docs.microsoft.com Open in urlscan Pro
2a02:26f0:6c00:190::353e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for...
Submission: On November 13 via api (November 13th 2019, 6:15:11 pm UTC) from US

Summary HTTP 35 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 35 HTTP transactions. The main IP is 2a02:26f0:6c00:190::353e, located in Ascension Island and belongs to AKAMAI-ASN1, US. The main domain is docs.microsoft.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on April 19th 2019. Valid for: 2 years.

This is the only time docs.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a02:26f0:6c0... 2a02:26f0:6c00:190::353e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
3	2a02:26f0:6c0... 2a02:26f0:6c00:297::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY - Fastly)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
10 10	140.82.118.4 140.82.118.4	36459 (GITHUB) (GITHUB - GitHub)
4	151.101.12.133 151.101.12.133	54113 (FASTLY) (FASTLY - Fastly)
6	151.101.112.133 151.101.112.133	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY - Fastly)
35	12

13 2a02:26f0:6c00:190::353e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

docs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
az725175.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:297::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

c1.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 140.82.118.4 (United States) 10 redirects

ASN36459 (GITHUB - GitHub, Inc., US)
PTR: lb-140-82-118-4-ams.github.com

github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

avatars0.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.112.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

avatars2.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

lux.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	microsoft.com 1 redirects docs.microsoft.com web.vortex.data.microsoft.com c1.microsoft.com	439 KB
10	githubusercontent.com avatars0.githubusercontent.com avatars2.githubusercontent.com	17 KB
10	github.com 10 redirects github.com	22 KB
3	s-microsoft.com c.s-microsoft.com	92 KB
2	speedcurve.com cdn.speedcurve.com lux.speedcurve.com	7 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
1	bing.com 1 redirects c.bing.com	639 B
1	msecnd.net az725175.vo.msecnd.net	18 KB
1	aspnetcdn.com ajax.aspnetcdn.com	30 KB
35	10

	Domain	Requested by
13	docs.microsoft.com	docs.microsoft.com
10	github.com	10 redirects
6	avatars2.githubusercontent.com
4	avatars0.githubusercontent.com
3	c.s-microsoft.com	docs.microsoft.com
2	c1.microsoft.com	1 redirects
2	www.google-analytics.com	1 redirects docs.microsoft.com
2	web.vortex.data.microsoft.com	az725175.vo.msecnd.net
1	lux.speedcurve.com	cdn.speedcurve.com
1	stats.g.doubleclick.net
1	c.bing.com	1 redirects
1	cdn.speedcurve.com	docs.microsoft.com
1	az725175.vo.msecnd.net	docs.microsoft.com
1	ajax.aspnetcdn.com	docs.microsoft.com
35	14

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
github.com
twitter.com
www.linkedin.com
www.facebook.com
technet.microsoft.com
www.verizonbusiness.com
blogs.technet.com
support.microsoft.com
msdn.microsoft.com
social.technet.microsoft.com
windowsserver.uservoice.com
go.microsoft.com
aka.ms

Subject Issuer	Validity	Valid
docs.microsoft.com Microsoft IT TLS CA 1	`2019-04-19` - `2021-04-19`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
www.microsoft.com Microsoft IT TLS CA 4	`2018-01-16` - `2020-01-16`	2 years	crt.sh
*.vortex.data.microsoft.com Microsoft IT TLS CA 5	`2018-01-30` - `2020-01-30`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
a3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-11-13` - `2020-09-10`	10 months	crt.sh
c.msn.com Microsoft IT TLS CA 1	`2018-09-13` - `2020-09-13`	2 years	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2017-03-23` - `2020-05-13`	3 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
Frame ID: 333361AC1344EDB3D8BC39153448E982
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

35
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

14
Subdomains

12
IPs

5
Countries

620 kB
Transfer

1737 kB
Size

2
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/
Title:

Search URL Search Domain Scan URL

URL: https://github.com/MicrosoftDocs/windowsserverdocs/blob/master/WindowsServerDocs/identity/ad-ds/plan/security-best-practices/Monitoring-Active-Directory-for-Signs-of-Compromise.md
Title: Edit

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2Fmonitoring-active-directory-for-signs-of-compromise%3FWT.mc_id%3Dtwitter&text=Monitoring%20Active%20Directory%20for%20Signs%20of%20Compromise%20%7C%20Microsoft%20Docs&tw_p=tweetbutton&url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2Fmonitoring-active-directory-for-signs-of-compromise%3FWT.mc_id%3Dtwitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2Fmonitoring-active-directory-for-signs-of-compromise%3FWT.mc_id%3Dlinkedin
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2Fmonitoring-active-directory-for-signs-of-compromise%3FWT.mc_id%3Dfacebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/library/cc722488.aspx
Title: 10 Immutable Laws of Security Administration

Search URL Search Domain Scan URL

URL: http://www.verizonbusiness.com/resources/security/reports/2009_databreach_rp.pdf
Title: 2009 Verizon Data Breach Report

Search URL Search Domain Scan URL

URL: http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf
Title: 2012 Verizon Data Breach report

Search URL Search Domain Scan URL

URL: http://blogs.technet.com/b/askds/archive/2011/03/10/global-object-access-auditing-is-magic.aspx
Title: Global Object Access Auditing is Magic

Search URL Search Domain Scan URL

URL: http://blogs.technet.com/b/askds/archive/2007/10/19/introducing-auditing-changes-in-windows-2008.aspx
Title: Introducing Auditing Changes in Windows 2008

Search URL Search Domain Scan URL

URL: http://blogs.technet.com/b/askds/archive/2007/11/16/cool-auditing-tricks-in-vista-and-2008.aspx
Title: Cool Auditing Tricks in Vista and 2008

Search URL Search Domain Scan URL

URL: http://blogs.technet.com/b/askds/archive/2008/03/27/one-stop-shop-for-auditing-in-windows-server-2008-and-windows-vista.aspx
Title: One-Stop Shop for Auditing in Windows Server 2008 and Windows Vista

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/library/hh849638.aspx
Title: What's New in Security Auditing

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/library/a9c25483-89e2-4202-881c-ea8e02b4b2a5.aspx
Title: AD DS Auditing Step-by-Step Guide

Search URL Search Domain Scan URL

URL: http://blogs.technet.com/b/askds/archive/2011/03/11/getting-the-effective-audit-policy-in-windows-7-and-2008-r2.aspx
Title: Getting the Effective Audit Policy in Windows 7 and 2008 R2

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/library/cc677002.aspx
Title: Microsoft Security Compliance Manager tool

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/kb/921469
Title: sample script

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/library/dd973862(prot.20).aspx
Title: Audit Option Type

