us&pageType=viewthread&placement=88000667&bcnt=10
Requested by
Host: answersstaticfilecdnv2.azureedge.net
URL: https://answersstaticfilecdnv2.azureedge.net/static/js/ucsCreativeService.1.0.3.613.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.136.238 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2f5a1fa6c7465515e9895759aff02a967eab9e7287724881467be162779eae7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://answers.microsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
UA, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform, UA-Platform-Version
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://answers.microsoft.com
cache-control
no-store, no-cache
arc-rsp-dbg
[{"RADIDS":"1,P425616111-T700384706-C128000000003388309+B+P60+S1"},{"BATCH_REDIRECT_STORE":"B128000000003388309+P0+S0"},{"OPTOUTSTATE":"0"}]
access-control-allow-credentials
true
content-length
2675
date
Tue, 17 May 2022 14:36:12 GMT
server
Microsoft-IIS/10.0
expires
Mon, 01 Jan 0001 00:00:00 GMT
selection
arc.msn.com/v4/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://arc.msn.com/v4/api/selection?SCS_EXPFLIGHTID=smc-survey-feat-1%3Bsmc-survey-elg-1%3Bce-aatest-1%3Bsmc-clicktale%3Btasmigrationmseg%3Bvafx-enginev2-1%3Bamc-suspend-1%3Bsps-awa-fix-1%3Bvafx-proxybot-1%3Bamc-officeicon-1%3Bamc-adminconfigurations-1%3Bamc-showrelatedforum-1%3Bamc-ellipsisrework-1%3Bamc-showedgelegacyicon-1%3Bamc-experts-1%3Bamc-nonelevatedusermessagethreshold-1%3Bmultitenanttasmigration_103%3Bvafx-mts-french-azure-1%3Bvafx-mts-german-1%3Bvafx-mts-hungarian-1%3Bvafx-mts-czech-1%3Bvafx-mts-turkish-1%3Bvafx-mts-korean-1%3Bvafx-mts-polish-1%3Bvafx-mts-dutch-1%3Bvafx-mts-italian-1%3Bvafx-mts-russian-1%3Bvafx-mts-danish-1%3Bvafx-mts-norwegian-1%3Bvafx-mts-arabic-1%3Bvafx-mts-swedish-1%3Bvafx-mts-portuguese-1%3Bamc-bannertelemetry-1%3Bthopo-testprog-other%3Bamc-simpleuseract-1%3Bamc-quicksearch-1%3Bvafx-darkmode-1%3Bamc-mod-translator%3Bamc-enable-ucs-1%3Bamc-history-to%3Bamc-ipqsflaguser-1%3Bamc-pmessage-editor&country=us&dismissedCookieSet=False&isAuthed=False&locale=en-us&pageType=viewthread&placement=88000667&bcnt=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.136.238 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://answers.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-origin
https://answers.microsoft.com
cache-control
no-cache
content-length
0
date
Tue, 17 May 2022 14:36:12 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.22059.5/en-US/ 		99 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.22059.5/en-US/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSAnswers&market=en-us&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
84a73207fb4c797057a1910e84448ac8e08860ad0ee5e04d580b085866afb59e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://answers.microsoft.com/
Origin
https://answers.microsoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 19 Apr 2022 00:20:18 GMT
x-azure-ref-originshield
0RKmDYgAAAAD0CWVHWYhRTo22G33gIzdZQU1TMDRFREdFMTgwOQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag
"1d853bdebf5a8ed"
x-azure-ref
03LKDYgAAAAAtNpxdiKDMTbj5lEdbbqDmRlJBMjMxMDUwNDE4MDA5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Tue, 17 May 2022 14:36:11 GMT
x-ua-compatible
IE=edge
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-05-17T14%3A36%3A12.689Z%27&appId=%27JS%3AMeControl%27&cV=%27ltuiu9PQkLBIk%2B24.1%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27answers.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=224&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%26uhf%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%272b3b2cc8-f0c6-4387-3e5f-6ea5631bff95%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A417.2000002861023%2C%22perfDuration%22%3A224%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msanswers%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22059.5%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msanswers%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%7D%2C%22url%22%3A%22https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fwindows_10-security%2Fwanna-cry-ransomware%2F5afdb045-8f36-4f55-a992-53398d21ed07%24%3B%245%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.4.54.254 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 14:36:12 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
FElzlnCBHUekcJrF4ZU9tg.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-05-17T14%3A36%3A12.817Z%27&appId=%27JS%3AMeControl%27&cV=%27ltuiu9PQkLBIk%2B24.3%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27answers.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=52&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22059.5%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%272b3b2cc8-f0c6-4387-3e5f-6ea5631bff95%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A124.59999990463257%2C%22perfDuration%22%3A52.299999713897705%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msanswers%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22059.5%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msanswers%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%7D%2C%22url%22%3A%22https%3A%2F%2Fanswers.microsoft.com%2Fen-us%2Fwindows%2Fforum%2Fwindows_10-security%2Fwanna-cry-ransomware%2F5afdb045-8f36-4f55-a992-53398d21ed07%24%3B%245%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.4.54.254 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 14:36:13 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
z5PhWpb2i0mQkkrxVPAycg.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-05-17T14%3A36%3A12.823Z%27&appId=%27JS%3AMeControl%27&cV=%27ltuiu9PQkLBIk%2B24.5%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27answers.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msanswers%27&*controlVersion=%2710.22059.5%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=132.90000009536743&*details=%27load%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.4.54.254 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 14:36:13 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
AX62mK//UEqoGHFrlqfV6A.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-05-17T14%3A36%3A12.838Z%27&appId=%27JS%3AMeControl%27&cV=%27ltuiu9PQkLBIk%2B24.6%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27answers.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msanswers%27&*controlVersion=%2710.22059.5%27&*market=%27en-US%27&*scenario=%27Interactive%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=147.80000019073486&*details=%27Web%20header%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.4.54.254 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://answers.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 14:36:12 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
JpQ0XL9GOEOJaaH4Ng8xlw.0
Content-Type
image/gif
Content-Length
43
Expires
0
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22059.5/en-US/meCore.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.4.54.254 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://answers.microsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=493b660a52fd495880a04aa31f2530bc-f66dfa98-084c-46d4-8518-12c5d5c62b85-7595&upload-time=1652798173572&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
25e90e69eeb307ce85c274f05f8b212492421a5be38bdb6ab68e3c0db3881155

