urlscan.io logo urlscan.io
SecurityTrails logo

docs.microsoft.com Open in urlscan Pro
2a02:26f0:6c00:299::353e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://azure.microsoft.com/email/?destination=https%3A%2F%2Faka.ms%2Fatasaguide-recsamr&p=bT1kNmI3ZmY1Ny1lMDIzLTQ0NGEtYjI1M...
Effective URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Submission: On February 25 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2a02:26f0:6c00:299::353e, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is docs.microsoft.com.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on October 8th 2020. Valid for: a year.
This is the only time docs.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2620:1ec:21::16 8068 (MICROSOFT...)
1 1 23.211.149.25 16625 (AKAMAI-AS)
3 14 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2620:1ec:bdf::19 8068 (MICROSOFT...)
3 3 140.82.121.3 36459 (GITHUB)
3 185.199.109.133 54113 (FASTLY)
3 40.77.226.250 8075 (MICROSOFT...)
18 5
1    2620:1ec:21::16 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
azure.microsoft.com
1    23.211.149.25 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-149-25.deploy.static.akamaitechnologies.com
aka.ms
14    2a02:26f0:6c00:299::353e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
docs.microsoft.com
1    2620:1ec:bdf::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wcpstatic.microsoft.com
3    140.82.121.3 (United States)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-3-fra.github.com
github.com
3    185.199.109.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-133.github.com
avatars.githubusercontent.com
3    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
Domain Requested by
14 docs.microsoft.com 3 redirects docs.microsoft.com
3 web.vortex.data.microsoft.com docs.microsoft.com
3 avatars.githubusercontent.com docs.microsoft.com
3 github.com 3 redirects
1 wcpstatic.microsoft.com docs.microsoft.com
1 aka.ms 1 redirects
1 azure.microsoft.com 1 redirects
18 7
Subject Issuer Validity Valid
docs.microsoft.com
Microsoft RSA TLS CA 01		 2020-10-08 -
2021-10-08		 a year crt.sh
wcpstatic.microsoft.com
DigiCert SHA2 Secure Server CA		 2020-09-15 -
2021-09-15		 a year crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh
*.vortex.data.microsoft.com
Microsoft RSA TLS CA 02		 2020-10-05 -
2021-10-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Frame ID: 0AE5318E0C0B7804B7821D65E90C9991
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://azure.microsoft.com/email/?destination=https%3A%2F%2Faka.ms%2Fatasaguide-recsamr&p=bT1kNmI3ZmY1N... HTTP 302
    https://aka.ms/atasaguide-recsamr HTTP 301
    https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts HTTP 301
    https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts HTTP 301
    https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts Page URL

Page Statistics

18
Requests

100 %
HTTPS

43 %
IPv6

4
Domains

7
Subdomains

5
IPs

3
Countries

688 kB
Transfer

2467 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://azure.microsoft.com/email/?destination=https%3A%2F%2Faka.ms%2Fatasaguide-recsamr&p=bT1kNmI3ZmY1Ny1lMDIzLTQ0NGEtYjI1Mi0yNzNhZjJiZDU1OWImdT1hZW8mbD1hdGFzYWd1aWRlLXJlY3NhbXI%3D HTTP 302
    https://aka.ms/atasaguide-recsamr HTTP 301
    https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts HTTP 301
    https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts HTTP 301
    https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://github.com/shsagir.png?size=32 HTTP 302
  • https://avatars.githubusercontent.com/u/51323195?s=32&v=4
Request Chain 7
  • https://github.com/DCtheGeek.png?size=32 HTTP 302
  • https://avatars.githubusercontent.com/u/11442954?s=32&v=4
Request Chain 8
  • https://github.com/msmbaldwin.png?size=32 HTTP 302
  • https://avatars.githubusercontent.com/u/5092332?s=32&v=4
Request Chain 10
  • https://docs.microsoft.com/en-us/azure-advanced-threat-protection/bread/toc.json HTTP 301
  • https://docs.microsoft.com/en-us/defender-for-identity/bread/toc.json