Search URL Search Domain Scan URL

URL: https://social.technet.microsoft.com/wiki/contents/articles/advanced-security-auditing-in-windows-7-and-windows-server-2008-r2.aspx
Title: Advanced Security Auditing in Windows 7 and Windows Server 2008 R2

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/magazine/2008.03.auditing.aspx
Title: Auditing and Compliance in Windows Server 2008

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/library/dd408940(WS.10).aspx
Title: Advanced Security Audit Policy Step-by-Step Guide

Search URL Search Domain Scan URL

URL: https://windowsserver.uservoice.com/forums/295047-general-feedback
Title: This product

Search URL Search Domain Scan URL

URL: https://github.com/MicrosoftDocs/windowsserverdocs/issues/new?title=&body=%0A%0A%5BEnter%20feedback%20here%5D%0A%0A%0A---%0A%23%23%23%23%20Document%20Details%0A%0A%E2%9A%A0%20*Do%20not%20edit%20this%20section.%20It%20is%20required%20for%20docs.microsoft.com%20%E2%9E%9F%20GitHub%20issue%20linking.*%0A%0A*%20ID%3A%20a30a0c4e-08a6-e5b8-46e1-aec843bba140%0A*%20Version%20Independent%20ID%3A%203f07ffce-056f-ca89-9123-ac9e363b563e%0A*%20Content%3A%20%5BMonitoring%20Active%20Directory%20for%20Signs%20of%20Compromise%5D(https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2Fmonitoring-active-directory-for-signs-of-compromise)%0A*%20Content%20Source%3A%20%5BWindowsServerDocs%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2FMonitoring-Active-Directory-for-Signs-of-Compromise.md%5D(https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fwindowsserverdocs%2Fblob%2Fmaster%2FWindowsServerDocs%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2FMonitoring-Active-Directory-for-Signs-of-Compromise.md)%0A*%20Product%3A%20**windows-server**%0A*%20Technology%3A%20**identity-adds**%0A*%20GitHub%20Login%3A%20%40MicrosoftGuyJFlo%0A*%20Microsoft%20Alias%3A%20**joflore**
Title: GitHub

Search URL Search Domain Scan URL

URL: https://github.com/MicrosoftDocs/windowsserverdocs/issues?utf8=%E2%9C%93&q=%223f07ffce-056f-ca89-9123-ac9e363b563e%22&in=body
Title: View on GitHub

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy & Cookies

Search URL Search Domain Scan URL

URL: https://aka.ms/sitefeedback
Title: Site Feedback

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/legal/intellectualproperty/Trademarks/EN-US.aspx
Title: Trademarks

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=9D11129F686744B8A612A02D135CE611&RedC=c1.microsoft.com&MXFR=3DF85271435D6DC033485C62475D6B6E HTTP 302
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=9D11129F686744B8A612A02D135CE611&MUID=3DF85271435D6DC033485C62475D6B6E

Request Chain 22

https://github.com/MicrosoftGuyJFlo.png?size=32 HTTP 302
https://avatars0.githubusercontent.com/u/25777989?s=32&v=4

Request Chain 23

https://github.com/eross-msft.png?size=32 HTTP 302
https://avatars2.githubusercontent.com/u/15913126?s=32&v=4

Request Chain 24

https://github.com/DavidKuehn.png?size=32 HTTP 302
https://avatars2.githubusercontent.com/u/13112399?s=32&v=4

Request Chain 25

https://github.com/lizap.png?size=32 HTTP 302
https://avatars0.githubusercontent.com/u/7171858?s=32&v=4

Request Chain 26

https://github.com/billmath.png?size=32 HTTP 302
https://avatars2.githubusercontent.com/u/5277878?s=32&v=4

Request Chain 27

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=373983501&t=pageview&_s=1&dl=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2Fmonitoring-active-directory-for-signs-of-compromise&ul=en-us&de=UTF-8&dt=Monitoring%20Active%20Directory%20for%20Signs%20of%20Compromise%20%7C%20Microsoft%20Docs&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=2125605389&gjid=1031212459&cid=1908084514.1573668896&tid=UA-62780441-21&_gid=1638274593.1573668896&_r=1&cd2=off&cd3=Conceptual&z=693672676 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62780441-21&cid=1908084514.1573668896&jid=2125605389&_gid=1638274593.1573668896&gjid=1031212459&_v=j79&z=693672676

Request Chain 30

https://github.com/billmath.png?size=32 HTTP 302
https://avatars2.githubusercontent.com/u/5277878?s=32&v=4

Request Chain 31

https://github.com/eross-msft.png?size=32 HTTP 302
https://avatars2.githubusercontent.com/u/15913126?s=32&v=4

Request Chain 32

https://github.com/DavidKuehn.png?size=32 HTTP 302
https://avatars2.githubusercontent.com/u/13112399?s=32&v=4

Request Chain 33

https://github.com/lizap.png?size=32 HTTP 302
https://avatars0.githubusercontent.com/u/7171858?s=32&v=4

Request Chain 34

https://github.com/MicrosoftGuyJFlo.png?size=32 HTTP 302
https://avatars0.githubusercontent.com/u/25777989?s=32&v=4

35 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set monitoring-active-directory-for-signs-of-compromise Show response
docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/ 73 KB
24 KB 400ms
380ms Document
text/html 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

8a200650021c0d43985c5f23a482a55cbadea81244084bddcd5465fede3ab91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: docs.microsoft.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

ETag: "CsBWYXJ+gaegjUJowcyomWsjCzCccqvppnhP+YBHyas="
Request-Context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
X-Datacenter: wus
X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Rendering-Stack: Dynamic
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 24180
Cache-Control: public, max-age=580
Expires: Wed, 13 Nov 2019 18:24:35 GMT
Date: Wed, 13 Nov 2019 18:14:55 GMT
Connection: keep-alive
Set-Cookie: TiPMix=31.5205774882439; path=/; HttpOnly; Domain=docs.microsoft.com; Max-Age=3600 x-ms-routing-name=self; path=/; HttpOnly; Domain=docs.microsoft.com; Max-Age=3600
x-cache-hit: false

GET
H/1.1 200
OK bc2535e8.site-ltr.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 408 KB
56 KB 11ms
11ms Stylesheet
text/css 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/bc2535e8.site-ltr.css

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

7cab442749ae4a389e9dc3d375a47a337740cd14641ddea377d7c2fc623c6b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Connection: keep-alive
Content-Length: 56606
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Last-Modified: Sat, 09 Nov 2019 00:52:24 GMT
Cache-Control: max-age=196727
X-Datacenter: wus
X-Frame-Options: SAMEORIGIN
Date: Wed, 13 Nov 2019 18:14:55 GMT
Vary: Accept-Encoding
Content-Type: text/css
x-cache-hit: true
ETag: "0x8D764AF15CEB639"
Request-Context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
Expires: Sat, 16 Nov 2019 00:53:42 GMT