Request headers

Referer
https://answers.microsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 17 May 2022 14:36:13 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
765
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://answers.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.0.2&apikey=05eaeec884e14734aa4aa95e87c73bac-0f0d742b-73a2-40ff-918f-8d763a8b3544-7098&upload-time=1652798173728&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by
Host: answersstaticfilecdnv2.azureedge.net
URL: https://answersstaticfilecdnv2.azureedge.net/static/js/ucsCreativeService.1.0.3.613.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2e305eaef75ae38a4636784ff6b0afe1fd4ac6801ba30312e2ecc21a7442e3af

Request headers

Referer
https://answers.microsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 17 May 2022 14:36:13 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
559
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://answers.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=493b660a52fd495880a04aa31f2530bc-f66dfa98-084c-46d4-8518-12c5d5c62b85-7595&upload-time=1652798174574&time-delta-to-apply-millis=765&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2e305eaef75ae38a4636784ff6b0afe1fd4ac6801ba30312e2ecc21a7442e3af

Request headers

Referer
https://answers.microsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 17 May 2022 14:36:13 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
76
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://answers.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.0.2&apikey=05eaeec884e14734aa4aa95e87c73bac-0f0d742b-73a2-40ff-918f-8d763a8b3544-7098&upload-time=1652798174730&time-delta-to-apply-millis=559&w=0
Requested by
Host: answersstaticfilecdnv2.azureedge.net
URL: https://answersstaticfilecdnv2.azureedge.net/static/js/ucsCreativeService.1.0.3.613.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b3582dcff1d87bdade8ff53731341369d0c6e6b5e8a866755a5148631915f194

Request headers

Referer
https://answers.microsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 17 May 2022 14:36:14 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
73
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://answers.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| Answers function| $ function| jQuery boolean| isSiteReadOnly object| e function| t object| oneDS object| analytics function| MscomCustomEvent string| signInBaseUrl string| signOutBaseUrl string| switchBaseUrl string| signInUrl string| signOutUrl string| switchOutUrl string| signInLabel string| signOutLabel string| viewProfileLabel object| meControlInfo string| privateMessagesLabel string| privateMessagesUrl string| viewProfileUrl function| getCurrentAccount function| getCommands object| shellOptions function| loadShell object| onShellReadyToLoad function| WcpConsent function| mscc object| MSA object| MeControl function| MeControlDefine function| MeControlImport function| setImmediate function| clearImmediate object| regeneratorRuntime function| __assign function| __extends object| UcsCreative object| siteConsent object| msCommonShell object| mwf object| html5 object| Modernizr object| picturefillCFG function| picturefill function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault

