docs.microsoft.com
urlscan Pro

2a02:26f0:6c00:29b::353e

Go To Report Rescan

Submitted URL:
https://aka.ms/atasaguide-recsamr
Effective URL:
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Submission: On April 08 via api (April 8th 2021, 9:20:30 am) from US

Summary HTTP 25 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 25 HTTP transactions. The main IP is 2a02:26f0:6c00:29b::353e, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is docs.microsoft.com.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on October 8th 2020. Valid for: a year.

This is the only time docs.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.211.149.25 23.211.149.25	16625 (AKAMAI-AS) (AKAMAI-AS)
3 13	2a02:26f0:6c0... 2a02:26f0:6c00:29b::353e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:29::19 2620:1ec:29::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	140.82.121.3 140.82.121.3	36459 (GITHUB) (GITHUB)
4	185.199.108.133 185.199.108.133	54113 (FASTLY) (FASTLY)
3	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
1	52.31.179.168 52.31.179.168	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
25	10

1 23.211.149.25 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-149-25.deploy.static.akamaitechnologies.com

aka.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:6c00:29b::353e (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)

docs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wcpstatic.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 140.82.121.3 (United States) 4 redirects

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-3-fra.github.com

github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.199.108.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-133.github.com

avatars.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.179.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-179-168.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c1.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Domain Subdomains	Transfer
19	microsoft.com 4 redirects docs.microsoft.com wcpstatic.microsoft.com web.vortex.data.microsoft.com c1.microsoft.com	656 KB
4	avatars.githubusercontent.com .avatars.githubusercontent.com	6 KB
4	github.com 4 redirects .github.com	9 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	bing.com 1 redirects c.bing.com	626 B
1	doubleclick.net stats.g.doubleclick.net	444 B
1	usabilla.com w.usabilla.com	13 KB
1	speedcurve.com cdn.speedcurve.com	7 KB
1	azure.com js.monitor.azure.com	80 KB
1	aka.ms 1 redirects .aka.ms	588 B
25	10

	Domain	Requested by
13	docs.microsoft.com	3 redirects docs.microsoft.com
4	avatars.githubusercontent.com	docs.microsoft.com
4	github.com	4 redirects
3	web.vortex.data.microsoft.com	docs.microsoft.com
2	c1.microsoft.com	1 redirects
2	www.google-analytics.com	docs.microsoft.com www.google-analytics.com
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	w.usabilla.com	docs.microsoft.com
1	cdn.speedcurve.com	docs.microsoft.com
1	js.monitor.azure.com	docs.microsoft.com
1	wcpstatic.microsoft.com	docs.microsoft.com
1	aka.ms	1 redirects
25	13

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
github.com
twitter.com
www.linkedin.com
www.facebook.com
aka.ms
go.microsoft.com

Subject Issuer	Validity	Valid
docs.microsoft.com Microsoft RSA TLS CA 01	`2020-10-08` - `2021-10-08`	a year	crt.sh
wcpstatic.microsoft.com DigiCert SHA2 Secure Server CA	`2020-09-15` - `2021-09-15`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 01	`2021-04-01` - `2022-03-27`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.vortex.data.microsoft.com Microsoft RSA TLS CA 02	`2020-10-05` - `2021-10-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-12-09` - `2022-01-10`	a year	crt.sh
w.usabilla.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
c.msn.com Microsoft RSA TLS CA 02	`2021-02-03` - `2022-02-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Frame ID: 56B5377059C71BDEB30CAD104C54BEF2
Requests: 25 HTTP requests in this frame

Frame: https://w.usabilla.com/cd99660205c0.js?lv=1
Frame ID: 2D033A73D90E3C57CAA1E6DDE22822AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://aka.ms/atasaguide-recsamr HTTP 301
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts HTTP 301
https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts HTTP 301
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

25
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

13
Subdomains

10
IPs

4
Countries

779 kB
Transfer

3114 kB
Size

11
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/
Title:

Search URL Search Domain

URL: https://github.com/Microsoft/ATADocs/blob/master/ATPDocs/reconnaissance-alerts.md
Title: Edit

Search URL Search Domain

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%3FWT.mc_id%3Dtwitter&text=Microsoft%20Defender%20for%20Identity%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs&tw_p=tweetbutton&url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%3FWT.mc_id%3Dtwitter
Title: Twitter

Search URL Search Domain

URL: https://www.linkedin.com/cws/share?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%3FWT.mc_id%3Dlinkedin
Title: LinkedIn

Search URL Search Domain

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%3FWT.mc_id%3Dfacebook
Title: Facebook

Search URL Search Domain

URL: https://github.com/dcurwin
Title: d

Search URL Search Domain

URL: https://github.com/shsagir
Title: s

Search URL Search Domain

URL: https://github.com/DCtheGeek
Title: D

Search URL Search Domain

URL: https://github.com/msmbaldwin
Title: m

Search URL Search Domain

URL: https://aka.ms/MDIcommunity
Title: Check out the Defender for Identity forum!