GET
H/1.1 200
OK b8d322.conceptual.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 4 KB
2 KB 24ms
12ms Stylesheet
text/css 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/b8d322.conceptual.css

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

38eeef872b2e4a14a35329a8556bf339bd55b08563017c1e2a51de8d9d9a745c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Connection: keep-alive
Content-Length: 1265
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Last-Modified: Wed, 06 Nov 2019 19:01:19 GMT
Cache-Control: max-age=130642
X-Datacenter: wus
X-Frame-Options: SAMEORIGIN
Date: Wed, 13 Nov 2019 18:14:55 GMT
Vary: Accept-Encoding
Content-Type: text/css
x-cache-hit: true
ETag: "0x8D762EBB599FA1B"
Request-Context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
Expires: Fri, 15 Nov 2019 06:32:17 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
30 KB 29ms
8ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8E87) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
Origin: https://docs.microsoft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 18:14:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 30394
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (frc/8E87)
etag: "80288516b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 5438e502.index-docs.js Show response
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/ 746 KB
194 KB 30ms
18ms Script
application/javascript 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

d22960810e466b9261b4e98673f7395549af77be5879094c9aff441dca2d9985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Connection: keep-alive
Content-Length: 197859
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Last-Modified: Tue, 12 Nov 2019 21:20:39 GMT
Cache-Control: max-age=529558
X-Datacenter: wus
X-Frame-Options: SAMEORIGIN
Date: Wed, 13 Nov 2019 18:14:55 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
x-cache-hit: true
ETag: "0x8D767B62A99D5BD"
Request-Context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
Expires: Tue, 19 Nov 2019 21:20:53 GMT

GET
H/1.1 200
OK contributor.svg
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/images/ 739 B
1 KB 22ms
10ms Image
image/svg+xml 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/images/contributor.svg

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

0d0aef55180c731be631c3754315c48ef73a5516be4ee442ce42cf0018ce047d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 415
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
Last-Modified: Mon, 12 Mar 2018 23:04:24 GMT
Cache-Control: max-age=430919
X-Datacenter: wus
X-Frame-Options: DENY
Date: Wed, 13 Nov 2019 18:14:55 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
x-cache-hit: true
ETag: "0x8D5886D98E04182"
Expires: Mon, 18 Nov 2019 17:56:54 GMT

GET
H/1.1 200
OK sad_5.gif
docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/media/monitoring-active-directory-for-signs-of-compromise/ 37 KB
38 KB 349ms
337ms Image
image/gif 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/media/monitoring-active-directory-for-signs-of-compromise/sad_5.gif

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

0148a64c6cc3c832ffc7d3a698fb8440ec7dd0213613ff840d88fd3d8e3469d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Connection: keep-alive
Content-Length: 38158
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
X-Rendering-Stack: Static
Last-Modified: Tue, 12 Mar 2019 20:42:39 GMT
Cache-Control: public, max-age=599
X-Datacenter: eus
Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
x-cache-hit: false
ETag: "0x8D6A72B4446ADAB"
Request-Context: appId=cid-v1:cd765a3e-2aba-43aa-b307-6e4b3b4be342
Expires: Wed, 13 Nov 2019 18:24:54 GMT

GET
H/1.1 200
OK sad_6.gif
docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/media/monitoring-active-directory-for-signs-of-compromise/ 39 KB
39 KB 260ms
260ms Image
image/gif 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/media/monitoring-active-directory-for-signs-of-compromise/sad_6.gif

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

6f41251e5cea6c7fcbb0476a30aea17d8d34a12f0d5bafd3cdbec894bff5c209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Connection: keep-alive
Content-Length: 39597
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
X-Rendering-Stack: Static
Last-Modified: Tue, 12 Mar 2019 20:42:39 GMT
Cache-Control: public, max-age=600
X-Datacenter: eus
Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Frame-Options: DENY
Content-Type: image/gif
x-cache-hit: true
ETag: "0x8D6A72B44485BA5"
Request-Context: appId=cid-v1:cd765a3e-2aba-43aa-b307-6e4b3b4be342
Expires: Wed, 13 Nov 2019 18:24:55 GMT

GET
H/1.1 200
OK sad_7.gif
docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/media/monitoring-active-directory-for-signs-of-compromise/ 55 KB
56 KB 162ms
139ms Image
image/gif 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/media/monitoring-active-directory-for-signs-of-compromise/sad_7.gif

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

b3276049c79673312589d11bcc87a26ce27f81ffa56db63d7af307c0882f6e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Connection: keep-alive
Content-Length: 56260
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
X-Rendering-Stack: Static
Last-Modified: Tue, 12 Mar 2019 20:42:39 GMT
Cache-Control: public, max-age=588
X-Datacenter: eus
Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
x-cache-hit: true
ETag: "0x8D6A72B444882B7"
Request-Context: appId=cid-v1:cd765a3e-2aba-43aa-b307-6e4b3b4be342
Expires: Wed, 13 Nov 2019 18:24:43 GMT

GET
H/1.1 200
OK TOC.json Show response
docs.microsoft.com/en-us/windows-server/identity/ 57 KB
11 KB 219ms
218ms Fetch
application/json 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/en-us/windows-server/identity/TOC.json

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

1c70e42327c7fb95244be028216bbfeb4c1c36746b5c5f88c5311da712f6cec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Connection: keep-alive
Content-Length: 10602
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
X-Rendering-Stack: Static
Last-Modified: Tue, 29 Oct 2019 14:11:04 GMT
Cache-Control: public, max-age=600
X-Datacenter: wus
X-Frame-Options: SAMEORIGIN
Date: Wed, 13 Nov 2019 18:14:55 GMT
Vary: Accept-Encoding
Content-Type: application/json
x-cache-hit: false
ETag: "0x8D75C79D61A986A"
Request-Context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
Expires: Wed, 13 Nov 2019 18:24:55 GMT

GET
H/1.1 200
OK toc.json Show response
docs.microsoft.com/en-us/windows-server/breadcrumbs/ 225 B
812 B 62ms
62ms Fetch
application/json 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/en-us/windows-server/breadcrumbs/toc.json

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

0343d2b9abd959c543b24f54dc259bf1887b5a2433f4eb347dbcfde0c8bf46cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
x-content-type-options: nosniff
Connection: keep-alive
Content-Length: 162
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
X-Rendering-Stack: Static
Last-Modified: Tue, 12 Mar 2019 20:42:49 GMT
Cache-Control: public, max-age=421
X-Datacenter: wus
X-Frame-Options: DENY
Date: Wed, 13 Nov 2019 18:14:55 GMT
Vary: Accept-Encoding
Content-Type: application/json
x-cache-hit: true
ETag: "0x8D6A72B4A4EE51F"
Request-Context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
Expires: Wed, 13 Nov 2019 18:21:56 GMT