12 Cookies

Domain/Path Name / Value
.login.live.com/ Name: uaid
Value: 1d41f6d7a11c4476adddf57a1dbfec74
.login.live.com/ Name: MSPRequ
Value: id=273572&lt=1652798172&co=1
.answers.microsoft.com/ Name: community.silentsignin
Value: 1
.answers.microsoft.com/ Name: cap_f
Value: smc-survey-feat-1|smc-survey-elg-1|ce-aatest-1|smc-clicktale|tasmigrationmseg|vafx-enginev2-1|amc-suspend-1|sps-awa-fix-1|vafx-proxybot-1|amc-officeicon-1|amc-adminconfigurations-1|amc-showrelatedforum-1|amc-ellipsisrework-1|amc-showedgelegacyicon-1|amc-experts-1|amc-nonelevatedusermessagethreshold-1|multitenanttasmigration_103|vafx-mts-french-azure-1|vafx-mts-german-1|vafx-mts-hungarian-1|vafx-mts-czech-1|vafx-mts-turkish-1|vafx-mts-korean-1|vafx-mts-polish-1|vafx-mts-dutch-1|vafx-mts-italian-1|vafx-mts-russian-1|vafx-mts-danish-1|vafx-mts-norwegian-1|vafx-mts-arabic-1|vafx-mts-swedish-1|vafx-mts-portuguese-1|amc-bannertelemetry-1|thopo-testprog-other|amc-simpleuseract-1|amc-quicksearch-1|vafx-darkmode-1|amc-mod-translator|amc-enable-ucs-1|amc-history-to|amc-ipqsflaguser-1|amc-pmessage-editor
.answers.microsoft.com/ Name: cap_t
Value: 2022-05-17T14:36:12.1533238Z
.answers.microsoft.com/ Name: asid
Value: 3b928c6c-52aa-4d07-855d-0ebffc72a8d4
answers.microsoft.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: af889cc7-cae8-48b7-98ef-0f3fd9badf76
answers.microsoft.com/ Name: tzo
Value: 0
answers.microsoft.com/ Name: ai_session
Value: 208UZGLFT5AAWfiKOiqcGY|1652798172569|1652798172725
.microsoft.com/ Name: MC1
Value: GUID=42e71814e4a84c59a1114e567c2ac84e&HASH=42e7&LV=202205&V=4&LU=1652798173352
.microsoft.com/ Name: MS0
Value: a64ec631789141c8a135eccad6f4a578
answers.microsoft.com/ Name: MSFPC
Value: GUID=42e71814e4a84c59a1114e567c2ac84e&HASH=42e7&LV=202205&V=4&LU=1652798173352

1 Console Messages

Source Level URL
Text
network error URL: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07$;$5
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

answers.microsoft.com
answersstaticfilecdnv2.azureedge.net
arc.msn.com
browser.events.data.microsoft.com
c.s-microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
login.live.com
mem.gfx.ms
statics-marketingsites-neu-ms-com.akamaized.net
wcpstatic.microsoft.com
web.vortex.data.microsoft.com
www.microsoft.com
104.92.96.203
20.189.173.2
20.190.159.4
20.40.136.238
23.216.77.196
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:40::45
2620:1ec:49::45
2a02:26f0:3500:594::356e
2a02:26f0:3500:7::17d8:4dd1
2a02:26f0:7100:598::356e
64.4.54.254
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
1c0bb7981a7f214c5e61f6d9ee882e0f89523e3d2423b7441a45803293765576
25e90e69eeb307ce85c274f05f8b212492421a5be38bdb6ab68e3c0db3881155
2d025e055348a4363bf4c93b01866bcd869ca3e9a58a4bab0f3dfdde9a0d8c86
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e305eaef75ae38a4636784ff6b0afe1fd4ac6801ba30312e2ecc21a7442e3af
2f5a1fa6c7465515e9895759aff02a967eab9e7287724881467be162779eae7f
42c8697c004ced79b2c06adf4111db0bda0da08527b97e83f53f4622bca9091b
4a36645e1336f5949c71c891fca4f1315f14b876fa8bfba5f59c991eb2c63743
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
528a1886f07e7777a6ee359f49155202a3ca8670e7f8feb399ca186a8bf80ac6
58d444a20d0ac6f199efca28a8c232d7714651bf3a27e9a02c9ef5364aa20250
67a1c277d278bee02e90ccf0f47d4d17e774a8d11fb0d986b0621580c652e154
6cf921cf7bd161d84348d6b5759cbffac4255e9df3c631031543d40e06a4f70c
6d718e116e5e99b58f6207140c8d477138417cfaff0aa29dc4ead3115692d06c
768304ececf64109acb1144a4a5fb1ea56ccadf675c60b65956dfad07a8d5ceb
7a92f10fe544456cbf298b2e675beaa6073ac67f5f8556b1904c17f5c4876797
84a73207fb4c797057a1910e84448ac8e08860ad0ee5e04d580b085866afb59e
856f8e4e6cf456aa182936351b872e51e258f2cbdc0dc8f5080500c4df15055b
8c2669cd92da7fbb351be4287c3ea7b99599948a07431b80ec630570b87cf174
b3582dcff1d87bdade8ff53731341369d0c6e6b5e8a866755a5148631915f194
dfd295d8315492e4b0b0d79cb43a38ed7c6a98340e66341becdb312ea634ebab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
f15b880072a5ba67c4ea6a98a56256942f057f20918b85b64a5b37b88cb9fe10
f80a06e9a4aa827b32aa79a095b084a2986e0ed42123172fa0249326053a1dcd