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request reconnaissance-alerts
docs.microsoft.com/en-us/defender-for-identity/
Redirect Chain
  • https://azure.microsoft.com/email/?destination=https%3A%2F%2Faka.ms%2Fatasaguide-recsamr&p=bT1kNmI3ZmY1Ny1lMDIzLTQ0NGEtYjI1Mi0yNzNhZjJiZDU1OWImdT1hZW8mbD1hdGFzYWd1aWRlLXJlY3NhbXI%3D
  • https://aka.ms/atasaguide-recsamr
  • https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
  • https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts
  • https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
62 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed5af206903b26c0b6d79e268ffc482cb7bc406727eb6f0d7cd6e9ca31c918f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
docs.microsoft.com
:scheme
https
:path
/en-us/defender-for-identity/reconnaissance-alerts
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
original_req_url=https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

etag
"uw040VZCx8aFVyOPKkYYVMdiKtgB0DwCcU7Ec0LpHnQ="
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
x-datacenter
wus
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-rendering-stack
Dynamic
content-type
text/html
content-encoding
gzip
vary
Accept-Encoding
content-length
18775
cache-control
public, max-age=463
expires
Thu, 25 Feb 2021 17:35:15 GMT
date
Thu, 25 Feb 2021 17:27:32 GMT
akamai-cache-status
RefreshHit from child, RefreshHit from parent
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}

Redirect headers

location
/en-us/defender-for-identity/reconnaissance-alerts
request-context
appId=cid-v1:cd765a3e-2aba-43aa-b307-6e4b3b4be342
x-datacenter
eus
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
0
cache-control
public, max-age=495
expires
Thu, 25 Feb 2021 17:35:47 GMT
date
Thu, 25 Feb 2021 17:27:32 GMT
set-cookie
original_req_url=https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts; expires=Thu, 25-Feb-2021 17:27:37 GMT
akamai-cache-status
Miss from child
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
97269d6d.site-ltr.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 		421 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/97269d6d.site-ltr.css
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
12375c8e126fdda964f203c3e8183a5df59e2054e1af730df5073024bf776d6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length
60064
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Wed, 24 Feb 2021 04:54:12 GMT
x-datacenter
eus
x-frame-options
SAMEORIGIN
date
Thu, 25 Feb 2021 17:27:32 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
text/css
cache-control
public, max-age=473278
etag
"0x8D8D8803AC3BF18"
akamai-cache-status
Hit from child
request-context
appId=cid-v1:cd765a3e-2aba-43aa-b307-6e4b3b4be342
expires
Wed, 03 Mar 2021 04:55:30 GMT
a96de1e1.conceptual.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/a96de1e1.conceptual.css
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
017c7ffa64c1935ed55f2ef613831f0e0985f95c2b8be2297e1dc34bd3a26158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length
1074
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Wed, 17 Feb 2021 20:55:40 GMT
x-datacenter
eus
x-frame-options
SAMEORIGIN
date
Thu, 25 Feb 2021 17:27:32 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
text/css
cache-control
public, max-age=360061
etag
"0x8D8D38662A4E601"
akamai-cache-status
Hit from child
request-context
appId=cid-v1:cd765a3e-2aba-43aa-b307-6e4b3b4be342
expires
Mon, 01 Mar 2021 21:28:33 GMT
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/ 		249 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
208edbed32b2adac9446df83caa4a093a261492ba6b8b3bcfe6a75efb8b70294