GET
H2 200 jsll-4.js Show response
az725175.vo.msecnd.net/scripts/ 54 KB
18 KB 29ms
6ms Script
text/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F78) /
Resource Hash: e6bbfa4af18fb4f0e9c8a31d6654eac92d0f82dc895c6e5f49b54a8de51e5923

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Nov 2019 18:14:55 GMT
content-encoding: gzip
content-md5: Dy7dMa7nsOSUbofNz/X23A==
x-cache: HIT
status: 200
content-length: 18058
x-ms-lease-status: unlocked
last-modified: Thu, 14 Mar 2019 00:43:49 GMT
server: ECAcc (frc/8F78)
etag: 0x8D6A8161FD3B925
vary: Accept-Encoding
content-type: text/javascript; charset="utf-8"
x-ms-request-id: 1afe98e4-e01e-0024-1b4c-9a5665000000
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19

GET
H/1.1 200
OK cookieConsent Show response
docs.microsoft.com/api/privacy/ 1 KB
1 KB 410ms
410ms Fetch
application/json 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://docs.microsoft.com/api/privacy/cookieConsent?locale=en-us
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 0697461eab77841d6b64f7e609bd6edb86f4393825bd01398ee48a320f0d8809

Request headers

Sec-Fetch-Mode: cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 18:14:55 GMT
Content-Encoding: gzip
Cache-Control: max-age=0
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Expires: Wed, 13 Nov 2019 18:14:55 GMT
x-cache-hit: false
Connection: keep-alive
Content-Length: 829
Request-Context: appId=cid-v1:7fb2a082-1cb3-466c-9ec8-b99b10ef1f7c

GET
H/1.1 200
OK microsoft-logo-dark.png
docs.microsoft.com/en-us/media/ 4 KB
5 KB 10ms
10ms Image
image/png 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.microsoft.com/en-us/media/microsoft-logo-dark.png

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/bc2535e8.site-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Connection: keep-alive
Content-Length: 4054
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
X-Rendering-Stack: Static
Last-Modified: Tue, 23 Jul 2019 20:03:14 GMT
Cache-Control: public, max-age=326
X-Datacenter: wus
Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Frame-Options: DENY
Content-Type: image/png
x-cache-hit: true
ETag: "0x8D70FA8CC066FE2"
Request-Context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
Expires: Wed, 13 Nov 2019 18:20:21 GMT

GET
H/1.1 200
OK docons.92f75945.woff2
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 9 KB
10 KB 14ms
12ms Font
application/font-woff2 2a02:26f0:6c00:190::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/docons.92f75945.woff2

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:190::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

0ca12524081d20a289a200ab5963d69822746898c4ac0a79ef1e656ad54bf81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/bc2535e8.site-ltr.css
Origin: https://docs.microsoft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Connection: keep-alive
Content-Length: 9360
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Last-Modified: Sat, 09 Nov 2019 00:52:24 GMT
X-Datacenter: wus
Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2
x-cache-hit: true
Cache-Control: max-age=377180
ETag: "0x8D764AF15C761E8"
Request-Context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
Expires: Mon, 18 Nov 2019 03:01:15 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 25ms
6ms Font
font/woff2 2a02:26f0:6c00:297::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:297::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Sec-Fetch-Mode: cors
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/bc2535e8.site-ltr.css
Origin: https://docs.microsoft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 18:14:55 GMT
last-modified: Mon, 28 Oct 2019 18:13:11 GMT
etag: "225db5cbb8dd51:0"
status: 200
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=305359
accept-ranges: bytes
content-length: 34052
expires: Sun, 17 Nov 2019 07:04:14 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/semibold/ 29 KB
29 KB 20ms
11ms Font
font/woff2 2a02:26f0:6c00:297::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/semibold/latest.woff2
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:297::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Sec-Fetch-Mode: cors
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/bc2535e8.site-ltr.css
Origin: https://docs.microsoft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 18:14:55 GMT
last-modified: Mon, 28 Oct 2019 18:13:12 GMT
etag: "2bad5cbb8dd51:0"
status: 200
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=165076
accept-ranges: bytes
content-length: 29388
expires: Fri, 15 Nov 2019 16:06:11 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/bold/ 29 KB
30 KB 6ms
6ms Font
font/woff2 2a02:26f0:6c00:297::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/bold/latest.woff2
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:297::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

Sec-Fetch-Mode: cors
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/bc2535e8.site-ltr.css
Origin: https://docs.microsoft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 18:14:55 GMT
last-modified: Mon, 28 Oct 2019 18:13:11 GMT
etag: "a6bb35cbb8dd51:0"
status: 200
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=70852
accept-ranges: bytes
content-length: 30132
expires: Thu, 14 Nov 2019 13:55:47 GMT

GET
DATA 200
OK truncated
/ 112 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e302aa3c707c753f5d3ef0033470c39b167399e7c223d40ac5f71e9db49d683

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK t.js Show response
web.vortex.data.microsoft.com/collect/v1/ 260 B
909 B 117ms
28ms Script
application/javascript 40.77.226.250
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272019-11-13T18%3A14%3A55.573Z%27&os=%27MacOS%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%2737a12e07-c65c-457f-a22c-32d7e25d5b10%27&-pageName=%27a30a0c4e-08a6-e5b8-46e1-aec843bba140%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2Fmonitoring-active-directory-for-signs-of-compromise%27&-market=%27en-us%27&-pageType=%27conceptual%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22asst%22%3A%22a7ef2fba-b05c-4be2-93b2-b9456244c3ad%22%2C%22author%22%3A%22MicrosoftGuyJFlo%22%2C%22pgauth%22%3A%22joflore%22%2C%22manager%22%3A%22mtillman%22%2C%22pgtop%22%3A%22article%22%2C%22date%22%3A%2205%2F31%2F2017%22%2C%22technology%22%3A%22identity-adds%22%2C%22product%22%3A%22windows-server%22%2C%22depotname%22%3A%22MSDN.WindowsServerDocs-pr%22%2C%22publishtime%22%3A%222019-09-27%2010%3A32%20PM%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fwindowsserverdocs-pr%2Fblob%2F1ef166b70da4b246552f60fc15139ffae53df091%2FWindowsServerDocs%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2FMonitoring-Active-Directory-for-Signs-of-Compromise.md%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fwindowsserverdocs-pr%2Fblob%2Flive%2FWindowsServerDocs%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2FMonitoring-Active-Directory-for-Signs-of-Compromise.md%22%2C%22document_version_independent_id%22%3A%223f07ffce-056f-ca89-9123-ac9e363b563e%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Monitoring%20Active%20Directory%20for%20Signs%20of%20Compromise%20%7C%20Microsoft%20Docs%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.14%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-userConsent=false&$mscomCookies=false