Search URL Search Domain

URL: https://github.com/MicrosoftDocs/atadocs/issues/new?title=&body=%0A%0A%5BEnter%20feedback%20here%5D%0A%0A%0A---%0A%23%23%23%23%20Document%20Details%0A%0A%E2%9A%A0%20*Do%20not%20edit%20this%20section.%20It%20is%20required%20for%20docs.microsoft.com%20%E2%9E%9F%20GitHub%20issue%20linking.*%0A%0A*%20ID%3A%2052af70b6-86d4-5dd4-0c17-d4e0a5f6e0ed%0A*%20Version%20Independent%20ID%3A%2063d594b0-4656-1938-98da-da5494321df9%0A*%20Content%3A%20%5BMicrosoft%20Defender%20for%20Identity%20reconnaissance%20phase%20security%20alerts%5D(https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%23user-and-group-membership-reconnaissance-samr-external-id-2021)%0A*%20Content%20Source%3A%20%5BATPDocs%2Freconnaissance-alerts.md%5D(https%3A%2F%2Fgithub.com%2FMicrosoft%2FATADocs%2Fblob%2Fmaster%2FATPDocs%2Freconnaissance-alerts.md)%0A*%20Service%3A%20**microsoft-defender-for-identity**%0A*%20GitHub%20Login%3A%20%40dcurwin%0A*%20Microsoft%20Alias%3A%20**dacurwin**
Title: This page

Search URL Search Domain

URL: https://github.com/MicrosoftDocs/atadocs/issues?utf8=%E2%9C%93&q=%2263d594b0-4656-1938-98da-da5494321df9%22&in=body
Title: View all page feedback

Search URL Search Domain

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy & Cookies

Search URL Search Domain

URL: https://www.microsoft.com/en-us/legal/intellectualproperty/Trademarks/EN-US.aspx
Title: Trademarks

Search URL Search Domain

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aka.ms/atasaguide-recsamr HTTP 301
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts HTTP 301
https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts HTTP 301
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://github.com/dcurwin.png?size=32 HTTP 302
https://avatars.githubusercontent.com/u/45630879?s=32&v=4

Request Chain 7

https://github.com/shsagir.png?size=32 HTTP 302
https://avatars.githubusercontent.com/u/51323195?s=32&v=4

Request Chain 8

https://github.com/DCtheGeek.png?size=32 HTTP 302
https://avatars.githubusercontent.com/u/11442954?s=32&v=4

Request Chain 9

https://github.com/msmbaldwin.png?size=32 HTTP 302
https://avatars.githubusercontent.com/u/5092332?s=32&v=4

Request Chain 11

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/bread/toc.json HTTP 301
https://docs.microsoft.com/en-us/defender-for-identity/bread/toc.json

Request Chain 23

https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=0A8B4C8E0D0649549AD38971AE3F3089&RedC=c1.microsoft.com&MXFR=21E0C691E7E164C81341D682E3E16284 HTTP 302
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=0A8B4C8E0D0649549AD38971AE3F3089&MUID=21E0C691E7E164C81341D682E3E16284

25 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request reconnaissance-alerts Show response
docs.microsoft.com/en-us/defender-for-identity/
Redirect Chain

https://aka.ms/atasaguide-recsamr
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts
https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

62 KB
19 KB

294ms
294ms

Document
text/html

2a02:26f0:6c00:29b::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29b::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e09044b6ebd184c1d93a36955554801e3dd0de45902957ae758f11d38a7e90aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: docs.microsoft.com
:scheme: https
:path: /en-us/defender-for-identity/reconnaissance-alerts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: original_req_url=https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts; ARRAffinity=08511c5b89e4ee33e142d8363ecb30b40f78605b32942a2eb99a85a4d4f71be1; ARRAffinitySameSite=08511c5b89e4ee33e142d8363ecb30b40f78605b32942a2eb99a85a4d4f71be1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

etag: "jVARAhW71VAeJxyQlTzi852PqhKLI+SZxBm3la9FoAE="
request-context: appId=cid-v1:b1c5b6ea-7ff0-41d3-9862-84c5e1dc3be7
x-datacenter: wus
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rendering-stack: Dynamic
content-type: text/html
content-encoding: gzip
vary: Accept-Encoding
content-length: 18664
cache-control: public, max-age=573
expires: Thu, 08 Apr 2021 09:30:05 GMT
date: Thu, 08 Apr 2021 09:20:32 GMT
akamai-cache-status: RefreshHit from child, RefreshHit from parent
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}

Redirect headers

location: /en-us/defender-for-identity/reconnaissance-alerts
request-context: appId=cid-v1:b1c5b6ea-7ff0-41d3-9862-84c5e1dc3be7
x-datacenter: wus
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
cache-control: public, max-age=599
expires: Thu, 08 Apr 2021 09:30:31 GMT
date: Thu, 08 Apr 2021 09:20:32 GMT
set-cookie: ARRAffinity=08511c5b89e4ee33e142d8363ecb30b40f78605b32942a2eb99a85a4d4f71be1;Path=/;HttpOnly;Secure;Domain=docs.microsoft.com ARRAffinitySameSite=08511c5b89e4ee33e142d8363ecb30b40f78605b32942a2eb99a85a4d4f71be1;Path=/;HttpOnly;SameSite=None;Secure;Domain=docs.microsoft.com original_req_url=https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts; expires=Thu, 08-Apr-2021 09:20:37 GMT
akamai-cache-status: Miss from child
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}

GET
H2 200 c4620546.site-ltr.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 456 KB
64 KB 23ms
22ms Stylesheet
text/css 2a02:26f0:6c00:29b::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/c4620546.site-ltr.css

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29b::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a90f82e335987ace1c58512038d5305e15db5c6e9ab4d56aa0166ac9068166a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length: 64638
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 06 Apr 2021 19:37:36 GMT
x-datacenter: eus
x-frame-options: SAMEORIGIN
date: Thu, 08 Apr 2021 09:20:32 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: text/css
cache-control: public, max-age=469045
etag: "0x8D8F9336E5A8141"
akamai-cache-status: Hit from child
request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
expires: Tue, 13 Apr 2021 19:37:57 GMT

GET
H2 200 wcp-consent.js Show response
wcpstatic.microsoft.com/mscc/lib/v2/ 51 KB
13 KB 78ms
25ms Script
application/javascript 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 919dca34db91911735f214ed2cff5e08f37459d94a364afb3df187baf1f77aff