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Feb 2021 17:27:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-md5
OLdpUi3Q5MKZjJA0pU4XTg==
age
8312
x-cache
HIT
content-length
75124
x-ms-lease-status
unlocked
last-modified
Wed, 14 Oct 2020 22:31:12 GMT
etag
0x8D87090DB39FE9E
x-azure-ref
0BN43YAAAAADgNJqgQZw4Ro0THg5WPrtaRlJBRURHRTEwMTQAMzliNDYxNTctY2I5ZS00OWI3LWE2NWEtODcyMmEzZjgyNGU0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9b19402e-001e-002f-8088-0b2f5f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
jsll-4.js
docs.microsoft.com/static/third-party/jsll/4.3.4/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/static/third-party/jsll/4.3.4/jsll-4.js
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
589303ca15fba4fe95432dbb456ff614d0f2ad12d99f8671f0443a7f0cf48dff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=15768000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-md5
IR4SO1k0ZPP+9o8LbgASeg==
content-length
19421
etag
0x8D8D395EE81CF35
x-ms-lease-status
unlocked
last-modified
Wed, 17 Feb 2021 22:46:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date
Thu, 25 Feb 2021 17:27:32 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f636644b-601e-0016-7185-050e0c000000
cache-control
max-age=30866906
x-ms-version
2009-09-19
akamai-cache-status
Hit from child
expires
Thu, 17 Feb 2022 23:35:58 GMT
f0a172e9.index-polyfills.js
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/f0a172e9.index-polyfills.js
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7a60ec0d58695cafc9ff030feb16568b817d711ab6acf9bdaf9e223311cf90b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length
6192
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Wed, 17 Feb 2021 20:55:40 GMT
x-datacenter
eus
x-frame-options
SAMEORIGIN
date
Thu, 25 Feb 2021 17:27:32 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/javascript
cache-control
public, max-age=290849
etag
"0x8D8D3866277DA4B"
akamai-cache-status
Hit from child
request-context
appId=cid-v1:cd765a3e-2aba-43aa-b307-6e4b3b4be342
expires
Mon, 01 Mar 2021 02:15:01 GMT
8c3bc838.index-docs.js
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/ 		1 MB
343 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/8c3bc838.index-docs.js
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a1120f5c1c55d78d9805a8c85978a4e3e9a4f9022cde69e5363a2785cfd6b102
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length
349359
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Thu, 25 Feb 2021 07:56:29 GMT
x-datacenter
wus
x-frame-options
SAMEORIGIN
date
Thu, 25 Feb 2021 17:27:32 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/javascript
cache-control
public, max-age=570540
etag
"0x8D8D962DC3190B0"
akamai-cache-status
Hit from child
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Thu, 04 Mar 2021 07:56:32 GMT
51323195
avatars.githubusercontent.com/u/
Redirect Chain
  • https://github.com/shsagir.png?size=32
  • https://avatars.githubusercontent.com/u/51323195?s=32&v=4
995 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.githubusercontent.com/u/51323195?s=32&v=4
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-133.github.com
Software
/
Resource Hash
b3724bb570b85fcabe6dc497f945cd6eff6c77fea4083e776d1e17b8acd858f1
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
8493062b716b194c4685abe709ec659e11e327e6
content-security-policy
default-src 'none'
via
1.1 varnish
x-content-type-options
nosniff
x-cache
HIT
x-cache-hits
1
vary
Authorization,Accept-Encoding
content-length
995
x-xss-protection
1; mode=block
x-served-by
cache-cph20639-CPH
last-modified
Mon, 03 Jun 2019 11:37:45 GMT
x-github-request-id
21FE:03A6:5EBEA:6689D:6024A232
x-timer
S1614274053.132250,VS0,VE255
x-frame-options
deny
date
Thu, 25 Feb 2021 17:27:33 GMT
source-age
1260498
strict-transport-security
max-age=31557600
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
etag
"c180d3bbac1849e7626f8c6e5640d17200cf04f628f343fbc22aded27260edd0"
accept-ranges
bytes
timing-allow-origin
https://github.com
expires
Thu, 25 Feb 2021 17:32:33 GMT