Requested by

Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

657f9a21a3392fa6b5a0cbde5e9d927006a022410ed3891a8f322e8b524220ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 18:14:54 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: nMs0CoDKpU675Q1PP6fTZA.0
Content-Type: application/javascript
Content-Length: 260
Expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6078
date: Wed, 13 Nov 2019 16:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 13 Nov 2019 18:33:37 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 19 KB
7 KB 23ms
6ms Script
application/javascript 151.101.114.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.speedcurve.com/js/lux.js?id=409849828

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/5438e502.index-docs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Apache /

Resource Hash

01523477d69c89d8c375a54c13b53cfdb29ec43ce2d6f04ecd414093b0605060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
Origin: https://docs.microsoft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
age: 5376
x-cache: HIT
status: 200
content-length: 6478
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Wed, 13 Nov 2019 16:45:19 GMT
server: Apache
x-timer: S1573668896.597896,VS0,VE0
date: Wed, 13 Nov 2019 18:14:55 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 14 Nov 2019 16:45:19 GMT
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 201

GET
H2

200

c.gif
c1.microsoft.com/
Redirect Chain

https://c1.microsoft.com/c.gif?DI=4050&did=1&t=
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=9D11129F686744B8A612A02D135CE611&RedC=c1.microsoft.com&MXFR=3DF85271435D6DC033485C62475D6B6E
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=9D11129F686744B8A612A02D135CE611&MUID=3DF85271435D6DC033485C62475D6B6E

42 B
229 B

29ms
29ms

Image
image/gif

52.142.114.2
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=9D11129F686744B8A612A02D135CE611&MUID=3DF85271435D6DC033485C62475D6B6E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Nov 2019 18:14:55 GMT
etag: "5cc6c397186d51:0"
last-modified: Fri, 18 Oct 2019 22:15:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status: 200
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 13 Nov 2019 18:14:55 GMT
x-msedge-ref: Ref A: 71EBCCFFA4764506A34C686882A90C84 Ref B: VIEEDGE0415 Ref C: 2019-11-13T18:14:55Z
x-powered-by: ASP.NET
status: 302
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=9D11129F686744B8A612A02D135CE611&MUID=3DF85271435D6DC033485C62475D6B6E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

25777989
avatars0.githubusercontent.com/u/
Redirect Chain

https://github.com/MicrosoftGuyJFlo.png?size=32
https://avatars0.githubusercontent.com/u/25777989?s=32&v=4

956 B
2 KB

23ms
6ms

Image
image/jpeg

151.101.12.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars0.githubusercontent.com/u/25777989?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

3b64c20c7581b1805e4b69067f4395b8f8b03965caa337a6326d66a7a9d6b58c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID: 60d82cc5a695d2176bae1619ea15c79ed01198f3
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 956
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19126-FRA
Last-Modified: Fri, 09 Aug 2019 21:49:02 GMT
X-GitHub-Request-Id: F7DA:05A2:1271B0:16A534:5DB120AC
X-Timer: S1573668896.761412,VS0,VE1
X-Frame-Options: deny
Date: Wed, 13 Nov 2019 18:14:55 GMT
Source-Age: 1779570
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "470c002c91e224cf931424917f4bc6e59cb91fdf"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Wed, 13 Nov 2019 18:19:55 GMT

Redirect headers

Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Request-Id: a92427fa-6d88-4afd-a4f9-7c4d94109fa7
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: CDFC:BBA3:6580AB6:988426A:5DCC481F
X-Frame-Options: deny
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary: X-PJAX, Accept-Encoding
Content-Type: image/png; charset=utf-8
Location: https://avatars0.githubusercontent.com/u/25777989?s=32&v=4
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com

GET
H/1.1

200
OK

15913126
avatars2.githubusercontent.com/u/
Redirect Chain

https://github.com/eross-msft.png?size=32
https://avatars2.githubusercontent.com/u/15913126?s=32&v=4

919 B
2 KB

19ms
6ms

Image
image/jpeg

151.101.112.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars2.githubusercontent.com/u/15913126?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

3dca77ebde31d7d1f474cbaf656d3dc95963743bec093a10c1564be16233d40c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID: 5f9251a2c9ed62137d14a2107ee2e8e4fbc1cc84
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 160
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 919
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4062-HHN
Last-Modified: Thu, 27 Apr 2017 20:29:01 GMT
X-GitHub-Request-Id: 2702:076B:30B712:36BE81:5D2733FF
X-Timer: S1573668896.744264,VS0,VE0
X-Frame-Options: deny
Date: Wed, 13 Nov 2019 18:14:55 GMT
Source-Age: 10818593
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "9de805d458d009680e1dc33ee6b0a31f2a1f0458"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Wed, 13 Nov 2019 18:19:55 GMT

Redirect headers

Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Request-Id: a4686030-0cf1-498a-aef7-8f2e0c34672b
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: CDF8:BBA1:4A81C50:6FD89F2:5DCC481F
X-Frame-Options: deny
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary: X-PJAX, Accept-Encoding
Content-Type: image/png; charset=utf-8
Location: https://avatars2.githubusercontent.com/u/15913126?s=32&v=4
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com

GET
H/1.1

200
OK

13112399
avatars2.githubusercontent.com/u/
Redirect Chain

https://github.com/DavidKuehn.png?size=32
https://avatars2.githubusercontent.com/u/13112399?s=32&v=4

979 B
2 KB

20ms
8ms

Image
image/jpeg

151.101.112.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars2.githubusercontent.com/u/13112399?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

02ad5db01a48632c2b76c13d6e4667237725efb137742a4e728fdc117d26908a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID: 0158c36de50795d46f0c16ceff8f68865e3024ca
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 979
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4070-HHN
Last-Modified: Tue, 30 Jun 2015 04:01:28 GMT
X-GitHub-Request-Id: 4350:1386:9EE7E:B8026:5D12EFF6
X-Timer: S1573668896.744078,VS0,VE1
X-Frame-Options: deny
Date: Wed, 13 Nov 2019 18:14:55 GMT
Source-Age: 12146728
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "b9841c93b5df9c0d265b2b93b6d709f8c35e1b9d"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Wed, 13 Nov 2019 18:19:55 GMT

Redirect headers

Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Request-Id: 44385312-1cb6-45f9-a929-e605a6c22621
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: CDFA:33B3E:67083B1:99F9B0B:5DCC481F
X-Frame-Options: deny
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary: X-PJAX, Accept-Encoding
Content-Type: image/png; charset=utf-8
Location: https://avatars2.githubusercontent.com/u/13112399?s=32&v=4
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com