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Apr 2021 09:20:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-md5: 1SASGSEzi1FltZlq3xaTHA==
age: 22709
x-cache: HIT
content-length: 12802
x-ms-lease-status: unlocked
last-modified: Wed, 14 Oct 2020 22:31:33 GMT
etag: 0x8D87090E7569F4F
x-azure-ref: 04MpuYAAAAABFnwsvK2bYQ5O6HBNRVQI+TE9OMjFFREdFMDExNQAzOWI0NjE1Ny1jYjllLTQ5YjctYTY1YS04NzIyYTNmODI0ZTQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2a4f9c58-801e-008f-1f23-2ce939000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 ms.jsll-3.js Show response
js.monitor.azure.com/next/1/ 546 KB
80 KB 76ms
22ms Script
text/javascript 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/next/1/ms.jsll-3.js
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2d0b92b1d2fce763f8bd451518617e4e3154a16ff62e03e8e3fa858ce7b216bf

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:20:32 GMT
content-encoding: br
x-ms-meta-jssdkver: 3.1.0
last-modified: Mon, 05 Apr 2021 16:07:42 GMT
x-ms-meta-jssdksrc: [cdn]/next/1/ms.jsll-3.1.0.js
content-md5: UvcHHjZ72DmkhUeo741rhg==
etag: 0x8D8F84CF157AD8A
x-azure-ref: 04MpuYAAAAADMIgWba69RSJ1GaaeYpAcoTE9OMjFFREdFMDIxOABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 24e09c73-901e-000a-4f55-2c4cc2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19

GET
H2 200 jsll-4.js Show response
docs.microsoft.com/static/third-party/jsll/4.3.4/ 64 KB
20 KB 28ms
27ms Script
application/x-javascript 2a02:26f0:6c00:29b::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/static/third-party/jsll/4.3.4/jsll-4.js

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29b::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

589303ca15fba4fe95432dbb456ff614d0f2ad12d99f8671f0443a7f0cf48dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15768000 ; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-md5: IR4SO1k0ZPP+9o8LbgASeg==
content-length: 19421
etag: 0x8D8D395EE81CF35
x-ms-lease-status: unlocked
last-modified: Wed, 17 Feb 2021 22:46:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date: Thu, 08 Apr 2021 09:20:32 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f636644b-601e-0016-7185-050e0c000000
cache-control: max-age=27267354
x-ms-version: 2009-09-19
akamai-cache-status: Hit from child
expires: Thu, 17 Feb 2022 23:36:26 GMT

GET
H2 200 8a64e446.index-polyfills.js Show response
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/ 9 KB
4 KB 36ms
35ms Script
application/javascript 2a02:26f0:6c00:29b::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/8a64e446.index-polyfills.js

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29b::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aa7dd71eebadc1039eea7308114eae927fb442b27d701a670db43c5da5b551f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length: 3802
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 06 Apr 2021 23:27:07 GMT
x-datacenter: eus
x-frame-options: SAMEORIGIN
date: Thu, 08 Apr 2021 09:20:32 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/javascript
cache-control: public, max-age=514097
etag: "0x8D8F9537EA91F16"
akamai-cache-status: Hit from child
request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
expires: Wed, 14 Apr 2021 08:08:49 GMT

GET
H2 200 e6a01691.index-docs.js Show response
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/ 2 MB
371 KB 41ms
40ms Script
application/javascript 2a02:26f0:6c00:29b::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/e6a01691.index-docs.js

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29b::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5999a851d1a42ab4d079bb742761ecaf51b1244478b6c1214b27445148ec1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length: 378411
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Wed, 07 Apr 2021 18:35:04 GMT
x-datacenter: eus
x-frame-options: SAMEORIGIN
date: Thu, 08 Apr 2021 09:20:32 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/javascript
cache-control: public, max-age=551636
etag: "0x8D8F9F3DC6E2094"
akamai-cache-status: Hit from child
request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
expires: Wed, 14 Apr 2021 18:34:28 GMT

GET
H2

200

45630879?s=32&v=4
avatars.githubusercontent.com/u/
Redirect Chain

https://github.com/dcurwin.png?size=32
https://avatars.githubusercontent.com/u/45630879?s=32&v=4

2 KB
2 KB

50ms
15ms

Image
image/png

185.199.108.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars.githubusercontent.com/u/45630879?s=32&v=4

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-133.github.com

Software

Resource Hash

8aa1dc6925eae0e2fe988565c5d516e9c434de842e00651af76f0cf669f887f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: e822b510a826b6985e0eceb786b0b2707fea6b0d
content-security-policy: default-src 'none'
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT
x-cache-hits: 1
vary: Authorization,Accept-Encoding
content-length: 1677
x-xss-protection: 1; mode=block
x-served-by: cache-ams21028-AMS
last-modified: Sun, 31 Mar 2019 08:11:41 GMT
x-github-request-id: EE2C:B911:2F3896:327E9A:60650F63
x-timer: S1617873633.957153,VS0,VE1
x-frame-options: deny
date: Thu, 08 Apr 2021 09:20:32 GMT
source-age: 637821
strict-transport-security: max-age=31557600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
etag: "577a53b3a41a7aa7842b9c1cadf88c06647a0b7c66b0c670df3c616d4f1bbcae"
accept-ranges: bytes
timing-allow-origin: https://github.com
expires: Thu, 08 Apr 2021 09:25:32 GMT

Redirect headers

date: Thu, 08 Apr 2021 09:18:49 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
x-github-request-id: 5F5C:8090:73184F:7FA2C9:606ECAE0
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With
content-type: text/html; charset=utf-8
location: https://avatars.githubusercontent.com/u/45630879?s=32&v=4
cache-control: no-cache
x-content-type-options: nosniff
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com secured-user-images.githubusercontent.com/ *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker-3f088aa2.js gist.github.com/socket-worker-3f088aa2.js
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 127
x-xss-protection: 0