Redirect headers

date
Thu, 25 Feb 2021 17:27:29 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
GitHub.com
x-github-request-id
247A:85D6:B9E734:D6B584:6037DE04
x-frame-options
deny
expect-ct
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
content-type
text/html; charset=utf-8
location
https://avatars.githubusercontent.com/u/51323195?s=32&v=4
cache-control
no-cache
x-content-type-options
nosniff
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com user-images.githubusercontent.com/ *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker-5029ae85.js gist.github.com/socket-worker-5029ae85.js
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-length
127
x-xss-protection
1; mode=block
11442954
avatars.githubusercontent.com/u/
Redirect Chain
  • https://github.com/DCtheGeek.png?size=32
  • https://avatars.githubusercontent.com/u/11442954?s=32&v=4
1009 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.githubusercontent.com/u/11442954?s=32&v=4
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-133.github.com
Software
/
Resource Hash
9e22171ee92d512b0cbc341a91a7a3d3de8695a02217bd3d63f7c04096440a94
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
e9d4a0122e70fe460959db3a2c3edd90368bd98a
content-security-policy
default-src 'none'
via
1.1 varnish
x-content-type-options
nosniff
x-cache
HIT
x-cache-hits
3869
vary
Authorization,Accept-Encoding
content-length
1009
x-xss-protection
1; mode=block
x-served-by
cache-cph20639-CPH
last-modified
Mon, 12 Feb 2018 16:29:42 GMT
x-github-request-id
5F56:E686:C3A15A:CE6ECA:60248388
x-timer
S1614274053.132261,VS0,VE0
x-frame-options
deny
date
Thu, 25 Feb 2021 17:27:33 GMT
source-age
1268347
strict-transport-security
max-age=31557600
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
etag
"73f0791d24bde3933f5c0f4b7f772dac64e75d8746df25bacf4365c48d0df04c"
accept-ranges
bytes
timing-allow-origin
https://github.com
expires
Thu, 25 Feb 2021 17:32:33 GMT

Redirect headers

date
Thu, 25 Feb 2021 17:25:54 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
GitHub.com
x-github-request-id
247A:85D6:B9E734:D6B585:6037DE04
x-frame-options
deny
expect-ct
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
content-type
text/html; charset=utf-8
location
https://avatars.githubusercontent.com/u/11442954?s=32&v=4
cache-control
no-cache
x-content-type-options
nosniff
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com user-images.githubusercontent.com/ *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker-5029ae85.js gist.github.com/socket-worker-5029ae85.js
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-length
127
x-xss-protection
1; mode=block
5092332
avatars.githubusercontent.com/u/
Redirect Chain
  • https://github.com/msmbaldwin.png?size=32
  • https://avatars.githubusercontent.com/u/5092332?s=32&v=4
883 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.githubusercontent.com/u/5092332?s=32&v=4
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-133.github.com
Software
/
Resource Hash
d8b310346be355b8344f3e5bf4cdb209644792c0b9ab06c2cde3020f0d97c3a7
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
b9627af9978e99d55a68c384a2f8e9e7914cc621
content-security-policy
default-src 'none'
via
1.1 varnish
x-content-type-options
nosniff
x-cache
HIT
x-cache-hits
2
vary
Authorization,Accept-Encoding
content-length
883
x-xss-protection
1; mode=block
x-served-by
cache-cph20639-CPH
last-modified
Wed, 11 Feb 2015 20:10:25 GMT
x-github-request-id
197C:152B:FD09F:1149DA:60372D13
x-timer
S1614274053.132357,VS0,VE0
x-frame-options
deny
date
Thu, 25 Feb 2021 17:27:33 GMT
source-age
45297
strict-transport-security
max-age=31557600
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
etag
"8c3a7ab937bc2268b4697ecaf0b77a687e9cbc73651d8660ab624abf09b9b01d"
accept-ranges
bytes
timing-allow-origin
https://github.com
expires
Thu, 25 Feb 2021 17:32:33 GMT