GET
H/1.1

200
OK

7171858
avatars0.githubusercontent.com/u/
Redirect Chain

https://github.com/lizap.png?size=32
https://avatars0.githubusercontent.com/u/7171858?s=32&v=4

906 B
2 KB

18ms
5ms

Image
image/jpeg

151.101.12.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars0.githubusercontent.com/u/7171858?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

7dc40fa97b9fbce7fbaa5acdf2c4be77cb8eb3dbeb931be8c5bd26247e16c901

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID: cd7dbb03a2506269c2adf4f1d8a9b4f73e0f876d
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 16
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 906
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19176-FRA
Last-Modified: Tue, 06 Jan 2015 00:30:45 GMT
X-GitHub-Request-Id: 697E:0740:450A6:5964B:5DA90768
X-Timer: S1573668896.762458,VS0,VE0
X-Frame-Options: deny
Date: Wed, 13 Nov 2019 18:14:55 GMT
Source-Age: 2310326
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "972e6fd7c137bc080a0b64df44ac9ff91b7f73fa"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Wed, 13 Nov 2019 18:19:55 GMT

Redirect headers

Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Request-Id: a7a4aa38-28c5-4749-bac5-c91289f6d7cb
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: CE00:45142:65456E4:984FBEE:5DCC481F
X-Frame-Options: deny
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary: X-PJAX, Accept-Encoding
Content-Type: image/png; charset=utf-8
Location: https://avatars0.githubusercontent.com/u/7171858?s=32&v=4
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com

GET
H/1.1

200
OK

5277878
avatars2.githubusercontent.com/u/
Redirect Chain

https://github.com/billmath.png?size=32
https://avatars2.githubusercontent.com/u/5277878?s=32&v=4

900 B
2 KB

20ms
5ms

Image
image/jpeg

151.101.112.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars2.githubusercontent.com/u/5277878?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

4bd01d291105b9e9d72135c1e50845b42229437660f291c34123014a595440ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID: 39619618a80b4ab5f3f15b8e11f1c78b3487fc6f
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 900
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4054-HHN
Last-Modified: Mon, 05 Jan 2015 22:36:08 GMT
X-GitHub-Request-Id: 0EA0:44C4:4C048:653D2:5D4E1F64
X-Timer: S1573668896.743771,VS0,VE0
X-Frame-Options: deny
Date: Wed, 13 Nov 2019 18:14:55 GMT
Source-Age: 8267963
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "f9021710d6304132711fc95a4143ba49d8d07308"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Wed, 13 Nov 2019 18:19:55 GMT

Redirect headers

Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Request-Id: 59c9b798-34e0-44d5-a89c-513cf2a35f81
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: CDFE:43E75:3AC6A87:58170FC:5DCC481F
X-Frame-Options: deny
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary: X-PJAX, Accept-Encoding
Content-Type: image/png; charset=utf-8
Location: https://avatars2.githubusercontent.com/u/5277878?s=32&v=4
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=373983501&t=pageview&_s=1&dl=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62780441-21&cid=1908084514.1573668896&jid=2125605389&_gid=1638274593.1573668896&gjid=1031212459&_v=j79&z=693672676

35 B
102 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c00::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62780441-21&cid=1908084514.1573668896&jid=2125605389&_gid=1638274593.1573668896&gjid=1031212459&_v=j79&z=693672676

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 13 Nov 2019 18:14:55 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Nov 2019 18:14:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62780441-21&cid=1908084514.1573668896&jid=2125605389&_gid=1638274593.1573668896&gjid=1031212459&_v=j79&z=693672676
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
lux.speedcurve.com/lux/ 46 B
219 B 32ms
8ms Script
application/javascript 151.101.14.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://lux.speedcurve.com/lux/?v=191&id=409849828&sid=157366889560225222&uid=157366889560225222&l=Monitoring%20Active%20Directory%20for%20Signs%20of%20Compromise%20%7C%20Microsoft%20Docs&NT=1573668894626fs0ds1de2cs2sc7ce20qs20bs400be405ol403oi546os546oe637oc769ls769le769sr652fc652&LJS=d1t15f6c0n22eNaNr50l951s975&PS=ns6bs2is1892ss2bc2ic0ia5it11dd10nd1111vh1200vw1585dh16918dw1593ds25005ct4G_er0nt0dm8&CPU=s|0,n|0,d|0,x|0,i|652&UT=LUX_end|977
Requested by: Host: cdn.speedcurve.com
URL: https://cdn.speedcurve.com/js/lux.js?id=409849828
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash: 6d256f2e075d759157e48e07eede23f643bfb7f41ff5ca65bde59930faa83343

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 18:14:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1573668896.635807,VS0,VE0
x-served-by: cache-fra19150-FRA
x-cache: HIT
content-type: application/javascript
status: 200
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK t.js Show response
web.vortex.data.microsoft.com/collect/v1/ 45 B
407 B 28ms
28ms Script
application/javascript 40.77.226.250
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.ContentUpdate%27&time=%272019-11-13T18%3A14%3A55.576Z%27&os=%27MacOS%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%2737a12e07-c65c-457f-a22c-32d7e25d5b10%27&-pageName=%27a30a0c4e-08a6-e5b8-46e1-aec843bba140%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2Fmonitoring-active-directory-for-signs-of-compromise%27&-market=%27en-us%27&-pageTags=%27%7B%22asst%22%3A%22a7ef2fba-b05c-4be2-93b2-b9456244c3ad%22%2C%22author%22%3A%22MicrosoftGuyJFlo%22%2C%22pgauth%22%3A%22joflore%22%2C%22manager%22%3A%22mtillman%22%2C%22pgtop%22%3A%22article%22%2C%22date%22%3A%2205%2F31%2F2017%22%2C%22technology%22%3A%22identity-adds%22%2C%22product%22%3A%22windows-server%22%2C%22depotname%22%3A%22MSDN.WindowsServerDocs-pr%22%2C%22publishtime%22%3A%222019-09-27%2010%3A32%20PM%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fwindowsserverdocs-pr%2Fblob%2F1ef166b70da4b246552f60fc15139ffae53df091%2FWindowsServerDocs%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2FMonitoring-Active-Directory-for-Signs-of-Compromise.md%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fwindowsserverdocs-pr%2Fblob%2Flive%2FWindowsServerDocs%2Fidentity%2Fad-ds%2Fplan%2Fsecurity-best-practices%2FMonitoring-Active-Directory-for-Signs-of-Compromise.md%22%2C%22document_version_independent_id%22%3A%223f07ffce-056f-ca89-9123-ac9e363b563e%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%2C%22timing%22%3A%22%7B%5C%22first-paint%5C%22%3A652.3899994790554%2C%5C%22first-contentful-paint%5C%22%3A652.3899994790554%2C%5C%22navigationStart%5C%22%3A1573668894626%2C%5C%22unloadEventStart%5C%22%3A0%2C%5C%22unloadEventEnd%5C%22%3A0%2C%5C%22redirectStart%5C%22%3A0%2C%5C%22redirectEnd%5C%22%3A0%2C%5C%22fetchStart%5C%22%3A1573668894626%2C%5C%22domainLookupStart%5C%22%3A1573668894627%2C%5C%22domainLookupEnd%5C%22%3A1573668894628%2C%5C%22connectStart%5C%22%3A1573668894628%2C%5C%22connectEnd%5C%22%3A1573668894646%2C%5C%22secureConnectionStart%5C%22%3A1573668894633%2C%5C%22requestStart%5C%22%3A1573668894646%2C%5C%22responseStart%5C%22%3A1573668895026%2C%5C%22responseEnd%5C%22%3A1573668895031%2C%5C%22domLoading%5C%22%3A1573668895029%2C%5C%22domInteractive%5C%22%3A1573668895172%2C%5C%22domContentLoadedEventStart%5C%22%3A1573668895172%2C%5C%22domContentLoadedEventEnd%5C%22%3A1573668895263%2C%5C%22domComplete%5C%22%3A1573668895395%2C%5C%22loadEventStart%5C%22%3A1573668895395%2C%5C%22loadEventEnd%5C%22%3A1573668895395%7D%22%7D%27&-pageHeight=16918&-vpHeight=1200&-vpWidth=1600&-behavior=0&-vScrollOffset=0&-hScrollOffset=0&-contentVer=%272.0%27&-content=%27%5B%5D%27&*baseType=%27Ms.Content.ContentUpdate%27&*title=%27Monitoring%20Active%20Directory%20for%20Signs%20of%20Compromise%20%7C%20Microsoft%20Docs%27&*cookieEnabled=true&*isJs=true&*isDomComplete=true&*isLoggedIn=false&*pageLoadTime=769&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.14%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-msfpc=%27GUID%3D0ca86ca57bf1430b99f49b9c32ff1ef8%26HASH%3D0ca8%26LV%3D201911%26V%3D4%26LU%3D1573668895679%27&ext-javascript-userConsent=false&$mscomCookies=false