GET
H2

200

51323195?s=32&v=4
avatars.githubusercontent.com/u/
Redirect Chain

https://github.com/shsagir.png?size=32
https://avatars.githubusercontent.com/u/51323195?s=32&v=4

995 B
1 KB

51ms
16ms

Image
image/jpeg

185.199.108.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars.githubusercontent.com/u/51323195?s=32&v=4

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-133.github.com

Software

Resource Hash

b3724bb570b85fcabe6dc497f945cd6eff6c77fea4083e776d1e17b8acd858f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 1a1b988e397997c8808a5acfb0562a11f4c872f9
content-security-policy: default-src 'none'
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT
x-cache-hits: 1
vary: Authorization,Accept-Encoding
content-length: 995
x-xss-protection: 1; mode=block
x-served-by: cache-ams21028-AMS
last-modified: Mon, 03 Jun 2019 11:37:45 GMT
x-github-request-id: BA06:0861:1169A16:131DB0D:6049816B
x-timer: S1617873633.957338,VS0,VE1
x-frame-options: deny
date: Thu, 08 Apr 2021 09:20:32 GMT
source-age: 2443638
strict-transport-security: max-age=31557600
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
etag: "c180d3bbac1849e7626f8c6e5640d17200cf04f628f343fbc22aded27260edd0"
accept-ranges: bytes
timing-allow-origin: https://github.com
expires: Thu, 08 Apr 2021 09:25:32 GMT

Redirect headers

date: Thu, 08 Apr 2021 09:19:35 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
x-github-request-id: 5F5C:8090:73184F:7FA2CA:606ECAE0
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With
content-type: text/html; charset=utf-8
location: https://avatars.githubusercontent.com/u/51323195?s=32&v=4
cache-control: no-cache
x-content-type-options: nosniff
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com secured-user-images.githubusercontent.com/ *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker-3f088aa2.js gist.github.com/socket-worker-3f088aa2.js
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 127
x-xss-protection: 0

GET
H2

200

11442954?s=32&v=4
avatars.githubusercontent.com/u/
Redirect Chain

https://github.com/DCtheGeek.png?size=32
https://avatars.githubusercontent.com/u/11442954?s=32&v=4

1009 B
2 KB

49ms
15ms

Image
image/jpeg

185.199.108.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars.githubusercontent.com/u/11442954?s=32&v=4

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-133.github.com

Software

Resource Hash

9e22171ee92d512b0cbc341a91a7a3d3de8695a02217bd3d63f7c04096440a94

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 2e8820727c2eb421898b367674d454f0543d45ab
content-security-policy: default-src 'none'
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT
x-cache-hits: 396
vary: Authorization,Accept-Encoding
content-length: 1009
x-xss-protection: 1; mode=block
x-served-by: cache-ams21028-AMS
last-modified: Mon, 12 Feb 2018 16:29:42 GMT
x-github-request-id: 968A:91F2:32E83B:34E661:604AB002
x-timer: S1617873633.957316,VS0,VE0
x-frame-options: deny
date: Thu, 08 Apr 2021 09:20:32 GMT
source-age: 2366174
strict-transport-security: max-age=31557600
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
etag: "73f0791d24bde3933f5c0f4b7f772dac64e75d8746df25bacf4365c48d0df04c"
accept-ranges: bytes
timing-allow-origin: https://github.com
expires: Thu, 08 Apr 2021 09:25:32 GMT

Redirect headers

date: Thu, 08 Apr 2021 09:20:08 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
x-github-request-id: 5F5C:8090:731853:7FA2CE:606ECAE0
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With
content-type: text/html; charset=utf-8
location: https://avatars.githubusercontent.com/u/11442954?s=32&v=4
cache-control: no-cache
x-content-type-options: nosniff
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com secured-user-images.githubusercontent.com/ *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker-3f088aa2.js gist.github.com/socket-worker-3f088aa2.js
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 127
x-xss-protection: 0

GET
H2

200

5092332?s=32&v=4
avatars.githubusercontent.com/u/
Redirect Chain

https://github.com/msmbaldwin.png?size=32
https://avatars.githubusercontent.com/u/5092332?s=32&v=4

883 B
1 KB

50ms
15ms

Image
image/jpeg

185.199.108.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars.githubusercontent.com/u/5092332?s=32&v=4

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-133.github.com

Software

Resource Hash

d8b310346be355b8344f3e5bf4cdb209644792c0b9ab06c2cde3020f0d97c3a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 91a278a38b6abb26c392ad403b1ca215553b7c19
content-security-policy: default-src 'none'
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT
x-cache-hits: 1
vary: Authorization,Accept-Encoding
content-length: 883
x-xss-protection: 1; mode=block
x-served-by: cache-ams21028-AMS
last-modified: Wed, 11 Feb 2015 20:10:25 GMT
x-github-request-id: 650E:574E:9384DA:A252B3:60499B40
x-timer: S1617873633.957318,VS0,VE1
x-frame-options: deny
date: Thu, 08 Apr 2021 09:20:32 GMT
source-age: 2437025
strict-transport-security: max-age=31557600
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
etag: "8c3a7ab937bc2268b4697ecaf0b77a687e9cbc73651d8660ab624abf09b9b01d"
accept-ranges: bytes
timing-allow-origin: https://github.com
expires: Thu, 08 Apr 2021 09:25:32 GMT