Redirect headers

date
Thu, 25 Feb 2021 17:27:28 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
GitHub.com
x-github-request-id
247A:85D6:B9E73F:D6B58E:6037DE04
x-frame-options
deny
expect-ct
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
content-type
text/html; charset=utf-8
location
https://avatars.githubusercontent.com/u/5092332?s=32&v=4
cache-control
no-cache
x-content-type-options
nosniff
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com user-images.githubusercontent.com/ *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker-5029ae85.js gist.github.com/socket-worker-5029ae85.js
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-length
126
x-xss-protection
1; mode=block
toc.json
docs.microsoft.com/en-us/defender-for-identity/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/en-us/defender-for-identity/toc.json
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/8c3bc838.index-docs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d62533ec85fb90929535ba9e4f57eb77876c06a62652af1e0eea172e544ec5f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length
2186
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-rendering-stack
Static
last-modified
Thu, 18 Feb 2021 10:57:36 GMT
x-datacenter
wus
x-frame-options
SAMEORIGIN
date
Thu, 25 Feb 2021 17:27:33 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/json
cache-control
public, max-age=600
etag
"0x8D8D3FC008B39C1"
akamai-cache-status
RefreshHit from child, RefreshHit from parent
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Thu, 25 Feb 2021 17:37:33 GMT
toc.json
docs.microsoft.com/en-us/defender-for-identity/bread/
Redirect Chain
  • https://docs.microsoft.com/en-us/azure-advanced-threat-protection/bread/toc.json
  • https://docs.microsoft.com/en-us/defender-for-identity/bread/toc.json
883 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/en-us/defender-for-identity/bread/toc.json
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e1baace653d97de8e40591f9edc1e3f9aa3868266b21fefe3d3f7dc23163ba2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length
446
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-rendering-stack
Static
last-modified
Thu, 03 Dec 2020 08:51:54 GMT
x-datacenter
wus
x-frame-options
SAMEORIGIN
date
Thu, 25 Feb 2021 17:27:33 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/json
cache-control
public, max-age=600
etag
"0x8D89768AF1F957A"
akamai-cache-status
RefreshHit from child, RefreshHit from parent
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Thu, 25 Feb 2021 17:37:33 GMT

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
x-datacenter
wus
date
Thu, 25 Feb 2021 17:27:33 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
location
/en-us/defender-for-identity/bread/toc.json
cache-control
public, max-age=572
x-ua-compatible
IE=edge
akamai-cache-status
Miss from child
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 25 Feb 2021 17:37:05 GMT
truncated
/ 		193 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fb59b19860d20c40569c44f5cca62c7d101017ac2509997ed0c6f96ced1164c