Requested by

Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 18:14:54 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: GxU6CA35XESWE6eYKxscFQ.0
Content-Type: application/javascript
Content-Length: 45
Expires: 0

GET
H/1.1

200
OK

5277878
avatars2.githubusercontent.com/u/
Redirect Chain

https://github.com/billmath.png?size=32
https://avatars2.githubusercontent.com/u/5277878?s=32&v=4

900 B
2 KB

5ms
5ms

Image
image/jpeg

151.101.112.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars2.githubusercontent.com/u/5277878?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

4bd01d291105b9e9d72135c1e50845b42229437660f291c34123014a595440ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID: d38de7ce07199d8f8f1ff3c71f0fb824801b4b81
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 2
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 900
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4070-HHN
Last-Modified: Mon, 05 Jan 2015 22:36:08 GMT
X-GitHub-Request-Id: 0EA0:44C4:4C048:653D2:5D4E1F64
X-Timer: S1573668896.145102,VS0,VE0
X-Frame-Options: deny
Date: Wed, 13 Nov 2019 18:14:56 GMT
Source-Age: 8267963
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "f9021710d6304132711fc95a4143ba49d8d07308"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Wed, 13 Nov 2019 18:19:56 GMT

Redirect headers

Date: Wed, 13 Nov 2019 18:14:56 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Request-Id: 21be57a5-c503-4a90-9fac-504ac0bbab49
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: CE00:45142:65456FF:984FC10:5DCC481F
X-Frame-Options: deny
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary: X-PJAX, Accept-Encoding
Content-Type: image/png; charset=utf-8
Location: https://avatars2.githubusercontent.com/u/5277878?s=32&v=4
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com

GET
H/1.1

200
OK

15913126
avatars2.githubusercontent.com/u/
Redirect Chain

https://github.com/eross-msft.png?size=32
https://avatars2.githubusercontent.com/u/15913126?s=32&v=4

919 B
2 KB

5ms
5ms

Image
image/jpeg

151.101.112.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars2.githubusercontent.com/u/15913126?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

3dca77ebde31d7d1f474cbaf656d3dc95963743bec093a10c1564be16233d40c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID: 25771288ccb90ac588b80baaa603fce5af3d0530
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 2
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 919
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4070-HHN
Last-Modified: Thu, 27 Apr 2017 20:29:01 GMT
X-GitHub-Request-Id: 2702:076B:30B712:36BE81:5D2733FF
X-Timer: S1573668896.878293,VS0,VE0
X-Frame-Options: deny
Date: Wed, 13 Nov 2019 18:14:55 GMT
Source-Age: 10818593
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "9de805d458d009680e1dc33ee6b0a31f2a1f0458"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Wed, 13 Nov 2019 18:19:55 GMT

Redirect headers

Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Request-Id: ad336c05-952a-4f37-acd3-124be6c2a296
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: CDFC:BBA3:6580AD6:9884291:5DCC481F
X-Frame-Options: deny
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary: X-PJAX, Accept-Encoding
Content-Type: image/png; charset=utf-8
Location: https://avatars2.githubusercontent.com/u/15913126?s=32&v=4
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com

GET
H/1.1

200
OK

13112399
avatars2.githubusercontent.com/u/
Redirect Chain

https://github.com/DavidKuehn.png?size=32
https://avatars2.githubusercontent.com/u/13112399?s=32&v=4

979 B
2 KB

6ms
5ms

Image
image/jpeg

151.101.112.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars2.githubusercontent.com/u/13112399?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

02ad5db01a48632c2b76c13d6e4667237725efb137742a4e728fdc117d26908a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID: cc04a9b87b1dee2d1f6852b2a3276088b6e83e0e
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 2
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 979
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4070-HHN
Last-Modified: Tue, 30 Jun 2015 04:01:28 GMT
X-GitHub-Request-Id: 4350:1386:9EE7E:B8026:5D12EFF6
X-Timer: S1573668896.159016,VS0,VE0
X-Frame-Options: deny
Date: Wed, 13 Nov 2019 18:14:56 GMT
Source-Age: 12146728
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "b9841c93b5df9c0d265b2b93b6d709f8c35e1b9d"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Wed, 13 Nov 2019 18:19:56 GMT

Redirect headers

Date: Wed, 13 Nov 2019 18:14:56 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Request-Id: 29d455c2-141e-4571-a95b-09008437b723
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: CDFA:33B3E:67083D4:99F9B3A:5DCC481F
X-Frame-Options: deny
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary: X-PJAX, Accept-Encoding
Content-Type: image/png; charset=utf-8
Location: https://avatars2.githubusercontent.com/u/13112399?s=32&v=4
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com