Redirect headers

date: Thu, 08 Apr 2021 09:20:05 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
x-github-request-id: 5F5C:8090:731853:7FA2CF:606ECAE0
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With
content-type: text/html; charset=utf-8
location: https://avatars.githubusercontent.com/u/5092332?s=32&v=4
cache-control: no-cache
x-content-type-options: nosniff
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com secured-user-images.githubusercontent.com/ *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker-3f088aa2.js gist.github.com/socket-worker-3f088aa2.js
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 126
x-xss-protection: 0

GET
H2 200 toc.json
docs.microsoft.com/en-us/defender-for-identity/ 8 KB
3 KB 158ms
158ms Fetch
application/json 2a02:26f0:6c00:29b::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/en-us/defender-for-identity/toc.json

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/e6a01691.index-docs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29b::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6988cf25e4e6ecb21c664a195f14763e3b7cd1da33f013cea3caf00315b324df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length: 2181
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-rendering-stack: Static
last-modified: Sun, 04 Apr 2021 17:14:19 GMT
x-datacenter: eus
x-frame-options: SAMEORIGIN
date: Thu, 08 Apr 2021 09:20:32 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/json
cache-control: public, max-age=600
etag: "0x8D8F78D1544CD3A"
akamai-cache-status: RefreshHit from child, RefreshHit from parent
request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
expires: Thu, 08 Apr 2021 09:30:32 GMT

GET
H2

200

toc.json
docs.microsoft.com/en-us/defender-for-identity/bread/
Redirect Chain

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/bread/toc.json
https://docs.microsoft.com/en-us/defender-for-identity/bread/toc.json

884 B
1 KB

193ms
193ms

Fetch
application/json

2a02:26f0:6c00:29b::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/en-us/defender-for-identity/bread/toc.json

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29b::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

384ad0dba941f9cef51d1549c693136c1c2d19b8adac2238888e2d6a7f8ee934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length: 446
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-rendering-stack: Static
last-modified: Wed, 17 Mar 2021 13:22:18 GMT
x-datacenter: wus
x-frame-options: SAMEORIGIN
date: Thu, 08 Apr 2021 09:20:33 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/json
cache-control: public, max-age=600
etag: "0x8D8E947B0713B74"
akamai-cache-status: RefreshHit from child
request-context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires: Thu, 08 Apr 2021 09:30:33 GMT

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
x-datacenter: eus
date: Thu, 08 Apr 2021 09:20:32 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
location: /en-us/defender-for-identity/bread/toc.json
cache-control: public, max-age=600
x-ua-compatible: IE=edge
akamai-cache-status: Miss from child
request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 08 Apr 2021 09:30:32 GMT

GET
DATA 200
OK data:truncated
data:truncated 193 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fb59b19860d20c40569c44f5cca62c7d101017ac2509997ed0c6f96ced1164c

Request headers

Origin: https://docs.microsoft.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 docons.4e395743.woff2
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 12 KB
13 KB 25ms
25ms Font
application/font-woff2 2a02:26f0:6c00:29b::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/docons.4e395743.woff2

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/c4620546.site-ltr.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29b::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a88fc84d3d42504ba43305645bc1e77e11cbc7179b561efd5cde499848b16763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://docs.microsoft.com
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/c4620546.site-ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length: 12364
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 05 Apr 2021 22:07:29 GMT
x-datacenter: eus
date: Thu, 08 Apr 2021 09:20:32 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/font-woff2
cache-control: public, max-age=432839
etag: "0x8D8F87F345E3824"
akamai-cache-status: Hit from child
request-context: appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
expires: Tue, 13 Apr 2021 09:34:31 GMT

GET
H2 200 SegoeUI-Roman-VF_web.woff2
docs.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/ 116 KB
116 KB 19ms
19ms Font
application/octet-stream 2a02:26f0:6c00:29b::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/SegoeUI-Roman-VF_web.woff2

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/c4620546.site-ltr.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29b::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

63c12051016796d92bcf4bc20b4881057475e6dfa4937c29c9e16054814ab47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://docs.microsoft.com
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/c4620546.site-ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-md5: vKlyGNyjyxXOAoTLy0UokA==
content-length: 118288
etag: 0x8D8B8210FE8D1A9
x-ms-lease-status: unlocked
last-modified: Thu, 14 Jan 2021 00:12:21 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date: Thu, 08 Apr 2021 09:20:32 GMT
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 44a036ef-401e-00a0-2389-ed00f4000000
cache-control: max-age=24630068
x-ms-version: 2009-09-19
akamai-cache-status: Hit from child
expires: Tue, 18 Jan 2022 11:01:40 GMT

GET
H2 200 latest.woff2
docs.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/ 27 KB
28 KB 11ms
11ms Font
application/octet-stream 2a02:26f0:6c00:29b::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/latest.woff2

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/c4620546.site-ltr.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29b::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://docs.microsoft.com
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/c4620546.site-ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-md5: KDXuKBsHfKiscoVwIAfIlA==
content-length: 27624
etag: 0x8D86BD35C93CDB0
x-ms-lease-status: unlocked
last-modified: Thu, 08 Oct 2020 21:44:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date: Thu, 08 Apr 2021 09:20:32 GMT
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 1eca5dcd-401e-0089-6b24-ae76b6000000
cache-control: max-age=17659784
x-ms-version: 2009-09-19
akamai-cache-status: Hit from child
expires: Fri, 29 Oct 2021 18:50:16 GMT