Request headers

Origin
https://docs.microsoft.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
docons.ccbc4d6f.woff2
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/docons.ccbc4d6f.woff2
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/97269d6d.site-ltr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e409c7ae0953eda5e86e46893ddff4ecfba3eeadf8dee5a17da766e621efc4e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://docs.microsoft.com
Referer
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/97269d6d.site-ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length
12176
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Wed, 24 Feb 2021 04:54:12 GMT
x-datacenter
eus
date
Thu, 25 Feb 2021 17:27:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
font/woff2
cache-control
public, max-age=489808
etag
"0x8D8D8803ABAE3DB"
akamai-cache-status
Hit from child
request-context
appId=cid-v1:cd765a3e-2aba-43aa-b307-6e4b3b4be342
expires
Wed, 03 Mar 2021 09:31:00 GMT
SegoeUI-Roman-VF_web.woff2
docs.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/ 		116 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/SegoeUI-Roman-VF_web.woff2
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/97269d6d.site-ltr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
63c12051016796d92bcf4bc20b4881057475e6dfa4937c29c9e16054814ab47d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Origin
https://docs.microsoft.com
Referer
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/97269d6d.site-ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=15768000 ; includeSubDomains
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-md5
vKlyGNyjyxXOAoTLy0UokA==
content-length
118288
etag
0x8D8B8210FE8D1A9
x-ms-lease-status
unlocked
last-modified
Thu, 14 Jan 2021 00:12:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date
Thu, 25 Feb 2021 17:27:32 GMT
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
44a036ef-401e-00a0-2389-ed00f4000000
cache-control
max-age=28229619
x-ms-version
2009-09-19
akamai-cache-status
Hit from child
expires
Tue, 18 Jan 2022 11:01:11 GMT
latest.woff2
docs.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://docs.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/latest.woff2
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/97269d6d.site-ltr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Origin
https://docs.microsoft.com
Referer
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/97269d6d.site-ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=15768000 ; includeSubDomains
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-md5
KDXuKBsHfKiscoVwIAfIlA==
content-length
27624
etag
0x8D86BD35C93CDB0
x-ms-lease-status
unlocked
last-modified
Thu, 08 Oct 2020 21:44:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date
Thu, 25 Feb 2021 17:27:32 GMT
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
1eca5dcd-401e-0089-6b24-ae76b6000000
cache-control
max-age=21259323
x-ms-version
2009-09-19
akamai-cache-status
Hit from child
expires
Fri, 29 Oct 2021 18:49:35 GMT
t.js
web.vortex.data.microsoft.com/collect/v1/ 		281 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-02-25T17%3A27%3A33.038Z%27&os=%27MacOS%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%27945ff2ab-98b0-41f5-9e32-2a58c8d7be91%27&-pageName=%2752af70b6-86d4-5dd4-0c17-d4e0a5f6e0ed%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%23user-and-group-membership-reconnaissance-samr-external-id-2021%27&-market=%27en-us%27&-pageType=%27conceptual%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22author%22%3A%22shsagir%22%2C%22depotname%22%3A%22MSDN.ATPDocs%22%2C%22document_version_independent_id%22%3A%2263d594b0-4656-1938-98da-da5494321df9%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Fa79de41209ba8ec12969eca406801fcd9dab8c07%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22manager%22%3A%22shsagir%22%2C%22pgauth%22%3A%22shsagir%22%2C%22collection%22%3A%22M365-security-compliance%22%2C%22date%22%3A%2212%2F23%2F2020%22%2C%22pgsrvcs%22%3A%22microsoft-defender-for-identity%22%2C%22suite%22%3A%22ems%22%2C%22pgtop%22%3A%22tutorial%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Flive%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22publishtime%22%3A%222020-12-23%2004%3A15%20PM%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Microsoft%20Defender%20for%20Identity%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/static/third-party/jsll/4.3.4/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f89efa8490a2ee0b4602b11fd2b95aae65b49773bf222f01479a0c78d80aec3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 17:27:32 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
l0yhaJAfRUuFFKte7cygjg.0
Content-Type
application/javascript
Content-Length
281
Expires
0
t.js