GET
H/1.1

200
OK

7171858
avatars0.githubusercontent.com/u/
Redirect Chain

https://github.com/lizap.png?size=32
https://avatars0.githubusercontent.com/u/7171858?s=32&v=4

906 B
2 KB

6ms
5ms

Image
image/jpeg

151.101.12.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars0.githubusercontent.com/u/7171858?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

7dc40fa97b9fbce7fbaa5acdf2c4be77cb8eb3dbeb931be8c5bd26247e16c901

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID: 2c92e042bf21e7ef6933017a4126d7a027bece11
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 17
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 906
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19176-FRA
Last-Modified: Tue, 06 Jan 2015 00:30:45 GMT
X-GitHub-Request-Id: 697E:0740:450A6:5964B:5DA90768
X-Timer: S1573668896.888626,VS0,VE0
X-Frame-Options: deny
Date: Wed, 13 Nov 2019 18:14:55 GMT
Source-Age: 2310326
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "972e6fd7c137bc080a0b64df44ac9ff91b7f73fa"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Wed, 13 Nov 2019 18:19:55 GMT

Redirect headers

Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Request-Id: 624ac6ba-7754-4a26-91be-53dc3e1617c5
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: CDF8:BBA1:4A81C6E:6FD8A16:5DCC481F
X-Frame-Options: deny
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary: X-PJAX, Accept-Encoding
Content-Type: image/png; charset=utf-8
Location: https://avatars0.githubusercontent.com/u/7171858?s=32&v=4
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com

GET
H/1.1

200
OK

25777989
avatars0.githubusercontent.com/u/
Redirect Chain

https://github.com/MicrosoftGuyJFlo.png?size=32
https://avatars0.githubusercontent.com/u/25777989?s=32&v=4

956 B
2 KB

6ms
6ms

Image
image/jpeg

151.101.12.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars0.githubusercontent.com/u/25777989?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

3b64c20c7581b1805e4b69067f4395b8f8b03965caa337a6326d66a7a9d6b58c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID: a5203fe749bd378c17d5240b406f6fede30f5f09
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 956
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19176-FRA
Last-Modified: Fri, 09 Aug 2019 21:49:02 GMT
X-GitHub-Request-Id: F7DA:05A2:1271B0:16A534:5DB120AC
X-Timer: S1573668896.895007,VS0,VE0
X-Frame-Options: deny
Date: Wed, 13 Nov 2019 18:14:55 GMT
Source-Age: 1779570
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "470c002c91e224cf931424917f4bc6e59cb91fdf"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Wed, 13 Nov 2019 18:19:55 GMT

Redirect headers

Date: Wed, 13 Nov 2019 18:14:55 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Request-Id: 2be9fe0d-5afa-466f-9038-b684c8003aec
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: CDFE:43E75:3AC6A9C:581710F:5DCC481F
X-Frame-Options: deny
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary: X-PJAX, Accept-Encoding
Content-Type: image/png; charset=utf-8
Location: https://avatars0.githubusercontent.com/u/25777989?s=32&v=4
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.docs.microsoft.com/	1970-01-19 05:07:52	Name: x-ms-routing-name Value: self
			.docs.microsoft.com/	1970-01-19 05:07:52	Name: TiPMix Value: 31.5205774882439

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
avatars0.githubusercontent.com
avatars2.githubusercontent.com
az725175.vo.msecnd.net
c.bing.com
c.s-microsoft.com
c1.microsoft.com
cdn.speedcurve.com
docs.microsoft.com
github.com
lux.speedcurve.com
stats.g.doubleclick.net
web.vortex.data.microsoft.com
www.google-analytics.com
140.82.118.4
151.101.112.133
151.101.114.217
151.101.12.133
151.101.14.217
152.199.19.160
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:400c:c00::9a
2a02:26f0:6c00:190::353e
2a02:26f0:6c00:297::356e
40.77.226.250
52.142.114.2
0148a64c6cc3c832ffc7d3a698fb8440ec7dd0213613ff840d88fd3d8e3469d9
01523477d69c89d8c375a54c13b53cfdb29ec43ce2d6f04ecd414093b0605060
02ad5db01a48632c2b76c13d6e4667237725efb137742a4e728fdc117d26908a
0343d2b9abd959c543b24f54dc259bf1887b5a2433f4eb347dbcfde0c8bf46cd
0697461eab77841d6b64f7e609bd6edb86f4393825bd01398ee48a320f0d8809
0ca12524081d20a289a200ab5963d69822746898c4ac0a79ef1e656ad54bf81b
0d0aef55180c731be631c3754315c48ef73a5516be4ee442ce42cf0018ce047d
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c70e42327c7fb95244be028216bbfeb4c1c36746b5c5f88c5311da712f6cec3
38eeef872b2e4a14a35329a8556bf339bd55b08563017c1e2a51de8d9d9a745c
3b64c20c7581b1805e4b69067f4395b8f8b03965caa337a6326d66a7a9d6b58c
3dca77ebde31d7d1f474cbaf656d3dc95963743bec093a10c1564be16233d40c
4bd01d291105b9e9d72135c1e50845b42229437660f291c34123014a595440ad
4e302aa3c707c753f5d3ef0033470c39b167399e7c223d40ac5f71e9db49d683
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
657f9a21a3392fa6b5a0cbde5e9d927006a022410ed3891a8f322e8b524220ba
6d256f2e075d759157e48e07eede23f643bfb7f41ff5ca65bde59930faa83343
6f41251e5cea6c7fcbb0476a30aea17d8d34a12f0d5bafd3cdbec894bff5c209
7cab442749ae4a389e9dc3d375a47a337740cd14641ddea377d7c2fc623c6b30
7dc40fa97b9fbce7fbaa5acdf2c4be77cb8eb3dbeb931be8c5bd26247e16c901
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a200650021c0d43985c5f23a482a55cbadea81244084bddcd5465fede3ab91e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b3276049c79673312589d11bcc87a26ce27f81ffa56db63d7af307c0882f6e56
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
d22960810e466b9261b4e98673f7395549af77be5879094c9aff441dca2d9985
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e6bbfa4af18fb4f0e9c8a31d6654eac92d0f82dc895c6e5f49b54a8de51e5923

docs.microsoft.com Open in urlscan Pro 2a02:26f0:6c00:190::353e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

38 %IPv6

10 Domains

14 Subdomains

12 IPs

5 Countries

620 kBTransfer

1737 kBSize

2 Cookies

27 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

docs.microsoft.com Open in urlscan Pro
2a02:26f0:6c00:190::353e Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

14
Subdomains

12
IPs

5
Countries

620 kB
Transfer

1737 kB
Size

2
Cookies

35 HTTP transactions
1 data transactions