GET
H/1.1 200
OK t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-04-08T09%3A20%3A32.891Z%27&os=%27Windows%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%2734e3465e-b914-4c8e-8fc4-1cf1bf7aec2b%... Show response
web.vortex.data.microsoft.com/collect/v1/ 281 B
966 B 147ms
33ms Script
application/javascript 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-04-08T09%3A20%3A32.891Z%27&os=%27Windows%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%2734e3465e-b914-4c8e-8fc4-1cf1bf7aec2b%27&-pageName=%2752af70b6-86d4-5dd4-0c17-d4e0a5f6e0ed%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%23user-and-group-membership-reconnaissance-samr-external-id-2021%27&-market=%27en-us%27&-pageType=%27conceptual%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22author%22%3A%22dcurwin%22%2C%22depotname%22%3A%22MSDN.ATPDocs%22%2C%22document_version_independent_id%22%3A%2263d594b0-4656-1938-98da-da5494321df9%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Fd9691d0972b0f7f79c2353cc63f4af3c8639239e%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22manager%22%3A%22dcurwin%22%2C%22pgauth%22%3A%22dacurwin%22%2C%22collection%22%3A%22M365-security-compliance%22%2C%22date%22%3A%2212%2F23%2F2020%22%2C%22pgsrvcs%22%3A%22microsoft-defender-for-identity%22%2C%22suite%22%3A%22ems%22%2C%22pgtop%22%3A%22tutorial%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Flive%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22publishtime%22%3A%222021-04-05%2011%3A51%20AM%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Microsoft%20Defender%20for%20Identity%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-userConsent=true&$mscomCookies=false

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/static/third-party/jsll/4.3.4/jsll-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c4559aecd138bcd63c0ae0d431c9d8461de670c5093c58c63b868a406d07d02c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 09:20:32 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: DdCYbscox0a76mImDWTneQ.0
Content-Type: application/javascript
Content-Length: 281
Expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/e6a01691.index-docs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 5863
date: Thu, 08 Apr 2021 07:42:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 08 Apr 2021 09:42:49 GMT

GET
H2 200 lux.js?id=409849828 Show response
cdn.speedcurve.com/js/ 21 KB
7 KB 72ms
26ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=409849828
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/e6a01691.index-docs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: d17ef692b6787b1e88fa7ec9b42240f18bbc25cb615658bb464df2ef6f07c9a6

Request headers

Origin: https://docs.microsoft.com
Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:20:32 GMT
via: 1.1 vegur, 1.1 varnish
age: 2308
x-cache: HIT
x-cache-hits: 86
content-encoding: gzip
content-length: 6821
x-served-by: cache-hhn4037-HHN
last-modified: Thu, 08 Apr 2021 08:42:04 GMT
server: Apache
x-timer: S1617873633.951721,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Apr 2021 08:42:04 GMT

GET
H2 200 cd99660205c0.js?lv=1 Show response
w.usabilla.com/ Frame 2D03 53 KB
13 KB 97ms
32ms Script
text/javascript 52.31.179.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/cd99660205c0.js?lv=1
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/defender-for-identity/reconnaissance-alerts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.179.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-179-168.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d3c86eda70098d94f2ac05cb9fa3d7ba7ab3516ab1a88eb872eb7c4462d2bcc8

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 09:20:33 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "82851ac40341ba9d385a97606e39e5ef"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 12673

POST
H3-Q050 200 collect?v=1&_v=j89&aip=1&a=1943746542&t=pageview&_s=1&dl=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts&ul=en-us&de=UTF-8&dt=Microsoft%20Defender%20for%20I... Show response
www.google-analytics.com/j/ 4 B
391 B 65ms
13ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=1943746542&t=pageview&_s=1&dl=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts&ul=en-us&de=UTF-8&dt=Microsoft%20Defender%20for%20Identity%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1321441020&gjid=1393091291&cid=1131100832.1617873633&tid=UA-62780441-21&_gid=1205717917.1617873633&_r=1&_slc=1&cd2=off&cd3=Conceptual&z=1850023626

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 09:20:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://docs.microsoft.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-62780441-21&cid=1131100832.1617873633&jid=1321441020&gjid=1393091291&_gid=1205717917.1617873633&_u=YEBAAEAAAAAAAC~&z=1988003798 Show response
stats.g.doubleclick.net/j/ 1 B
444 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-62780441-21&cid=1131100832.1617873633&jid=1321441020&gjid=1393091291&_gid=1205717917.1617873633&_u=YEBAAEAAAAAAAC~&z=1988003798