web.vortex.data.microsoft.com/collect/v1/ 		45 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.ContentUpdate%27&time=%272021-02-25T17%3A27%3A33.454Z%27&os=%27MacOS%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%27945ff2ab-98b0-41f5-9e32-2a58c8d7be91%27&-pageName=%2752af70b6-86d4-5dd4-0c17-d4e0a5f6e0ed%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%23user-and-group-membership-reconnaissance-samr-external-id-2021%27&-market=%27en-us%27&-pageTags=%27%7B%22author%22%3A%22shsagir%22%2C%22depotname%22%3A%22MSDN.ATPDocs%22%2C%22document_version_independent_id%22%3A%2263d594b0-4656-1938-98da-da5494321df9%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Fa79de41209ba8ec12969eca406801fcd9dab8c07%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22manager%22%3A%22shsagir%22%2C%22pgauth%22%3A%22shsagir%22%2C%22collection%22%3A%22M365-security-compliance%22%2C%22date%22%3A%2212%2F23%2F2020%22%2C%22pgsrvcs%22%3A%22microsoft-defender-for-identity%22%2C%22suite%22%3A%22ems%22%2C%22pgtop%22%3A%22tutorial%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Flive%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22publishtime%22%3A%222020-12-23%2004%3A15%20PM%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%2C%22timing%22%3A%22%7B%5C%22first-paint%5C%22%3A1050.5599975585938%2C%5C%22first-contentful-paint%5C%22%3A1050.5599975585938%2C%5C%22navigationStart%5C%22%3A1614274052019%2C%5C%22unloadEventStart%5C%22%3A0%2C%5C%22unloadEventEnd%5C%22%3A0%2C%5C%22redirectStart%5C%22%3A0%2C%5C%22redirectEnd%5C%22%3A0%2C%5C%22fetchStart%5C%22%3A1614274052453%2C%5C%22domainLookupStart%5C%22%3A1614274052453%2C%5C%22domainLookupEnd%5C%22%3A1614274052453%2C%5C%22connectStart%5C%22%3A1614274052453%2C%5C%22connectEnd%5C%22%3A1614274052453%2C%5C%22secureConnectionStart%5C%22%3A0%2C%5C%22requestStart%5C%22%3A1614274052454%2C%5C%22responseStart%5C%22%3A1614274052603%2C%5C%22responseEnd%5C%22%3A1614274052620%2C%5C%22domLoading%5C%22%3A1614274052607%2C%5C%22domInteractive%5C%22%3A1614274052868%2C%5C%22domContentLoadedEventStart%5C%22%3A1614274052868%2C%5C%22domContentLoadedEventEnd%5C%22%3A1614274053055%2C%5C%22domComplete%5C%22%3A1614274053403%2C%5C%22loadEventStart%5C%22%3A1614274053403%2C%5C%22loadEventEnd%5C%22%3A1614274053403%7D%22%7D%27&-pageHeight=10412&-vpHeight=1200&-vpWidth=1600&-behavior=0&-vScrollOffset=7549&-hScrollOffset=0&-contentVer=%272.0%27&-content=%27%5B%5D%27&*baseType=%27Ms.Content.ContentUpdate%27&*title=%27Microsoft%20Defender%20for%20Identity%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs%27&*cookieEnabled=true&*isJs=true&*isDomComplete=true&*isLoggedIn=false&*pageLoadTime=1384&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-msfpc=%27GUID%3D9a48a7ea72e64d33831d644d98ae6fd1%26HASH%3D9a48%26LV%3D202102%26V%3D4%26LU%3D1614274053224%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/static/third-party/jsll/4.3.4/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 17:27:32 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
p1CEX7nxG0K4Cjmzyw528Q.0
Content-Type
application/javascript
Content-Length
45
Expires
0
t.js
web.vortex.data.microsoft.com/collect/v1/ 		45 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.ContentUpdate%27&time=%272021-02-25T17%3A27%3A33.755Z%27&os=%27MacOS%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%27945ff2ab-98b0-41f5-9e32-2a58c8d7be91%27&-pageName=%2752af70b6-86d4-5dd4-0c17-d4e0a5f6e0ed%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%23user-and-group-membership-reconnaissance-samr-external-id-2021%27&-market=%27en-us%27&-pageTags=%27%7B%22author%22%3A%22shsagir%22%2C%22depotname%22%3A%22MSDN.ATPDocs%22%2C%22document_version_independent_id%22%3A%2263d594b0-4656-1938-98da-da5494321df9%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Fa79de41209ba8ec12969eca406801fcd9dab8c07%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22manager%22%3A%22shsagir%22%2C%22pgauth%22%3A%22shsagir%22%2C%22collection%22%3A%22M365-security-compliance%22%2C%22date%22%3A%2212%2F23%2F2020%22%2C%22pgsrvcs%22%3A%22microsoft-defender-for-identity%22%2C%22suite%22%3A%22ems%22%2C%22pgtop%22%3A%22tutorial%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Flive%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22publishtime%22%3A%222020-12-23%2004%3A15%20PM%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%7D%27&-pageHeight=10412&-vpHeight=1200&-vpWidth=1600&-actionType=%27S%27&-behavior=0&-vScrollOffset=7549&-hScrollOffset=0&-contentVer=%272.0%27&-content=%27%5B%5D%27&*baseType=%27Ms.Content.ContentUpdate%27&*title=%27Microsoft%20Defender%20for%20Identity%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs%27&*cookieEnabled=true&*isJs=true&*isDomComplete=false&*isLoggedIn=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-msfpc=%27GUID%3D9a48a7ea72e64d33831d644d98ae6fd1%26HASH%3D9a48%26LV%3D202102%26V%3D4%26LU%3D1614274053224%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/static/third-party/jsll/4.3.4/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 17:27:33 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
2mTDax57NECDzgK4It/3qw.0
Content-Type
application/javascript
Content-Length
45
Expires
0