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Apr 2021 09:20:33 GMT
content-type: text/plain
access-control-allow-origin: https://docs.microsoft.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t.js?ver=%272.1%27&name=%27Ms.Webi.ContentUpdate%27&time=%272021-04-08T09%3A20%3A33.094Z%27&os=%27Windows%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%2734e3465e-b914-4c8e-8fc4-1cf1bf7a... Show response
web.vortex.data.microsoft.com/collect/v1/ 45 B
407 B 33ms
33ms Script
application/javascript 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.ContentUpdate%27&time=%272021-04-08T09%3A20%3A33.094Z%27&os=%27Windows%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%2734e3465e-b914-4c8e-8fc4-1cf1bf7aec2b%27&-pageName=%2752af70b6-86d4-5dd4-0c17-d4e0a5f6e0ed%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%23user-and-group-membership-reconnaissance-samr-external-id-2021%27&-market=%27en-us%27&-pageTags=%27%7B%22author%22%3A%22dcurwin%22%2C%22depotname%22%3A%22MSDN.ATPDocs%22%2C%22document_version_independent_id%22%3A%2263d594b0-4656-1938-98da-da5494321df9%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Fd9691d0972b0f7f79c2353cc63f4af3c8639239e%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22manager%22%3A%22dcurwin%22%2C%22pgauth%22%3A%22dacurwin%22%2C%22collection%22%3A%22M365-security-compliance%22%2C%22date%22%3A%2212%2F23%2F2020%22%2C%22pgsrvcs%22%3A%22microsoft-defender-for-identity%22%2C%22suite%22%3A%22ems%22%2C%22pgtop%22%3A%22tutorial%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Flive%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22publishtime%22%3A%222021-04-05%2011%3A51%20AM%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%2C%22timing%22%3A%22%7B%5C%22first-paint%5C%22%3A1986.9450004771352%2C%5C%22first-contentful-paint%5C%22%3A1986.9450004771352%2C%5C%22navigationStart%5C%22%3A1617873630939%2C%5C%22unloadEventStart%5C%22%3A0%2C%5C%22unloadEventEnd%5C%22%3A0%2C%5C%22redirectStart%5C%22%3A0%2C%5C%22redirectEnd%5C%22%3A0%2C%5C%22fetchStart%5C%22%3A1617873632260%2C%5C%22domainLookupStart%5C%22%3A1617873632260%2C%5C%22domainLookupEnd%5C%22%3A1617873632260%2C%5C%22connectStart%5C%22%3A1617873632260%2C%5C%22connectEnd%5C%22%3A1617873632260%2C%5C%22secureConnectionStart%5C%22%3A0%2C%5C%22requestStart%5C%22%3A1617873632261%2C%5C%22responseStart%5C%22%3A1617873632554%2C%5C%22responseEnd%5C%22%3A1617873632564%2C%5C%22domLoading%5C%22%3A1617873632558%2C%5C%22domInteractive%5C%22%3A1617873632744%2C%5C%22domContentLoadedEventStart%5C%22%3A1617873632744%2C%5C%22domContentLoadedEventEnd%5C%22%3A1617873632910%2C%5C%22domComplete%5C%22%3A1617873633041%2C%5C%22loadEventStart%5C%22%3A1617873633041%2C%5C%22loadEventEnd%5C%22%3A1617873633041%7D%22%7D%27&-pageHeight=10348&-vpHeight=1200&-vpWidth=1600&-behavior=0&-vScrollOffset=7460&-hScrollOffset=0&-contentVer=%272.0%27&-content=%27%5B%5D%27&*baseType=%27Ms.Content.ContentUpdate%27&*title=%27Microsoft%20Defender%20for%20Identity%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs%27&*cookieEnabled=true&*isJs=true&*isDomComplete=true&*isLoggedIn=false&*pageLoadTime=2102&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-msfpc=%27GUID%3Dd66c0303512a4daf9f8b9324f5d3210a%26HASH%3Dd66c%26LV%3D202104%26V%3D4%26LU%3D1617873633013%27&ext-javascript-userConsent=true&$mscomCookies=false

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/static/third-party/jsll/4.3.4/jsll-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 09:20:32 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: L/5dwR4iekq/PTVuvx8iyw.0
Content-Type: application/javascript
Content-Length: 45
Expires: 0

GET
H2

200

c.gif?DI=4050&did=1&t=&CtsSyncId=0A8B4C8E0D0649549AD38971AE3F3089&MUID=21E0C691E7E164C81341D682E3E16284
c1.microsoft.com/
Redirect Chain

https://c1.microsoft.com/c.gif?DI=4050&did=1&t=
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=0A8B4C8E0D0649549AD38971AE3F3089&RedC=c1.microsoft.com&MXFR=21E0C691E7E164C81341D682E3E16284
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=0A8B4C8E0D0649549AD38971AE3F3089&MUID=21E0C691E7E164C81341D682E3E16284

42 B
262 B

29ms
29ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=0A8B4C8E0D0649549AD38971AE3F3089&MUID=21E0C691E7E164C81341D682E3E16284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 09:20:33 GMT
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "506f5bd17ad71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 08 Apr 2021 09:20:33 GMT
x-msedge-ref: Ref A: 4BD9653783614C83980CB2048AF7ED33 Ref B: FRAEDGE1319 Ref C: 2021-04-08T09:20:33Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=0A8B4C8E0D0649549AD38971AE3F3089&MUID=21E0C691E7E164C81341D682E3E16284
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK t.js?ver=%272.1%27&name=%27Ms.Webi.ContentUpdate%27&time=%272021-04-08T09%3A20%3A33.570Z%27&os=%27Windows%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%2734e3465e-b914-4c8e-8fc4-1cf1bf7a... Show response
web.vortex.data.microsoft.com/collect/v1/ 45 B
407 B 33ms
33ms Script
application/javascript 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.ContentUpdate%27&time=%272021-04-08T09%3A20%3A33.570Z%27&os=%27Windows%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%2734e3465e-b914-4c8e-8fc4-1cf1bf7aec2b%27&-pageName=%2752af70b6-86d4-5dd4-0c17-d4e0a5f6e0ed%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdefender-for-identity%2Freconnaissance-alerts%23user-and-group-membership-reconnaissance-samr-external-id-2021%27&-market=%27en-us%27&-pageTags=%27%7B%22author%22%3A%22dcurwin%22%2C%22depotname%22%3A%22MSDN.ATPDocs%22%2C%22document_version_independent_id%22%3A%2263d594b0-4656-1938-98da-da5494321df9%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Fd9691d0972b0f7f79c2353cc63f4af3c8639239e%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22manager%22%3A%22dcurwin%22%2C%22pgauth%22%3A%22dacurwin%22%2C%22collection%22%3A%22M365-security-compliance%22%2C%22date%22%3A%2212%2F23%2F2020%22%2C%22pgsrvcs%22%3A%22microsoft-defender-for-identity%22%2C%22suite%22%3A%22ems%22%2C%22pgtop%22%3A%22tutorial%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Flive%2FATPDocs%2Freconnaissance-alerts.md%22%2C%22publishtime%22%3A%222021-04-05%2011%3A51%20AM%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%7D%27&-pageHeight=10348&-vpHeight=1200&-vpWidth=1600&-actionType=%27S%27&-behavior=0&-vScrollOffset=7460&-hScrollOffset=0&-contentVer=%272.0%27&-content=%27%5B%5D%27&*baseType=%27Ms.Content.ContentUpdate%27&*title=%27Microsoft%20Defender%20for%20Identity%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs%27&*cookieEnabled=true&*isJs=true&*isDomComplete=false&*isLoggedIn=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-msfpc=%27GUID%3Dd66c0303512a4daf9f8b9324f5d3210a%26HASH%3Dd66c%26LV%3D202104%26V%3D4%26LU%3D1617873633013%27&ext-javascript-userConsent=true&ext-user-localId=%27t%3A21E0C691E7E164C81341D682E3E16284%27&$mscomCookies=false