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| msDocs function| WcpConsent function| mscc object| awa object| jsllAwa object| __core-js_shared__ object| core function| applyFocusVisiblePolyfill object| litHtmlVersions function| __assign function| __extends function| setTheme

4 Cookies

Domain/Path Name / Value
docs.microsoft.com/ Name: MSFPC
Value: GUID=9a48a7ea72e64d33831d644d98ae6fd1&HASH=9a48&LV=202102&V=4&LU=1614274053224
.microsoft.com/ Name: MS0
Value: 17f1b31c9cdb456994b5f19cfdd8387b
.microsoft.com/ Name: MC1
Value: GUID=9a48a7ea72e64d33831d644d98ae6fd1&HASH=9a48&LV=202102&V=4&LU=1614274053224
docs.microsoft.com/en-us/defender-for-identity Name: original_req_url
Value: https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aka.ms
avatars.githubusercontent.com
azure.microsoft.com
docs.microsoft.com
github.com
wcpstatic.microsoft.com
web.vortex.data.microsoft.com
140.82.121.3
185.199.109.133
23.211.149.25
2620:1ec:21::16
2620:1ec:bdf::19
2a02:26f0:6c00:299::353e
40.77.226.250
017c7ffa64c1935ed55f2ef613831f0e0985f95c2b8be2297e1dc34bd3a26158
12375c8e126fdda964f203c3e8183a5df59e2054e1af730df5073024bf776d6a
208edbed32b2adac9446df83caa4a093a261492ba6b8b3bcfe6a75efb8b70294
2fb59b19860d20c40569c44f5cca62c7d101017ac2509997ed0c6f96ced1164c
589303ca15fba4fe95432dbb456ff614d0f2ad12d99f8671f0443a7f0cf48dff
63c12051016796d92bcf4bc20b4881057475e6dfa4937c29c9e16054814ab47d
7a60ec0d58695cafc9ff030feb16568b817d711ab6acf9bdaf9e223311cf90b7
9e22171ee92d512b0cbc341a91a7a3d3de8695a02217bd3d63f7c04096440a94
a1120f5c1c55d78d9805a8c85978a4e3e9a4f9022cde69e5363a2785cfd6b102
b3724bb570b85fcabe6dc497f945cd6eff6c77fea4083e776d1e17b8acd858f1
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
d62533ec85fb90929535ba9e4f57eb77876c06a62652af1e0eea172e544ec5f3
d8b310346be355b8344f3e5bf4cdb209644792c0b9ab06c2cde3020f0d97c3a7
e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f
e1baace653d97de8e40591f9edc1e3f9aa3868266b21fefe3d3f7dc23163ba2c
e409c7ae0953eda5e86e46893ddff4ecfba3eeadf8dee5a17da766e621efc4e8
ed5af206903b26c0b6d79e268ffc482cb7bc406727eb6f0d7cd6e9ca31c918f1
f89efa8490a2ee0b4602b11fd2b95aae65b49773bf222f01479a0c78d80aec3c