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/static/third-party/jsll/4.3.4/jsll-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 09:20:33 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: V1cRbjr+CEqaUIeGHGw3ng.0
Content-Type: application/javascript
Content-Length: 45
Expires: 0

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
docs.microsoft.com/	1970-01-20 02:10:09	Name: MSFPC Value: GUID=d66c0303512a4daf9f8b9324f5d3210a&HASH=d66c&LV=202104&V=4&LU=1617873633013
.microsoft.com/	1970-01-20 02:10:09	Name: MC1 Value: GUID=d66c0303512a4daf9f8b9324f5d3210a&HASH=d66c&LV=202104&V=4&LU=1617873633013
docs.microsoft.com/	1970-01-19 17:24:35	Name: lux_uid Value: 161787363298811588
.docs.microsoft.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: e11145e197c6f01e002a4d98ef13f29c7257988fe3b830b46359ccbc96d662ce
.microsoft.com/	1970-01-19 17:24:35	Name: MS0 Value: 254ce64e4534415d941b56c0866763bf
.microsoft.com/	1970-01-19 17:24:33	Name: _gat Value: 1
.microsoft.com/	1970-01-20 02:10:09	Name: _ga Value: GA1.2.1131100832.1617873633
.microsoft.com/	1970-01-19 17:26:00	Name: _gid Value: GA1.2.1205717917.1617873633
.docs.microsoft.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: e11145e197c6f01e002a4d98ef13f29c7257988fe3b830b46359ccbc96d662ce
.microsoft.com/	1970-01-19 17:26:00	Name: MSCC Value: NR
docs.microsoft.com/en-us/defender-for-identity	1970-01-19 17:24:33	Name: original_req_url Value: https://docs.microsoft.com/en-us/defender-for-identity/atp-reconnaissance-alerts

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aka.ms
avatars.githubusercontent.com
c.bing.com
c1.microsoft.com
cdn.speedcurve.com
docs.microsoft.com
github.com
js.monitor.azure.com
stats.g.doubleclick.net
w.usabilla.com
wcpstatic.microsoft.com
web.vortex.data.microsoft.com
www.google-analytics.com
140.82.121.3
151.101.114.217
185.199.108.133
23.211.149.25
2620:1ec:29::19
2620:1ec:c11::200
2a00:1450:4001:813::200e
2a00:1450:400c:c1b::9d
2a02:26f0:6c00:29b::353e
40.77.226.250
52.142.114.2
52.31.179.168
2d0b92b1d2fce763f8bd451518617e4e3154a16ff62e03e8e3fa858ce7b216bf
2fb59b19860d20c40569c44f5cca62c7d101017ac2509997ed0c6f96ced1164c
384ad0dba941f9cef51d1549c693136c1c2d19b8adac2238888e2d6a7f8ee934
589303ca15fba4fe95432dbb456ff614d0f2ad12d99f8671f0443a7f0cf48dff
63c12051016796d92bcf4bc20b4881057475e6dfa4937c29c9e16054814ab47d
6988cf25e4e6ecb21c664a195f14763e3b7cd1da33f013cea3caf00315b324df
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8aa1dc6925eae0e2fe988565c5d516e9c434de842e00651af76f0cf669f887f1
919dca34db91911735f214ed2cff5e08f37459d94a364afb3df187baf1f77aff
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e22171ee92d512b0cbc341a91a7a3d3de8695a02217bd3d63f7c04096440a94
a88fc84d3d42504ba43305645bc1e77e11cbc7179b561efd5cde499848b16763
a90f82e335987ace1c58512038d5305e15db5c6e9ab4d56aa0166ac9068166a8
aa7dd71eebadc1039eea7308114eae927fb442b27d701a670db43c5da5b551f2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3724bb570b85fcabe6dc497f945cd6eff6c77fea4083e776d1e17b8acd858f1
b5999a851d1a42ab4d079bb742761ecaf51b1244478b6c1214b27445148ec1f9
c4559aecd138bcd63c0ae0d431c9d8461de670c5093c58c63b868a406d07d02c
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
d17ef692b6787b1e88fa7ec9b42240f18bbc25cb615658bb464df2ef6f07c9a6
d3c86eda70098d94f2ac05cb9fa3d7ba7ab3516ab1a88eb872eb7c4462d2bcc8
d8b310346be355b8344f3e5bf4cdb209644792c0b9ab06c2cde3020f0d97c3a7
e09044b6ebd184c1d93a36955554801e3dd0de45902957ae758f11d38a7e90aa
e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

docs.microsoft.com urlscan Pro 2a02:26f0:6c00:29b::353e

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

42 %IPv6

10 Domains

13 Subdomains

10 IPs

4 Countries

779 kBTransfer

3114 kBSize

11 Cookies

14 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

docs.microsoft.com
urlscan Pro

2a02:26f0:6c00:29b::353e

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

13
Subdomains

10
IPs

4
Countries

779 kB
Transfer

3114 kB
Size

11
Cookies

25 HTTP transactions
1 data transactions